Our new Indie Games subforum is now open for business in G&T. Go and check it out, you might land a code for a free game. If you're developing an indie game and want to post about it, follow these directions. If you don't, he'll break your legs! Hahaha! Seriously though.
Our rules have been updated and given their own forum. Go and look at them! They are nice, and there may be new ones that you didn't know about! Hooray for rules! Hooray for The System! Hooray for Conforming!

Tenacious Malware issue

GermsrosolinoGermsrosolino Registered User
Hey guys, been a while since I've posted anything (been deployed overseas for the army), but I need a little help with a buddy's computer. He had some malware on there, and I used a manual install of malwarebytes to purge the system of it, then we ran some more scans with MBAM and Spybot, until nothing more was found. So that's all fine and dandy. The issue is that he still can't access internet on the computer. I've checked to make sure there were no changes to the DNS settings and that it's not running through a proxy. I've reset his internet settings, cleared temp files associated with internet, and even did a full uninstall and reinstall of his browsers. Still no go. Anyone have any ideas what could cause it? Something I missed? Please and thank you.

Posts

  • stigweardstigweard Registered User regular
    Make sure there are no proxy settings left in the browser that shouldn't be there- reset the browser settings to default, and verify the lmhosts file. Check out the size of tcpip.sys. If it isn't the correct size he most likely has some variant of zero access. You should also check for rootkits as mbam doesn't do a very good job with them. For the former, you can substitute the correct file from another computer with the same operating system, or you can try doing a system restore to a point before the malware appeared (hard to know in some cases). Be sure to check out the thread in this forum for better instructions.

  • TL DRTL DR Registered User regular
    Yeah, check IE's LAN/Proxy settings and also the etc/hosts file to make sure there are no weird entries.

    Also, run TDSSkiller from Kaspersky. It will take care of the issue if you're dealing with a rootkit.

    eokNV.jpg
  • GermsrosolinoGermsrosolino Registered User
    no rootkits found. not seeing any proxy settings in there, tcpip.sys file looks normal. dammit. this is rather annoying. also, he doesn't have any system restore points, because people around here don't take care of their computers.... at all.

  • TychoCelchuuuTychoCelchuuu ___________PIGEON _________San Diego, CA Registered User regular
  • electricitylikesmeelectricitylikesme Registered User regular
    At this point I'd say if you can, you should just format and reinstall. Backup data files only, and do that. If you consider that he might do internet banking on their or something at some point, then you'll never be entirely sure that you got it all.

    It also has the benefit that you just nuke all these little problems from orbit and start over.

    Dis' wrote: »
    Cancer is when cells stop letting the body mooch off their hard work - clearly a community of like-minded cells should isolate themselves and do the best job each can do, even if the rest of the body collapses!
  • GermsrosolinoGermsrosolino Registered User
    i actually told him that was the next step, just thought i'd check with you guys, in case i missed something. thanks for all your help

Sign In or Register to comment.