Jump to content

Recommended Posts

I installed malwarebytes from your site as something had hijacked my browser search bar. Since running a scan and quarantining all suggestions I can no longer connect to the Internet at all. What the he'll is going on please. I thought that this software would be able to tell what it should and should not remove?.

Link to post
Share on other sites

  • Replies 60
  • Created
  • Last Reply

Top Posters In This Topic

I have just restored ALL quarantined items, and now have internet access again. What did I do wrong please? Why did this so totally wreck my connection?

Having just said that I now have access again, that doesn't seem to be entirely the case. Chrome is behaving strangely now, loading some things, and not others. I am going to uninstall it and try a re-install

 

Edited by oOGhostOo
Link to post
Share on other sites

Hello oOGhostOo and welcome to Malwarebytes,

Can you post the log from Malwarebytes showing the problem entries:

Open Malwarebytes, select > Reports > then checkmark (tick) most recent "Scan Report" entry > then select "View Report" > "Export" > Text File (*.txt) name and save that file to Desktop or somewhere of your choice, attach to your reply...

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Thank you,

Kevin....

 

Link to post
Share on other sites

It would be very useful if you could point me to resources that can tell me how I should be using this software to protect myself from malicious stuff, and the type of things that I should quarantine, as I have no clue, and assumed that it would intelligently know what to quarantine itself. Also this Search module issue is bothering me. I have removed it fro my machine, or at least thought I had, but it just now tried to re insert itself into google chrome extensions, although thankfully chrome informed me of this and i removed it again. At least I hope I did. It also had previously put itself in Edge, and although I don't normally use edge I had to just once, and there it was!

thanks Kevin

 

Edited by oOGhostOo
Link to post
Share on other sites

It would seem Proxygate software has been installed on your system, that may have came bundled with free software you may have installed. That software is malicious and will hijack your internet connection and divert through its own servers. Malwarebytes has identified and removed that software and all associated files, folders registry entries etc etc...

Unfortunately your internet connection was boken as part of the removal process.. Continue with the following:

Download and unzip DNSJumper to your Desktop, the tool is portable no installation necessary.

Tool can be downloaded here: http://www.sordum.org/downloads/?dns-jumper
 
  • Right click on Dnsjumper.exe and select "Run as Administrator" to start the tool, For XP just double click to run.
  • rom the left hand pane select "Flush DNS"
  • From the main interface select the dropdown under "Choose a DNS Server"
  • From the list select either "Google Public DNS" or "Open DNS"
  • From the left hand pane select "Apply DNS"


When done re-boot your system....

Next,

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.
 
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7/8/10, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.



Next,

Open Malwarebytes, select > "settings" > "protection tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes deal with any found entries... Then select "Export Summary" then "Text File (*.txt)" name that log and save , you can copy or attach that to your reply...

Let me see those logs in your reply...

Thank you,

Kevin...

Link to post
Share on other sites

Follow the instructions in the order listed, I want to try and preserve your internet connection before we get to running Malwarebytes again. Proxygate is a nasty program that is using your connection for its own devices. If you run Malwarebytes first the connection will be boken again.....

Link to post
Share on other sites

I have followed the first step, and am now getting a message from my sip saying

 

You are seeing this page because you are using a BT service that requires the use of BT DNA Servers and it pay as you are attempting to connect using a DNS server outside of our network. Our BT web protect and BT parental controls services both require the use of our BT DNS to keep you safe online. 

You may have selected a different server in your network settings or installed an application that uses an alternative service.

Link to post
Share on other sites

No, I changed to Google us server, but BT runs BT web protect on this connection, my parents use it, so now I can't get into the web again from my PC without turning it off. Not sure if I log in and turn it off from my phone if it will affect my parents protection too.

Edited by oOGhostOo
Link to post
Share on other sites

Ok. I have logged into bt and turned off web protect so i can get this done, but they will go mental at me if they find out i have done this, so once i have resolved my issues i need to get back on the bt dns server and turn it back on again. I know bt are stuff, but its not my choice to make unfortunately 

Link to post
Share on other sites

Ok change back to original settings, this is your IP address 192.168.1.254 the problem is going to be trying to remove Proxygate software....

To use DNS jumper select "Backed up DNS" from drop down under "Choose a DNS server" As nothing is backed up all boxes are empty. Put 192.168.1.254 in the first boxes, leave other boxes empty then select Apply DNS... reboot.

Can you navigate here: C:\Program Files (X86)\Proxygate Does this show in proxygate folder uninsOOO.exe if so double click and see if proxygate uninstalls...?

Edited by kevinf80
Link to post
Share on other sites

I don't even know what Avast is? I do know those entries were not in my hosts file this morning though??

Sorry, just realised it's my antivirus. Had a catastrophic failure of my PC this week due to the people that sold me it hadn't updated BIOS drivers etc, so when I installed new memory it all went wrong. Had to do a fresh install of windows 10 creators update on to a new SSD I just bought. Only re-installed anti virus today

 

Edited by oOGhostOo
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.