problems connecting to server

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by mastermiaow, Mar 19, 2015.

  1. mastermiaow

    mastermiaow Private First Class

    Hi

    I am not sure if my problem is malware but I ran a search on 'server' and malware removal came up.
    Since today I am no longer able to use my outlook 2003 , despite deleting and reinputting IMAP settings. The message is 'unable to connect to server'. Now I have tried to install AVG Internet Security and the message has come up 'connection failed, this application requires internet connectivity'. I am confused as I am still able to surf the web etc but certain things don't seem to be working..
    I uninstalled comodo firewall today and have been using windows defender and firewall today and that is the only thing that has changed which might be the cause of the problem (I have tried to install comodo internet security but was told that comodo firewall was still on the system and it can't install :confused..)

    Many thanks
    Matthew
     
    mastermiaow, Mar 19, 2015
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    TimW, Mar 19, 2015
    #2
  3. mastermiaow

    mastermiaow Private First Class

    OK will do and get back to you. Seems like the problem has also affected malwarebytes update and avira update, latter as per below:
    10:45:19 [UPD] [INFO] Checking whether newer files are available.
    10:45:19 [UPD] [INFO] Select update server 'http://77.109.171.162/update'.
    10:45:19 [UPD] [INFO] Downloading of 'http://77.109.171.162/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
    10:45:42 [UPDLIB] [ERROR] Download manager: Connection failed while downloading the file http://77.109.171.162/update/idx/master.idx
    10:45:42 [UPD] [INFO] Select update server 'http://77.109.171.186/update'.
    10:45:42 [UPD] [INFO] Downloading of 'http://77.109.171.186/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
    10:46:03 [UPDLIB] [ERROR] Download manager: Connection failed while downloading the file http://77.109.171.186/update/idx/master.idx
    10:46:03 [UPD] [INFO] Select update server 'http://89.105.213.26/update'.
    10:46:03 [UPD] [INFO] Downloading of 'http://89.105.213.26/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
    10:46:24 [UPDLIB] [ERROR] Download manager: Connection failed while downloading the file http://89.105.213.26/update/idx/master.idx
    10:46:24 [UPD] [INFO] Select update server 'http://89.105.213.25/update'.
    10:46:24 [UPD] [INFO] Downloading of 'http://89.105.213.25/update/idx/master.idx' to 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
    10:46:45 [UPDLIB] [ERROR] Download manager: Connection failed while downloading the file http://89.105.213.25/update/idx/master.idx
    10:46:45 [UPDLIB] [ERROR] No other server, update aborted
    10:46:45 [UPD] [ERROR] Generation of update structure failed. UpdateLib delivers error 537.
     
    mastermiaow, Mar 20, 2015
    #3
  4. mastermiaow

    mastermiaow Private First Class

    I am posting the logs. I didn't have to disable User account as it wasn't set up.
    I uninstalled Avira and remnants of Comodo firewall. At the moment I just have Windows Firewall and IObit advanced system PRO v.8.
    I screwed up on Hitman pro, just pressed Next - the delete options were there by default and I don't recall seeing a drop down arrow. I know this is seriously annoying for you :-o but I hope there is a way round if it is a problem - perhaps by system restore?
    Outlook is still not connecting to the server :cry

    Thanks for your help
     

    Attached Files:

    mastermiaow, Mar 20, 2015
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I am not finding any additional malware. You need to rerun MBAM and have it fix all that it found.

    Also rerun RogueKiller and fix this item:
    Code:
    ¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \\Updater21804.exe -- C:\Users\Matthew\AppData\Local\Updater21804\Updater21804.exe (/extensionid=21804 /extensionname="Coupon Companion Plugin" /chromeid=jneaojaoiajhnemidnjhoempalnidbhj) -> Found
    Download OTM by Old Timer and save it to your Desktop.


    • Run OTM.exe by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).
    • Paste the following code under the [​IMG] area. Do not include the word Code.


    Code:
    
:files
C:\Users\Matthew\AppData\Local\Avg2015
C:\Users\Matthew\AppData\Local\Comodo
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
C:\Users\Matthew\AppData\Local\Temp\*.*

:Commands
[Reboot]

    • Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.
    • Push the large [​IMG] button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • Copy everything in the Results window (under the green bar), and paste it in your next reply.


    Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach this log file to your next message.

    I will probably have to send you to the software forum for further assistance.
     
    TimW, Mar 20, 2015
    #5
  6. mastermiaow

    mastermiaow Private First Class

    OK thanks for this and will action. The printer is no longer being recognised and I have tried diagnose and repair to no avail. So I think the server problem and printer port problem could be connected...
     
    mastermiaow, Mar 20, 2015
    #6
  7. mastermiaow

    mastermiaow Private First Class

    Rogue killer

    HI Tim

    I have rerun but cannot find the item you mention. What tab was it under? I can only find one under processes which relates to explore.exe (id. 3856)
     
    mastermiaow, Mar 20, 2015
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It's under Tasks. Rerun RogueKiller and attach the new log. It may have been removed.
     
    TimW, Mar 20, 2015
    #8
  9. mastermiaow

    mastermiaow Private First Class

    Hi Tim

    Here are requested logs. I ran malwarebytes. When I ran Roguekiller it said I needed an update but the version I have 10.5.5.0 seems to be the latest one and the download didn't make any difference. I have attached relevant OTM logs.
    I also ran CC cleaner a couple of times including registry cleaner. Outlook is still not working but printer is back.

    Many thanks again

    Matthew
     

    Attached Files:

    mastermiaow, Mar 22, 2015
    #9
  10. mastermiaow

    mastermiaow Private First Class

    Also RogueKiller didn't find the file you mentioned under Tasks - there was nothing there.
     
    mastermiaow, Mar 22, 2015
    #10
  11. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Looks like the malware is removed. I suggest you post in the software forum for issues with Outlook.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now go to the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    7. If you are running Win 8, Win 7, Vista, Windows XP or Windows ME, do the below to flush restore points:
      • Refer to the instructions for your WIndows version in this link: Disable And Enable System Restore
      • What we want you to do is to first disable System Restore to flush restore points some of which could be infected.
      • Then we want you to Enable System Restore to create a new clean Restore Point.

    8. After doing the above, you should work thru the below link:

     
    TimW, Mar 22, 2015
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds