Windows 7: Loses internet, looks classic, among other things

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by juacala, Apr 23, 2013.

  1. juacala

    juacala Private E-2

    Hello,

    My laptop seems to have a malware problem similar to this thread:
    http://forums.majorgeeks.com/showthread.php?t=67566

    Same symptoms, no internet, classic theme, among other things. In that case, he ended up formatting his drives using RAID to fix the problems; I'd rather try to track the problem down (and I don't have RAID). I've gone through the Read and Run Me First guide. It still seems to be having issues.

    Some background. Last night I noticed that Microsoft Office wouldn't start anymore, complaining about some kind of licensing issue (it's a valid product though). I have Microsoft Security Essentials, and full scans say the computer is clean.

    My computer has been running slow for a couple of months, which might mean it's a longer term issue.

    I'm attaching all of the logs from my scans.
     

    Attached Files:

    juacala, Apr 23, 2013
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Yealt version 1.0 <--- is this something you deliberately installed?

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    • R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true
    • R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true
    • R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.searchamong.com/?source=64020400f00960c0ef04052547b134b3
    • R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true
    • R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.searchamong.com/searchview.php?source=64020400f00960c0ef04052547b134b3&query={searchTerms}&cat=webs&bar=true

    After clicking Fix exit HJT.



    Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.
    • Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
    • Now select the Start Repairs tab.
    • The click the Start button.
    • Create a System Restore point if prompted.
    • On the next screen, click the Unselect All button to first deselect all repairs.
    • Now select the following repair options:
      • Reset Registry Permissions
      • Reset File Permissions
      • Register System Files
      • Repair WMI
      • Repair Windows Firewall
      • Remove Policies Set By Infections
      • Repair Winsock & DNS Cache
      • Repair Proxy Settings
      • Repair Windows Updates
      • Set Windows Services To Default Startup
    • Now on the lower right side check the box to Restart/Shutdown System When Finished
    • Then make sure the Restart System radio button is enabled.
    • Shutdown any other programs that you are running now before continuing.
    • Now click the Start button.
    • Be patient while the tool repairs the selected items.
    • It should reboot automatically when finished.

    After reboot, check to see if your firewall is working.


    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.

    Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
     
    Kestrel13!, Apr 24, 2013
    #2
  3. juacala

    juacala Private E-2

    Thanks Kestrel13!

    I really appreciate you looking at this for me.

    I didn't purposefully install yealt. Not sure how it made it on there.

    This morning, the computer wouldn't boot into windows anymore, so I had to reinstall; I won't be able to try any of the changes that you had listed, which is unfortunate. I'm sorry you spent the time on it. I was hoping to figure this out (at least for future people with the same problem).

    I really do appreciate your help though!
     
    juacala, Apr 25, 2013
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You are most welcome, safe surfing! :)
     
    Kestrel13!, Apr 26, 2013
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds