Howdy!
I am helping a friend get his computer back up and running and found issues with both I.E. and Chrome while using their search bars. If I type in a full URL, it will go to that site, but any search or partial comes back with “cannot display the page”.
Avast found Win32:Evo-gen [susp] and successfully quarantined it. Next scan was clean.
MBAM found no threats on either quick or full scan.
Downloaded OTL and ran as directed in the “Logs to assist in cleaning malware” thread.
Tried to start this post on the infected computer, and neither I.E. or Chrome will show the verification window to allow me to attach the txt files or even make the post - from that computer.
I don’t want to drop the files on a USB stick and put them on this computer, for fear of moving the virus over unintentionally.
Tried to start this post on the infected computer, and neither I.E. or Chrome will show the verification window to allow me to attach the txt files or even make the post - from that computer.
If able to, you can zip the logs and upload to a fileshare site and give link here…
Another option is to install MCShield on clean computer and transfer file on USB stick ? … anyway essexboy is online so wait for his advice
On the host computer install the following programme to scan and clean (if necessary ) the USB drive
Download MCShield to your desktop and install
It will initially run a scan and show the result as a toaster by the system clock
Then in the control centre select scanner and tick unhide items on flash drives
I installed McShield on the clean machine, scanned the USB media, copied the txt files that are attached below from the infected computer, and McShield scanned the USB media again when I plugged it in to this computer.
I have attached both the before and after scans from MBAM.
It’s a friends computer, and I believe that he had subscribed to and installed Norton, but did not renew when the subscription expired. I don’t know about the McAfee. I have not uninstalled anything as of yet.
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
[]Right-mouse click JRT.exe and select “Run as Administrator” the tool will open and start scanning your system
[]please be patient as this can take a while to complete depending on your system’s specifications
[]On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
[]post the contents of JRT.txt into your next message.
I used the tools above to finish removing McAfee and Norton, but I’m still having search issues. I am also getting errors when I try to update Windows, or run MrFixit.
It appears that I’m being blocked from using the yahoo search engine, google search, and google.com. I did try ixquick and was able to complete searches just fine. If I try the same search from the address bar or search box in either Chrome or I.E., I get :
hxxp://www.google.ca/search?q=cast+boolits&oq=cast+boolits&sourceid=chrome&espv=210&es_sm=93&ie=UTF-8
This webpage is not available
-in Chrome
or :
[i]Internet Explorer cannot display the webpage
Most likely causes:
You are not connected to the Internet.
The website is encountering problems.
There might be a typing error in the address.
An error was noted in the TCPIP file so I would like to investigate that further
Download and Install Combofix
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks
ComboFix log is attached.
I still cannot get any results from the standard search tools in either I.E. or Chrome. If I type in the full URL in the address bar, it takes me right to the requested page - except www.google.com. That takes me to the “This webpage is not available” screen, in Chrome - or “the address is not valid” in I.E.
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Still have the same issues.
I have 2 other computers accessing the router, and neither one has any issues. One is connected via cat5 and the other wirelessly. The one we are working on is connected via cat5.