Overclock.net › Forums › Software, Programming and Coding › Networking & Security › No Internet access after fake AV removal
New Posts  All Forums:Forum Nav:

No Internet access after fake AV removal

post #1 of 80
Thread Starter 
Computer is a Toshiba Satellite L350, running Vista Home Premium 32-bit.

It had been infected by a fake anti-virus, Vista Internet Security 2011.

http://www.overclock.net/networking-...emove-any.html

Based on this guide, I ran Secured2K, which cleared the infection, then had to download fixNCR.reg from BleepingComputer so that I could access .exe files.

Then I ran ComboFix, just to make sure it was clean.

The machine connects to networks, and says it can access the internet, but it can't. This occurs via wireless or Ethernet. Apparently, Windows Live Messenger works, but Firefox, Chrome, and IE don't. Tried all the things on BleepingComputer, and still no luck.

Chrome says the server refused the connection. And there are DHCPNACK events in Event Viewer.

How should I go about fixing this?
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
post #2 of 80
Reset IE to remove any proxy settings in IE, 90% of the fake av's i have to remove install proxies...in IE
Daily Driver
(18 items)
 
  
CPUMotherboardGraphicsGraphics
Intel Core i7 3930K ASUS RAMPAGE EXTREME IV PNY GTX 470  PNY GTX 470  
RAMHard DriveHard DriveOptical Drive
1GGB (3 x4GB) Corsair Dominator GT 2300 MHZ Corsair Force GT  Western Digital Caviar Black  LG BD-ROM 
CoolingCoolingCoolingOS
Corsair H100 CPU AIO ARCTIC COOLING Accelero XTREME Plus II  ARCTIC COOLING Accelero XTREME Plus II  Windows 7 Ultimate 64 bit 
MonitorPowerCaseMouse
Dell U2711 Corsair AX1200 Coolermaster HAF 932 Black Edition Logitech G9X 
Mouse PadAudio
Roketfish Gaming Pad AUDIO ENGINE A5+ 2 
  hide details  
Reply
Daily Driver
(18 items)
 
  
CPUMotherboardGraphicsGraphics
Intel Core i7 3930K ASUS RAMPAGE EXTREME IV PNY GTX 470  PNY GTX 470  
RAMHard DriveHard DriveOptical Drive
1GGB (3 x4GB) Corsair Dominator GT 2300 MHZ Corsair Force GT  Western Digital Caviar Black  LG BD-ROM 
CoolingCoolingCoolingOS
Corsair H100 CPU AIO ARCTIC COOLING Accelero XTREME Plus II  ARCTIC COOLING Accelero XTREME Plus II  Windows 7 Ultimate 64 bit 
MonitorPowerCaseMouse
Dell U2711 Corsair AX1200 Coolermaster HAF 932 Black Edition Logitech G9X 
Mouse PadAudio
Roketfish Gaming Pad AUDIO ENGINE A5+ 2 
  hide details  
Reply
post #3 of 80
Internet options?
post #4 of 80
Thread Starter 
OK, I'm talking to the laptop owner right now... can you give me a step by step guide to reset the IE proxy settings?
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
post #5 of 80
Reformat?
X79-GCN
(22 items)
 
  
CPUMotherboardGraphicsRAM
Intel 3930K 4.5GHz HT GIGABYTE GA-X79-UP4 AMD R9-290X GEil Evo Potenza DDR3 2400MHz CL10 (4x4GB) 
Hard DriveCoolingCoolingCooling
Samsung 840 Pro 120GB EK Supremacy (CPU) NF F12's P/P (360 Rad)  NF A14's (420 Rad)  
CoolingCoolingCoolingCooling
XSPC Chrome Compression Fittings EK RES X3 150 Primochill PremoFlex Advanced LRT Clear 1/2 ID EK-FC (R9 290X) 
CoolingCoolingCoolingOS
EK D5 Vario Top-X  Phobya G-Changer V2 360mm Phobya G-Changer V2 420mm Win 10 x64 Pro 
MonitorKeyboardPowerCase
BenQ XR3501 35" Curved Corsair Vengeance K90 Seasonic X-1250 Gold (v2) Corsair 900D 
MouseAudio
Logitech G400s Senn HD 598 
  hide details  
Reply
X79-GCN
(22 items)
 
  
CPUMotherboardGraphicsRAM
Intel 3930K 4.5GHz HT GIGABYTE GA-X79-UP4 AMD R9-290X GEil Evo Potenza DDR3 2400MHz CL10 (4x4GB) 
Hard DriveCoolingCoolingCooling
Samsung 840 Pro 120GB EK Supremacy (CPU) NF F12's P/P (360 Rad)  NF A14's (420 Rad)  
CoolingCoolingCoolingCooling
XSPC Chrome Compression Fittings EK RES X3 150 Primochill PremoFlex Advanced LRT Clear 1/2 ID EK-FC (R9 290X) 
CoolingCoolingCoolingOS
EK D5 Vario Top-X  Phobya G-Changer V2 360mm Phobya G-Changer V2 420mm Win 10 x64 Pro 
MonitorKeyboardPowerCase
BenQ XR3501 35" Curved Corsair Vengeance K90 Seasonic X-1250 Gold (v2) Corsair 900D 
MouseAudio
Logitech G400s Senn HD 598 
  hide details  
Reply
post #6 of 80
Start>Control Panel>Internet Options>Connections>LAN Settings

Uncheck proxy settings.
post #7 of 80
Thread Starter 
I will reinstall but she has a lot of software I'd have to reinstall and a lot of files to backup, and I really would rather do it in another way.

Just explaining the proxy thing to her.

EDIT: No, Proxy thing is unticked already. However, in the same window, Automatically Detect Settings was unticked as well (on my machine it's ticked). However that doesn't seem to have fixed it.
Edited by Markeh - 5/9/11 at 11:43am
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
post #8 of 80
have you tried advanced windows care. and malware bytes yet ?
    
CPUMotherboardGraphicsRAM
Intel I7 2600k Asus p8p67-Deluxe Zotac GTX780 6GB OC G-skill Ripjaws 1866 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 840 EVO 250 Samsung EVO 120 Western Digital 1TB Black Lite On 20x DVD RW 
CoolingOSOSOS
XSPC RayStorm + 360Extreme Rad Arch Linux Windows 8.1 x64 WindowsRE 
MonitorKeyboardPowerCase
Asus PB278Q ThermalTake Meka G1 Evga SuperNova 1000 P2 Xigmatek Elysium 
MouseMouse PadAudio
Logitec G500 Gaming Mouse Ultra Pad Fiio E-17 + ATH-M50 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel I7 2600k Asus p8p67-Deluxe Zotac GTX780 6GB OC G-skill Ripjaws 1866 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 840 EVO 250 Samsung EVO 120 Western Digital 1TB Black Lite On 20x DVD RW 
CoolingOSOSOS
XSPC RayStorm + 360Extreme Rad Arch Linux Windows 8.1 x64 WindowsRE 
MonitorKeyboardPowerCase
Asus PB278Q ThermalTake Meka G1 Evga SuperNova 1000 P2 Xigmatek Elysium 
MouseMouse PadAudio
Logitec G500 Gaming Mouse Ultra Pad Fiio E-17 + ATH-M50 
  hide details  
Reply
post #9 of 80
Thread Starter 
No, but I think the infection is gone. I will run a MalwareBytes, if I can. Can't do it now, don't get the laptop back till tomorrow.
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
post #10 of 80
uninstall wireless card, reboot, widows should find the drivers.
bestiam
(14 items)
 
  
CPUMotherboardGraphicsRAM
i7 920@4.0 x58a ud5 GTX Titan 3*2 xms3 corsair 
Hard DriveCoolingOSMonitor
Samsung 840 PRO Koolance 380i 7 ultimate 64 bit Toshiba 42'' tv 
PowerCase
corsair 850hx Corsair 800D 
  hide details  
Reply
bestiam
(14 items)
 
  
CPUMotherboardGraphicsRAM
i7 920@4.0 x58a ud5 GTX Titan 3*2 xms3 corsair 
Hard DriveCoolingOSMonitor
Samsung 840 PRO Koolance 380i 7 ultimate 64 bit Toshiba 42'' tv 
PowerCase
corsair 850hx Corsair 800D 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › No Internet access after fake AV removal