In Desperate Need of Assistance

Discussion in 'Malware Help (A Specialist Will Reply)' started by Drift King, Apr 11, 2009.

  1. Drift King

    Drift King Private E-2

    Hello,

    I am having Internet issues after doing Windows Update on my Windows 2000 on March 28. I did not install any updates prior to upgrading it to SP4. But on March 28, I guess I had nothing better to do, so I decided to do the 77 updates that I got after clicking the Express option on the Windows update website. After doing the update, I found that my Internet wasn't working properly. I would get a lot of "Page cannot be displayed" messages on really common sites, such as Yahoo, Facebook, or Google. In order to get to the website that I want, I would need to hit refresh a lot or wait for a minute then try again. Then, the website would load. Otherwise, I would get that "Page Cannot Be Displayed" page. I would like to emphasize that prior to the Windows Update, I had NO problems whatsoever with the Internet. As I am connected via router to another computer, I checked the other computer's Internet capability, and there are no problems there. Only with this computer, I'm having problems. I have already tried posting on the Software forum and the Networking forum about 2-3 weeks ago, but no one has answered my postings. I'm trying here now.

    I have tried resetting the Winsock, using that Winsock XP Fix program. That didn't work. I tried resetting it manually using the Netsh command. That didn't work either.

    I decided to run the Malware programs, as suggested on the ReadMe. It seems that there are some stuff in there. After SuperAntiSpyware was finished scanning, I pressed next to remove/quarantine the stuff that it found. As it finished doing that, I got the following popup from Microsoft Visual C++ Runtime Library:

    "Runtime Error!

    Program: C:\Program Files\SuperAntiSpyware\SuperAntiSpyware.exe

    R6025
    - pure virtual function call"

    I have no idea what that was, but I hit ok. It did not prompt me to reboot the computer though.

    After I finished running all the scans and restarting, my Internet is still not working properly. I have attached the scans for review. PLEASE HELP!! If you require any other detail, I will be glad to provide it.
     

    Attached Files:

    Drift King, Apr 11, 2009
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It looks like you managed to download almost every rogue program out there.

    I strongly advise you to cleanup your Desktop. Remove everything but links to run programs. Do not download and save programs here and definitely do not use it for long term storage. You need to keep ComboFix.exe here for now as we need it, but we will be removing it when we are finished with your cleanup. A cluttered Desktop is malware's playground and it can also cause performance degradation especially when you start saving large files here like you are doing.

    I suggest you run CCLeaner --> both the cleaner and the registry (making sure you do the backup when prompted).

    Open SAS and go to the preferences tab...repairs...see if that will get you reconnected.

    You are not showing any malware in your logs. Did you try direct connecting thru the router or modem?
     
    TimW, Apr 13, 2009
    #2
  3. Drift King

    Drift King Private E-2

    Hi TimW,

    I have essentially cleared out most of my stuff on the desktop, and I have run Ccleaner (the cleaner only, not the registry). I'm not quite sure what boxes needs to be checked in terms of the Registry stuff. Should all the boxes be checked? I hope you understand that I don't want to re-start my computer to find that, because I tampered with the Registry stuff, I no longer have a working Windows, even if the stuff has been backed up.

    I'm not quite sure what you mean by direct connecting to the router/modem. I currently have High-Speed Internet. Essentially, everything is connected to the other computer in another room. A cord runs up from that room and is plugged into my computer. That's how I get my Internet. It's always been like this, and I have never had problems, until I did the Windows update.

    As for doing the SAS repairs, I actually just did that before you mentioned anything about it. However, after re-booting the computer, I'm still getting those DNS errors. I have to hit refresh or wait for a short period before I can get to the intended website.

    Hopefully, you can give me further advice. Thanks!
     
    Drift King, Apr 13, 2009
    #3
  4. Drift King

    Drift King Private E-2

    Just to add one more thing... maybe it'll help diagnose the problem.

    I went on Event Viewer, under Administrative Tools on the Control Panel. Since the time I updated my computer, I've been getting a lot of Warnings regarding the Dnscache. The Event Number is 11050. When I click open the warning, this is what it says in its description (copied and pasted):

    The DNS Client service could not contact any DNS servers for a repeated number of attempts. For the next 30 seconds the DNS Client service will not use the network to avoid further network performance problems. It will resume its normal behavior after that. If this problem persists, verify your TCP/IP configuration, specifically check that you have a preferred (and possibly an alternate) DNS server configured. If the problem continues, verify network conditions to these DNS servers or contact your network administrator.

    What does this mean? Prior to the update, I have rarely, if ever, gotten this message. However, since the update, I have gotten it everyday. I hope this information is helpful to you experts.
     
    Drift King, Apr 13, 2009
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    This is something you need to pursue in the networking forum.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

      • Delete the C:\combofix folder from combofix (if it exists)

    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    8. After doing the above, you should work thru the below link:

     
    TimW, Apr 14, 2009
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds