1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Problems with IP config and internet

Discussion in 'Virus & Other Malware Removal' started by skittlezpwn43, Nov 15, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    I have a problem with internet connectivity.
    PLEASE READ!!!
    I am running on a dell computer (cannot give specs right now, i'm in school)
    Not only does my computer not connect to my router, (other devices, such as iPad, iPod do,) i also cannot run the "ipconfig" function in the Command Prompt. Doings so outputs a message that says:
    THere is a history to what i believe caused the problem, here is the story:

    • Discovered google redirect virus, which directed me to famoussearchsystem.com and coolsearchsystem.com
    • Ran Malwarebyte's Anti-Malware scan. Log:

    • rebooted computer as directed, upon startup, got Blue screen with code "IQRL_NOT_LESS_OR_EQUAL"
    • began windows in safe mode with command prompt, started explorer.exe, ran another malwarebytes scan. Log:
    • Restarted windows
    • windows logged on succesfully
    • Internet worked, but google redirect virus still there.
    • Attempted system restore, didn't work
    • Ran another malwarebytes scan. Log:

    • Restarted Computer, everything seemed fine
    • Could not connect to internet. I was not getting ANY ip information.
    • I used the IP info on my ipod/ipad to input the same thing manually into the TCP/IP section of the properties for my adapter, did not work.
    • Tried ipconfig, and this is where i believe the problem is.
    Sorry for the long post, thank you for reading.
     
  2. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    Also, what exactly is a Backdoor.0Access virus?
     
  3. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
  4. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,056
    Please click on Report and kindly ask to be moved to the Virus & Other Malware Removal forum. Be sure to provide the appropriate reports in that forum after reading THIS. From there, be patient. The malware removal experts are very busy! You should get an answer within the next 48 hours.
     
  5. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    Ok. Here are the logs.

    HijackThis:
    DDS:
    GMER scan:
    (see attachment.)

    I would first like to thank you in advance, and i really do appreaciate your service.
    I would also, however like to ask if this problem could be looked at relatively quickly. I have several reports/projects coming up for school, and if i do not get my computer fixed/internet back, i could be in a real hole. Thank you. My main problem can be found at the top of this post.
     

    Attached Files:

  6. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    bump...
    I know it hasn't been long but i have a report due this coming Tuesday... I really need my internet fixed fast!
     
  7. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,645
    Download the tools needed to a flash drive or other removable media, and transfer them to the infected computer.

    ***************************************************

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    --------------------------------------------------------------------

    With malware infections being as they are today, it's strongly recommended to have the Windows Recovery Console pre-installed on your machine before doing any malware removal.

    The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.


    Go to Microsoft's website => http://support.microsoft.com/kb/310994

    Scroll down to Step 1, and select the download that's appropriate for your Operating System. Download the file & save it as it's originally named.

    Note: If you have SP3, use the SP2 package.


    ---------------------------------------------------------------------

    Transfer all files you just downloaded, to the desktop of the infected computer.

    --------------------------------------------------------------------


    Disable your anti-Virus and anti-spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.


    [​IMG]

    • Drag the setup package onto ComboFix.exe and drop it.
    • Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.


      [​IMG]
    • At the next prompt, click 'Yes' to run the full ComboFix scan.
    • When the tool is finished, it will produce a report for you.
    Please post the C:\ComboFix.txt in your next reply.
     
  8. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    Thank you for your help!
    i already have the Windows recover console installed (i tried a fix with it.)
    I have the comboFix running right now. It's on attempting to create restore point (after the files were copied.)
    Should i uninstall the recovery console i had on the computer? (i got it from the SP3 Pro install disc i found in the house.)

    EDIT: it says rootkit activity was found, and it needs to reboot, so i'm doing it now...
    I should have the log up by 11:30-11:45 EST.
     
  9. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    I believe this infection was caused my a torrent. My sister desperately wanted to see the new Winnie the Pooh movie, so she downloaded BitTorrent onto my computer. ironically enough, i believe the movie torrent was the cause of the infection.

    Needless to say, i ran the combofix scan, the computer logged on and my internet connection was restored
    I disconnected from the wireless as to prevent another Backdoor.0access virus from downloading even more stuff do my computer.
    Here is the ComboFix log:


     
  10. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,645
    Yes, it was undoubtedly the torrent download that introduced the infection. I hope that you will uninstall the torrent application as I'm sure you've learned a lesson from this experience.

    Before proceeding, I just wanted to ask you if you're receiving help elsewhere so we dont' duplicate efforts.
     
  11. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    Yes, the torrent application will be uninstalled after i am done with the uninfection process.
    (That's the last time i let my sister use my computer -.-)

    Currently, i am NOT recieving help from another source, so we can proceed.
     
  12. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,645
    Open Notepad and copy and paste the text in the code box below into it:

    Code:
    Folder::
    c:\windows\$NtUninstallKB11092$
    
    RegNull::
    [HKEY_USERS\S-1-5-21-3876382765-934903326-3795222865-1013\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{136F2399-5356-1157-7118-C885526CE18E}*]
    [HKEY_USERS\S-1-5-21-3876382765-934903326-3795222865-1013\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2519885F-CC9F-A193-3FD0-5E3CC0D0840A}*]
    
    RegLockDel::
    [HKEY_USERS\S-1-5-21-3876382765-934903326-3795222865-1013\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2519885F-CC9F-A193-3FD0-5E3CC0D0840A}*]
     
    Save the file to your desktop and name it CFScript.txt

    Referring to the picture below, drag CFScript.txt into ComboFix.exe

    [​IMG]


    This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply together with a new HijackThis log.

    Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.
     
  13. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    Conbofix.txt:
    HijackThis log:
     
  14. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,645
    Please download Malwarebytes' Anti-Malware from Here.

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish, so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the entire report in your next reply.
    Extra Note:

    If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
     
  15. skittlezpwn43

    skittlezpwn43 Thread Starter

    Joined:
    Nov 15, 2011
    Messages:
    27
    Sorry for the long reply time. I've been juggling through alot of assignments and i didn't have alot of time to be here.

    Malwarebytes' Anti-Malware log:
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1027042