Overclock.net › Forums › Software, Programming and Coding › Networking & Security › No Internet access after fake AV removal
New Posts  All Forums:Forum Nav:

No Internet access after fake AV removal - Page 4

post #31 of 80
Thread Starter 
Resetting hasn't worked either... she uses Firefox mainly, will that need resetting as well?
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
post #32 of 80
I really think you should just re install the OS. best thing to do after getting a virus.
Main Rig
(15 items)
 
Work Rig
(9 items)
 
 
CPUMotherboardGraphicsRAM
5820k Asus X99 Deluxe MSI GTX980 Ti Gaming/EK GPU Block Corsair 16GB 
Hard DriveCoolingOSMonitor
M4 128GB,C300 128GB, F3 1TB  480mm RAD, 655/top, 250mm RES, EK LX CPU Block windows 7 PRO 64bit Asus PB278Q 
PowerCase
Enermax Platimax 1500W Cosmos S 
CPUMotherboardGraphicsRAM
Core i7 2600k ASUS P8Z77-V MSI GT 610 1GB Corsair 1333mhz 16GB 
Hard DriveCoolingOSPower
Intel 330 60GB Cooler Master Hyper 212 EVO W7 Corsair CX500M 
Case
Cooler Master Elite 334U 
  hide details  
Reply
Main Rig
(15 items)
 
Work Rig
(9 items)
 
 
CPUMotherboardGraphicsRAM
5820k Asus X99 Deluxe MSI GTX980 Ti Gaming/EK GPU Block Corsair 16GB 
Hard DriveCoolingOSMonitor
M4 128GB,C300 128GB, F3 1TB  480mm RAD, 655/top, 250mm RES, EK LX CPU Block windows 7 PRO 64bit Asus PB278Q 
PowerCase
Enermax Platimax 1500W Cosmos S 
CPUMotherboardGraphicsRAM
Core i7 2600k ASUS P8Z77-V MSI GT 610 1GB Corsair 1333mhz 16GB 
Hard DriveCoolingOSPower
Intel 330 60GB Cooler Master Hyper 212 EVO W7 Corsair CX500M 
Case
Cooler Master Elite 334U 
  hide details  
Reply
post #33 of 80
Did you check your HOSTS file for corruption? Windows|System32|Drivers|Etc then delete the HOSTS file and reboot.

This is a common way to hijack your browser
Edited by kmss1 - 5/9/11 at 12:40pm
O.C. Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel 980x Extreme Gigabyte X58A-UD7 (rev 2.0) Gigabyte GTX 460 OC 768 Kingston HyperX 1600Mhz (3x4GB) 
Hard DriveOptical DriveOSMonitor
OCZ Vertex 2 100GB Lite-On Lightscribe 24x Windows 7 Pro x64 Dell 2408wfp 
KeyboardPowerCaseMouse
MS Wireless Laser 6000 v2.0 Corsair Pro AX1200 Gold Cooler Master HAF 922 MS Wireless Laser 6000 
  hide details  
Reply
O.C. Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel 980x Extreme Gigabyte X58A-UD7 (rev 2.0) Gigabyte GTX 460 OC 768 Kingston HyperX 1600Mhz (3x4GB) 
Hard DriveOptical DriveOSMonitor
OCZ Vertex 2 100GB Lite-On Lightscribe 24x Windows 7 Pro x64 Dell 2408wfp 
KeyboardPowerCaseMouse
MS Wireless Laser 6000 v2.0 Corsair Pro AX1200 Gold Cooler Master HAF 922 MS Wireless Laser 6000 
  hide details  
Reply
post #34 of 80
Quote:
Originally Posted by Markeh View Post
It says address not valid when typing 209.85.146.105 into the IE address bar.

I'm going to go ahead with the netsh winsock reset I think.
You need to prefix it with http:// in IE for some odd reason. But otherwise 'netsh winsock reset' should fix it.
#well
(19 items)
 
Lenovo L530
(8 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7 4770k Gigabyte Z87X-UD4H XFX Radeon HD 6950 Corsair CMX8GX3M2A2000C9 
Hard DriveHard DriveOptical DriveCooling
Samsung EVO 840 Hitachi HDS722020ALA330 Generic DVD±RW Burner Noctua NH-D14 
OSMonitorMonitorKeyboard
Windows 8.1 Dell U2711 LG W2453 Ducky DK9008 Overclock.net Edition, Cherry MX B... 
PowerCaseMouseMouse Pad
Corsair TX850 Antec Three Hundred Corsair Raptor M40 QPAD HeatoN M 
AudioAudioAudio
E-MU Tracker|pre Beyerdynamic DT-770 250 Ohm AntLion ModMIc 
CPUGraphicsRAMRAM
Intel Ivy Bridge 3210M Intel HD 4000 Graphics Soldered Corsair Vengeance  
Hard DriveOptical DriveOSMonitor
500GB DVD-+RW Windows 7 Professional 1600x900 
  hide details  
Reply
#well
(19 items)
 
Lenovo L530
(8 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7 4770k Gigabyte Z87X-UD4H XFX Radeon HD 6950 Corsair CMX8GX3M2A2000C9 
Hard DriveHard DriveOptical DriveCooling
Samsung EVO 840 Hitachi HDS722020ALA330 Generic DVD±RW Burner Noctua NH-D14 
OSMonitorMonitorKeyboard
Windows 8.1 Dell U2711 LG W2453 Ducky DK9008 Overclock.net Edition, Cherry MX B... 
PowerCaseMouseMouse Pad
Corsair TX850 Antec Three Hundred Corsair Raptor M40 QPAD HeatoN M 
AudioAudioAudio
E-MU Tracker|pre Beyerdynamic DT-770 250 Ohm AntLion ModMIc 
CPUGraphicsRAMRAM
Intel Ivy Bridge 3210M Intel HD 4000 Graphics Soldered Corsair Vengeance  
Hard DriveOptical DriveOSMonitor
500GB DVD-+RW Windows 7 Professional 1600x900 
  hide details  
Reply
post #35 of 80
Thread Starter 
netsh winsock reset hasn't fixed anything

Hosts file, will try that in a minute.

Will ipconfig /flushdns have any effect?
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
post #36 of 80
Quote:
Originally Posted by driftingforlife View Post
I really think you should just re install the OS. best thing to do after getting a virus.
Reformatting is not always the best thing to do after a virus. You can save a lot of time and heartache by cleaning the virus off and then undoing settings that were changed so you do not have to reload programs or transfer program to another drive and then back to the original drive after the reformat.
post #37 of 80
Flushdns only clears the DNS Resolver cache
O.C. Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel 980x Extreme Gigabyte X58A-UD7 (rev 2.0) Gigabyte GTX 460 OC 768 Kingston HyperX 1600Mhz (3x4GB) 
Hard DriveOptical DriveOSMonitor
OCZ Vertex 2 100GB Lite-On Lightscribe 24x Windows 7 Pro x64 Dell 2408wfp 
KeyboardPowerCaseMouse
MS Wireless Laser 6000 v2.0 Corsair Pro AX1200 Gold Cooler Master HAF 922 MS Wireless Laser 6000 
  hide details  
Reply
O.C. Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel 980x Extreme Gigabyte X58A-UD7 (rev 2.0) Gigabyte GTX 460 OC 768 Kingston HyperX 1600Mhz (3x4GB) 
Hard DriveOptical DriveOSMonitor
OCZ Vertex 2 100GB Lite-On Lightscribe 24x Windows 7 Pro x64 Dell 2408wfp 
KeyboardPowerCaseMouse
MS Wireless Laser 6000 v2.0 Corsair Pro AX1200 Gold Cooler Master HAF 922 MS Wireless Laser 6000 
  hide details  
Reply
post #38 of 80
google redirect virus.

You need to get the following utilities

superanti spyware
Malwarebytes
Combofix (do not run it and save it to desktop as combo-fix)
Spybot search and destroy
And Mgtools

First run Ccleaner and clean your drive and temp folders.
First run Spybot full system scan. When its done go to its options and to the host file option. Click on replace with Spybots entries.
When its done. If it found malware and have to reboot then do so.

When your done now download the other software if you havent got it already.

Mgtools can be found a majorgeeks.com.

Run superanti spyware full scan. When it found malware and have to reboot let it.

Next up malware bytes. Rename mbam.exe to mb.exe and run a full scan when your done and it has to reboot let it do so.

When you reboot and the scan is done please go to start, enter msconfig in the box. Run as admin.
Then services tab, tick hide ms services, then disable all. Startup tab disable everything apply reboot.
Then disable your uac completely and run Combofix. When its done run mgtools. It will re enable uac for you and fix other errors.

When your done and youve found malware. Please go to system restore disable it then re enable it. Reboot go to msconfig then tick the services for your antivirus and its startup item. Reboot update your av and run a full system scan. When your done and its clean you can enable the other services in msconfig
post #39 of 80
Quote:
Originally Posted by Aawa View Post
Reformatting is not always the best thing to do after a virus. You can save a lot of time and heartache by cleaning the virus off and then undoing settings that were changed so you do not have to reload programs or transfer program to another drive and then back to the original drive after the reformat.
After 30 some years in this business Aawa, I would have to disagree with you (respectfully ofcourse). Anytime somebody gets into Trojan/Virus issues you never know the full extent of the corruption (i.e. registry entries, winsock, drivers, etc.) so re-partitioning and reloading is really the preferred method.

Also, often times when you find one Trojan/Virus there are usually multiple issues.
O.C. Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel 980x Extreme Gigabyte X58A-UD7 (rev 2.0) Gigabyte GTX 460 OC 768 Kingston HyperX 1600Mhz (3x4GB) 
Hard DriveOptical DriveOSMonitor
OCZ Vertex 2 100GB Lite-On Lightscribe 24x Windows 7 Pro x64 Dell 2408wfp 
KeyboardPowerCaseMouse
MS Wireless Laser 6000 v2.0 Corsair Pro AX1200 Gold Cooler Master HAF 922 MS Wireless Laser 6000 
  hide details  
Reply
O.C. Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel 980x Extreme Gigabyte X58A-UD7 (rev 2.0) Gigabyte GTX 460 OC 768 Kingston HyperX 1600Mhz (3x4GB) 
Hard DriveOptical DriveOSMonitor
OCZ Vertex 2 100GB Lite-On Lightscribe 24x Windows 7 Pro x64 Dell 2408wfp 
KeyboardPowerCaseMouse
MS Wireless Laser 6000 v2.0 Corsair Pro AX1200 Gold Cooler Master HAF 922 MS Wireless Laser 6000 
  hide details  
Reply
post #40 of 80
Thread Starter 
Hosts file has not worked either. :l Any more suggestions before I tear my hair out?

I am determined not to do a reinstall unless absolutely vital. Surely there's got to be something that can fix this. I will run MalwareBytes tomorrow just to be sure.
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
Misery Business
(20 items)
 
Anklebiters
(5 items)
 
Ignorance
(9 items)
 
CPUGraphicsRAMHard Drive
Intel Core i7-3630QM Nvidia GT640M 2GB 8GB DDR3-1600 Sandisk Plus 240GB 
OS
Windows 10 
CPUGraphicsRAMHard Drive
Pentium Dual-Core T3200 Intel GMA4500MHD 4GB DDR2-667 120GB Kingston V300 SSD 
Optical DriveOSMonitorCase
HL-DT-ST GSA-T50N DVD-RW Windows 8.1 64-bit 15.4" 1280x800 Toshiba Satellite L300D (recased) 
Other
Intel WiFi Link 5100 agn 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › No Internet access after fake AV removal