Question

Locked

virus gone! ...so is internet

By Snuffy09 ·
How do you prevent losing internet functionality after cleaning a virus from an infected computer?

example: I cant count the times that i have cleaned up a computer using malwarebytes, ect. and then have everything work perfect except the internet will not work at all. Other profiles will work but the primary profile wont. you have to copy/delete/rebuild the profile to get things back to normal which is a real pain in the a$$ for a user with a lot of software/settings.

is there a way around this issue?

Thanks!

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

I haven't tried it but...

by Ron K. In reply to virus gone! ...so is inte ...

What about using the Files and Settings Transfer Wizard as the 'old' computer and selecting the applicable settings, copying them to a flash drive or whatever? You could then run the Wizard again as the 'new' computer and restore the Internet settings.

Collapse -

usually...

by ---TK--- In reply to virus gone! ...so is inte ...

its because the virus turns on proxy configurations... From what I have noticed lately...

Collapse -

Download a copy of Autoruns

by seanferd In reply to virus gone! ...so is inte ...

and see what is going on.

What happens is that a proxy is set, or Winsock or some other file is replace by a malware file. When you remove the malware, the bad registry entry is still pointing to the file which is now missing. It needs to be pointed to the correct file, and maybe the file needs to be reinstalled (I haven't had to do that often, though).

It may not be the solution, but I always try Autoruns first, especially because it saves time when removing malware renders the system unbootable, and then you have to boot from a live CD or slave the drive to fix it.

Edit: LOL, I have to fix that same problem tomorrow evening. I'll let you know how I fix it and what malcode caused the problem. (It was a fake antivirus, that's all I know right now.)

Collapse -

Just as ----TK---- stated...

by SmartAceW0LF In reply to virus gone! ...so is inte ...

The hot virus or actually Rogue ANti-Virus is hijacking your Internet in a quite simple way. It sets your Internet options to use a Proxy. Remove the Rogue and you have no access to the Proxy. Easy fix. Go to Tools/Internet Options/Connections/LAN Settings/ then uncheck anything in there that is checked. Try your Internet then. If that fails to fix it, check your hosts file at c:\Windows\system32\drivers\etc\hosts. If that doesnt look out of order, next open an elevated command prompt and type "netsh winsock reset catalog" in the command window. Reboot and try again. One of the above will usually correct the issue. Also, do you use or have Combofix in your repertoire? Try it after mbam.

Collapse -

Excellent.

by seanferd In reply to Just as ----TK---- stated ...

I can never list these types of fixes unless I am actively trying to fix something in person. I really should keep better general documentation for myself.

I'd give a Thumb, if I could. :-bd

Back to Malware Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums