virus shut down services, please help!

Hewlett packard pavillion / Dv 9627d
June 13, 2010 at 01:39:34
Specs: Windows XP
Running windows XP pro using Firefox 3.0 to browse, have AVG 9.0 Free Malwarebytes and Spyware.

A few weeks ago I received a virus that instantly froze my computer and kept giving me millions of popups of random yucky sites. Not sure how I got it, except for the fact that I had just downloaded a DivX codec update for my computer.

Since then, I ran my virus scanners and found two trojans in my Firefox folder, and one in a World of Warcraft folder. I'm pretty good at running a virus scan manually with one of my programs once a week, and my AVG does it for me every Wednesday at noon so they i get the feeling they all piggy backed on something and got in.

Have run multiple scans with each, and I'm pretty sure I got the virus clean out of my computer. However; almost every other time i shut down and turn on my computer the next time I have to go in and manually turn on the DHCP Client and the Wireless Zero Configuration in the services panel from my Control panel even though they are marked as automatic.

Other symptoms:
Cannot steam media in WMP (tells me to check my proxy settings, but other computers in the house are streaming media fine)
cannot upload to youtube, or photobucket
primarily adobe (but a few other programs as well set to automatically search for updates) cannot connect and freeze when the connection fails.

Any help would be great since I really do not want to have to do a complete system restore since the last time I took in my computer to the local comp doctor they turned off my system restore thing that saves dates throughout the month for me to restore too.


See More: virus shut down services, please help!

Report •


#1
June 13, 2010 at 06:43:51
if AVG is not doing the job properly, I would suggest Avast Free:
http://www.filehippo.com/download_a...
Install it and allow it to do a bootscan on reboot, move everything it finds to the chest. You will be amazed what AVG has missed.

If you had Norton or McAfee before you installed AVG, I would suggest you run the uninstallers from their websites or no other anti-virus or firewall will work properly

You should also run
1- Ccleaner Slim (removes all junk files safely)
2- trojan remover
3- hitman pro
and run the last two till they are clean and then you can uninstall them.

The above progs are listed on one page in the red link of my signature for your convenience.

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#2
June 15, 2010 at 01:21:18
Found a trojan AVG missed in my firefox folder. Twice over. Now I uninstalled firefox clean, reinstalled it.

However all of the symptoms remain. Any other ideas?


Report •

#3
June 15, 2010 at 17:17:17
What do the pop up's say?.. (I.E. Antivirus Pro,
Antivirus 2010, etc), and is it only pop up's you're getting (besides not being able to steam in WMP)?..

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

Related Solutions

#4
June 15, 2010 at 23:24:20
No, I really mean nasty pop-ups. If it was one advertising for some junk antivirus I would have had better luck. Just like random porno sites. But those have stopped now. However the streaming media remains. As does the turned off DHCP and Wireless Zero services.

Report •

#5
June 16, 2010 at 01:09:29
• As soon as you suspect that your computer has a virus, remove your computer from any networks it might be on, as well as from the Internet, so that you don't inadvertently spread the bug to others.
• If you have virus-scanning (anti-virus) software installed, run it.
• If you don't have anti-virus software, you'll need to obtain some. If you can't get it from a network administrator or download it from an uninfected computer, you can mail-order it from a retailer.
• Start your computer (still not connected to a network) and follow the instructions that came with the anti-virus software.
• Keep running the virus-scanning software until your computer comes up clean.
• Reconnect your computer to the Internet and check with the anti-virus software's publisher to make sure you have the latest updates. If not, download them now.
• After updating the anti-virus software, run it again until your computer comes up clean.

Kristain Hayes


Report •

#6
June 16, 2010 at 09:01:53
Have you checked the proxy settings for Firefox, by going to Tools > Options > Connections button, and than unticking any box that says to use a proxy server?. (the default settings would be Direct Connection To The Internet or Auto Detect). As for the DHCP service, click Start > Run and tyoe in services.msc , and then look for the DHCP option on the list to see if it's disabled or not.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#7
June 16, 2010 at 11:43:51
Try combofix:
http://www.bleepingcomputer.com/com...
and follow the instuctions carefully.

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#8
June 20, 2010 at 19:19:08
I couldn't check the proxy settings in firefox and then I found that they had been messed with in IE7 but I never use IE. So that was odd, now all of those symptoms are fixed.

However, now I have this new problem of when I google something, it redirects me somewhere when I click on the link. A friend told me to reset my dns by going into CMD and typing "ipconfig /flushdns"

which I did, nothing helped and when I asked it to displaydns it came up with a strange list.

kingsearch.us
feed.blizzclick.com
sunday-traffic.com
freepokerchip.com
xml.titsumedia.com

I've never seen those before. So thats interesting. Could anyone help me manually get rid of anything. Because Avast, AVG, Malwarebytes, and Spybot S&D all come up clean. Help?

I'm hesitant to do combofix by myself. Especially since I've never heard of it.


Report •

#9
June 20, 2010 at 20:23:16
You have that pain in the arse Google Redirect virus.

First things first, disable Javascript in Firefox by going to Tools > Options > Content, and then do the same for Internet Explorer (can't hurt) by going to Tools > Internet Options > Programs > Manage Add-On's and highlight "Java Plugin" and switch it from enabled to disabled. Then, download TDSS Killer from here: http://support.kaspersky.com/viruse...

And see if that works. The main reason you need to switch off Java when you have this virus is that's what it uses as an exploit.

Speaking of your DNS, I could show you how to change your DNS servers if you'd like, as a last result if needed. It's fairly simple.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#10
June 20, 2010 at 22:28:49
Thank you xryanx, that fixed the redirecting problem. I was beginning to feel stupid since I couldn't figure out what I was doing to get redirected. Do you think I need to change my DNS servers? Or do you think I'm okay now? Is that something I need to worry about?

Report •

#11
June 24, 2010 at 20:35:36
Sorry about the very late reply!. I think you're fine now, but, switching to OpenDNS can't hurt.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •


Ask Question