Firefox and IE not loading pages, and Hijacked account

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by daones, Sep 2, 2009.

  1. daones

    daones Private E-2

    A few days ago it first started, i was using steam and after a prompt came up saying i was logged in from another location after trying to reconnect my password was wrong and I then can confirm someone stole my account.. after this and currently, i can only browse the web for a period of time before all webpages stop loading.. I have to reboot for it to work again.. I can also say that in the system monitor i have 4 instances of firefox.exe when this happens, and trying to close them via system monitor does nothing.

    Also i have a 64bit system so im unable to use combofix.
     

    Attached Files:

    daones, Sep 2, 2009
    #1
  2. daones

    daones Private E-2

    just an update I havent had the problem with firefox since running the readme first steps, although if you get a chance look over my reports as im concerned how someone stole my account earlier and just want to ensure my computer is now safe.
     
    daones, Sep 2, 2009
    #2
  3. daones

    daones Private E-2

    i guess i was wrong, i woke up today and again the internet wasnt working, had to reboot for it to start working again, i can confirm its the computer because my other computer works.
     
    daones, Sep 3, 2009
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs are clean. Your issue could be related to the proxy server setting, which you should check and verify that they are right. Or it could be related to ZoneAlarm. In either case, I suggest you post in the software section for further assistance.

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real-time protection. They are useful as backup scanners.They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore ato create a new clean Restore Point.
    8. After doing the above, you should work thru the below link:
     
    TimW, Sep 7, 2009
    #4
  5. daones

    daones Private E-2

    Hello, im not sure that is the case.. I have been having a cluster of problems since my last post and I did not want to bump my post, yesterday I got a message saying unauthorized changes were made to vista and i was asked to enter the product key, i had to restore my system.. Not only that but I am losing clients and money because of my first problem as my main source of income is online.. I can browse the web anywhere from 5-10 minutes after that IE or firefox will not load any pages, my windows control panel will not open, sometimes after i close firefox in the task manager i have 4 instances of firefox.exe... also i am not using a proxy i connect directly to the net.. Yesterday I ran pandascan but it will not finish the scan because of the problem with the internet not working long, but after 45% finished it found over 100 infected files already.
     
    daones, Sep 7, 2009
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your HJT log has this item:
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 94.76.205.113:30003

    Perhaps you should post the log from running the panda scan. And re-run all of the R&R scans again. Make sure to download the latest version of MGTools. MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one. Just run the exe file.
     
    TimW, Sep 12, 2009
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds