Repairs after "System Fix" virus

[chuck462]

Greetings all, its been a while.

My son somehow got the "System Fix" virus on his computer and this thing is nasty. I finally got it removed, and restored the hidden files it modified, however I still have a major issue with it.

He cannot connect to the internet. He currently uses a PCI wireless LAN card:

Newegg.com - EDIMAX EW-7128G Wireless Card IEEE 802.11b/g PCI Up to 54Mbps Wireless Data Rates

I have downloaded and reinstalled the driver for it, it went without a problem. I chose the option to overwrite the existing installation, since it recognized it already being installed. It sees the wireless connection in the house, connects, asks for the security password, I put it in, connects again just fine, but that is it.

I have "local" only. IE comes up with the failed to connect and I go through all the options to repair the connection, and they all fail. I've gone to the device manager, and everything is enabled.

What am I missing? He is running the dreaded Vista (don't kill me) and really hasn't had any problems at all until this virus got in his system.

Make sure the following registry entries have been deleted:

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\USE FORMSUGGEST = Yes
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\CERTIFICATEREVOCATION = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WARNONBADCERTRECVING = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WARNONZONECROSSING = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\3\1601 = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\WINTRUST\TRUST PROVIDERS\SOFTWARE PUBLISHING\STATE = 146944
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\CONTROL\SESSION MANAGER\PENDINGFILERENAMEOPERATIONS = \??\%CommonAppData%\[RANDOM].exe

[chuck462]

Thanks for the reply!

I found those registry entries and deleted them. Rebooted and still it wont connect. Local only.

[glc]

Have you tried a startup repair?

[chuck462]

Quote:

Originally Posted by glc Have you tried a startup repair?

No. And I'm clueless to the details of such a thing....

[glc]

Click me!

[chuck462]

GLC, you rock. Not because I fixed anything, but your sarcastic ways of helping. I LMAO'd when I got that LMGTFY link and felt scolded.

However, I ran the tool, and it was unable to repair, so, I just reformatted and reinstalled. All is good,

Thanks for the ideas everyone, I appreciate the help and knowledge you all possess.

[glc]

Sorry, but I couldn't resist - startup repair is a very important part of Vista that has to be done all too often. It's something that was new to Vista and us old XP and earlier people don't always realize it's there. Among other things, it replaces the "repair reinstall".

I was trying in my sarcastic way to point you in the right direction when you said you were clueless about it.

[chuck462]

Quote:

Originally Posted by glc Sorry, but I couldn't resist - startup repair is a very important part of Vista that has to be done all too often. It's something that was new to Vista and us old XP and earlier people don't always realize it's there. Among other things, it replaces the "repair reinstall". I was trying in my sarcastic way to point you in the right direction when you said you were clueless about it.

I do not like vista, and for some damn reason installed it on his computer when we built it a few years back (4+). It was around the time when MS announced a termination for XP support, so I figured I'd go with what was the future. So, with that, I never got to get familiar with it, and any of its features (start up repair). It actually has been pretty good for his needs, until this virus.

And your sarcasm was well received and appreciated! I had not seen that website before (oddly, even my wife knew about it..) and I really got a kick out of it.

[rjfvillarosa]

Chuck. I know it's a bit late now but I noticed reading through this thread that you were not aware of this tip.

Quote:

Originally Posted by Panama Red Go to Control panel>Internet Options>Connections tab>Lan settings button. You'll probably see the Auto detect is unchecked and the Use Proxy settings is instead checked at the bottom. Uncheck the Proxy and check the Auto detect. That should restore your internet access.

This one of the first things I check now when I am repairing a machine with any kind of virus or malware infection.

[chuck462]

Quote:

Originally Posted by rjfvillarosa Chuck. I know it's a bit late now but I noticed reading through this thread that you were not aware of this tip. This one of the first things I check now when I am repairing a machine with any kind of virus or malware infection.

Thanks! I want to say I checked those prior to my posting while researching the problem. It looks familiar. A friend of mine had me check the host file and when I came across it again i sort of laughed.

But, with the reinstall, I can't verify those settings, but when he gets it again (ugg), I'll keep it in mind.