PCMech Forums

PCMech Forums (http://www.pcmech.com/forum/)
-   Networking & Online Security (http://www.pcmech.com/forum/networking-online-security/)
-   -   Malware removal tip (http://www.pcmech.com/forum/networking-online-security/212488-malware-removal-tip.html)

Panama Red 12-28-2009 09:19 PM
Malware removal tip
 
I've recently run into a couple of maleware symptoms that may help others overcome a couple of issues.
First is the inability to connect to the internet after you run Malwarebytes in Safe Mode w/Networking. Some of these infections have changed the Internet Connection settings. Go to Control panel>Internet Options>Connections tab>Lan settings button. You'll probably see the Auto detect is unchecked and the Use Proxy settings is instead checked at the bottom. Uncheck the Proxy and check the Auto detect. That should restore your internet access.

Today I came across another virus/maleware oriented issue after the system was cleaned. My customer was unable to access their gmail page and any search done with Google (their home page) came up with an empty page. I tried several fixes including installing Firefox and still had the same issue. I used another pc to run a google search for this issue and ran across someone else with the same issue. They had discovered their Hosts file was full of Google sites. This proved to be the same problem on the computer I was trying to fix. A quick check of the Hosts File revealed a long list of Google sites as well as Yahoo! search sites too. So, if you find a computer that has blocked access to only specific sites after you've performed a clean up, check the Hosts File. You may find your desired sites listed there. Remove them from the list, save your changes and you should be good to go.

jdeb 12-28-2009 09:39 PM
Thanks, should sticky that one

David M 12-29-2009 12:41 PM
Thanks Panama. Nice tip.

Iamjosh 12-29-2009 12:43 PM
+1!

great post Panama.

CarlS 01-01-2010 09:03 PM
Thank you, sir; good information

Needtoknow 11-02-2010 02:57 AM
Hey Red,
You're gonna dig this.
I am going to the forums because I adopted a laptop with an ancient TI card and cannot get it to connect or even pretend to connect- a 1510 ti card on a dell 1100, but I hathis trojan on my desktop and I have run maewarebytes in safe mode, redtarted, run it again-run ms essentials- just keep running stuff waiting to come cean.
Get "clean" and cannot connect to the net.
I happen to see your postit about the settings having been changed and they had and I fixed it and sti no uck.
But it kept telling me it couldn't "connect through a proxy server".
I am not, and have never used a proxy on this system.
The Trojan had changed the "proxy" setting to "only use proxy" or something in the LAN settings.
I clicked the box hit apply and was good to go.
Thought it was funny how it fell together.

Thanks, man.

The "L" key on this laptop doesn't work unless struck firmy..?/.,.. firmLy . Geez.

Let's bring them home yesterday.

nkingfit 11-19-2010 09:04 PM
Good post!
 
Thanks. I had the same problem and just fixed it.

CGreen 06-19-2012 07:52 AM
Hi,

Thanks for the tips, but I also have some questions regarding my programs... I got stuck with this virus- Security Shield 2012. It blocked my other programs. Do you know how I can start my other programs again?

Needtoknow 06-19-2012 08:09 AM
That was long ago- I am trying to remember how it went- when you say your "programs" what programs are blocked?
Also, are you doing everything from "safe mode". I remember that nothting took effect unless it had been done in safe mode.
Check your settings and let us know.

RussF 06-20-2012 09:22 AM
Hi,

You can read this to get some general idea about this virus, but I also think that running a any anti-virus program in safe mode should help.

glc 06-20-2012 09:58 AM
The scanner (Spy Hunter) in that link only scans for free, you have to pay to get it to remove it. This is a free legitimate way to remove it:

Removal instructions for Security Shield 2012 - Malwarebytes Forum

CGreen 06-21-2012 02:50 AM
Thanks for your help. I did use some of your pieces of advice, but I had to use some help from a friend, as well. It turned out I can't handle it myself. Anyway, the safe mode thing was very useful and everything is fine now :)

Yorozuya 08-16-2012 10:18 AM
Great post! I had a hard time removing Security Shield myself. Luckily there are many articles available about the topic, what helped my solve my problem is Security Shield removal . But there are others available too. Fortunately it didn't change my networking settings, but I saw many topics about it so I think its possible. Anyway, great guide for those in need...

cmichael258 08-18-2012 08:09 AM
I have encountered 2 instances at work of a virus that changes the status of files/folders to "Hidden". Malwarebytes takes care of the virus but finding and changing the "Hidden" staus individually is a pain.

Does anyone know of a DOS command that will "Unhide" all of them at once?

glc 08-18-2012 12:07 PM
http://www.pcmech.com/forum/networki...em-solved.html

cmichael258 08-18-2012 07:27 PM
Quote:
Originally Posted by glc (Post 1560851)
Thank you!


All times are GMT -5. The time now is 02:30 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.1