Removal of virus has blocked internet. PLEASE PLEASE HELP

Page 10 of 12 FirstFirst ... 89101112 LastLast

  1. ChronicX
    Posts : 70
    Windows 7 Home Premium 64
    Thread Starter
       New #91

    Here is the latest SysLook report.
    Removal of virus has blocked internet. PLEASE PLEASE HELP Attached Files
      My Computer
    Quote Quote

  3. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #92

    Let's give this a whirl...

    Please open Notepad and paste the following text to it:

    Code:
    [HKEY_LOCAL_MACHINE\SOFTWARE\Dyn\Installed]
"PureLeads"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\PureLeads]
    In Notepad, click File > Save as...
    Save the file to the Desktop
    File name: PLfix2.reg
    Make sure the Save as Type field says: All Files
    Next, please go to the Desktop and double-click on PLfix2.reg
    Click Yes to merge it in the Registry.

    Now, please go back to Control Panel > Folder Options
    Select: Show hidden files, folders, and drives
    Uncheck: Hide protected operating system files

    Please search for and remove the following folder:
    C:\Program Files (x86)\PureLead

    The following files:
    C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\plsapp64.lnk

    ...and let's see if we can remove this one:
    C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\plsapp64.dll

    But, you need to open a Command Prompt as Administrator

    At the Command Prompt:
    Type: CD \

    At the C:\ prompt, copy/paste with mouse:
    takeown /f "C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\plsapp64.dll"

    Now, run the cacls command to give yourself full control rights to the file:
    cacls "C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\plsapp64.dll" /G user:F

    The last part of the command needs the user name. I think in your case it is user??

    When done, use SystemLook once gain, and provide the results.
      My Computer
    Quote Quote

  4. ChronicX
    Posts : 70
    Windows 7 Home Premium 64
    Thread Starter
       New #93

    When I tried to merge, this is what popped up.
    Attached Thumbnails Attached Thumbnails Removal of virus has blocked internet. PLEASE PLEASE HELP-plfixnotify.png  
      My Computer
    Quote Quote

  6. ChronicX
    Posts : 70
    Windows 7 Home Premium 64
    Thread Starter
       New #94

    The only one of those files I could find was the last one. The other ones were not able to be located by Windows or manually.
    Attached Thumbnails Attached Thumbnails Removal of virus has blocked internet. PLEASE PLEASE HELP-cmdfinish.png  
      My Computer
    Quote Quote

  7. ChronicX
    Posts : 70
    Windows 7 Home Premium 64
    Thread Starter
       New #95

    Image of file directory and latest syslook results.
    Attached Thumbnails Attached Thumbnails Removal of virus has blocked internet. PLEASE PLEASE HELP-dirpic.png  
      My Computer
    Quote Quote

  8. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #96

    Oooops!!

    Code:
    REGEDIT4
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Dyn\Installed]
"PureLeads"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\PureLeads]
    Brains are dense today! Sorry for the goof!!


    The only one of those files I could find was the last one.
    Which file did you find and remove?

    Please use SystemLook once again, after doing the Registry merge above.

    Thanks!
      My Computer
    Quote Quote

  10. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #97

    @ ChronicX, we see you have run Combofix..... can you find and post the log from
    C:\Qoobox combofix.txt? please. Just copy and paste it in your next reply.
      My Computer
    Quote Quote

  11. ChronicX
    Posts : 70
    Windows 7 Home Premium 64
    Thread Starter
       New #98

    Hey, Cotton, sorry for the silence, real life always gets in the way. I will run the tests now. The image is of the path of the file I thought I'd deleted but as you can see it is still there. I manually deleted it but it's a sticky one apparently. The other files just were flat not located. Hope you are having a great day!
    Attached Thumbnails Attached Thumbnails Removal of virus has blocked internet. PLEASE PLEASE HELP-dirimage.png  
      My Computer
    Quote Quote

  12. ChronicX
    Posts : 70
    Windows 7 Home Premium 64
    Thread Starter
       New #99

    Latest Combofix report.
    Removal of virus has blocked internet. PLEASE PLEASE HELP Attached Files
      My Computer
    Quote Quote

  13. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #100

    Hello, CX!

    Heading for a Doctor's appt. and a few other things in a few minutes, so, will get back here later.

    Please post some new results for SystemLook when you are done.

    Please, do copy and paste them right on this thread, vs. attaching the results. Will be using my tablet while waiting, and it is easier to just look at the results on the tablet.

    Thanks!
      My Computer
    Quote Quote

 
Page 10 of 12 FirstFirst ... 89101112 LastLast

  Related Discussions
Hi, At my office, someone opened a .jar attachment from an e-mail that seems to have used JAVA to make some registry change and it attempted to put in some type of Trojan, but Symantec stopped that. Here is the event viewer info for the block: Log Name: Application Source: ...
Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt. Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and...
Virus Removal
in System Security

My Microsoft Security Essentials keeps alerting me to something called: Name: Exploit:HTML/IframeRef.gen Alert Level: Severe I click remove but sometime later the message pops up again saying to remove. I have clicked remove quite enough times now but still the pop-up appears. I have also...
no internet after virus removal
in Network & Sharing

I removed a virus from my friends e machine net book a week or so ago it was the system tool 2012 virus.it was removed fully and have checked this via AV and malwarebytes etc.but since then the internet always finds wifif points and connects but always says limited connection.problem is he lost his...
After Virus Removal
in System Security

After virus removal, this message has been popping up every time I start the computer. What do I do to restore these two DLL files? Startup repair has done nothing and I don't want to system restore because I just installed tons of drivers.
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 02:04.
Find Us