I have a malware problem. It's called shell.exe.
Everytime I load a webpage, my Kaspersky antivirus pop-up blocker says it blocks something caused by shell.
I even downloaded Malwarebytes - and scanned and waited for it to find the problem. It did. It deleted it. But also my ability to use firefox and internet explorer.
I had to restore some of the deleted items.
I managed to get back online, but I don't know what to do now. its 4:48AM and I can't get rid of it :'(
:'( I HAVE A MALWARE PROBLEM
Moderator: Moderators
-
Goat
- Site Supporter
- Posts: 24999
- Joined: Fri Jul 21, 2006 6:09 pm
- Has thanked: 25 times
- Been thanked: 207 times
Re: :'( I HAVE A MALWARE PROBLEM
Post #2Here is some instructionsDarias wrote:I have a malware problem. It's called shell.exe.
Everytime I load a webpage, my Kaspersky antivirus pop-up blocker says it blocks something caused by shell.
I even downloaded Malwarebytes - and scanned and waited for it to find the problem. It did. It deleted it. But also my ability to use firefox and internet explorer.
I had to restore some of the deleted items.
I managed to get back online, but I don't know what to do now. its 4:48AM and I can't get rid of it :'(
from http://forums.techguy.org/windows-vista ... virus.html
Malware will often change LAN settings and configure proxy settings by "tunneling" traffic through a certain port (e.g. Local address: 127.0.0.1 Port: 5555).
Open Internet Explorer. Click Tools > Internet Options > Connections > LAN settings > Proxy server > Advanced > delete proxy server settings > click OK > uncheck all boxes > click OK.
In Firefox, click Tools > Options... > General > Advanced > Network > Settings > delete proxy settings > select No proxy > click OK.
__________________
“What do you think science is? There is nothing magical about science. It is simply a systematic way for carefully and thoroughly observing nature and using consistent logic to evaluate results. So which part of that exactly do you disagree with? Do you disagree with being thorough? Using careful observation? Being systematic? Or using consistent logic?�
Steven Novella
Steven Novella
Re: :'( I HAVE A MALWARE PROBLEM
Post #3Goat wrote:Here is some instructionsDarias wrote:I have a malware problem. It's called shell.exe.
Everytime I load a webpage, my Kaspersky antivirus pop-up blocker says it blocks something caused by shell.
I even downloaded Malwarebytes - and scanned and waited for it to find the problem. It did. It deleted it. But also my ability to use firefox and internet explorer.
I had to restore some of the deleted items.
I managed to get back online, but I don't know what to do now. its 4:48AM and I can't get rid of it :'(
from http://forums.techguy.org/windows-vista ... virus.html
Malware will often change LAN settings and configure proxy settings by "tunneling" traffic through a certain port (e.g. Local address: 127.0.0.1 Port: 5555).
Open Internet Explorer. Click Tools > Internet Options > Connections > LAN settings > Proxy server > Advanced > delete proxy server settings > click OK > uncheck all boxes > click OK.
In Firefox, click Tools > Options... > General > Advanced > Network > Settings > delete proxy settings > select No proxy > click OK.
__________________
Hey thanks a million. I ran Malwarebytes again and deleted all infected files and then turned off the proxies for Firefox and IE.
I'm not computer illiterate, but I'm not sure what the proxies were for in the first place? :/
Anyways, no more pop-ups and viruses!
yay!-
Goat
- Site Supporter
- Posts: 24999
- Joined: Fri Jul 21, 2006 6:09 pm
- Has thanked: 25 times
- Been thanked: 207 times
Re: :'( I HAVE A MALWARE PROBLEM
Post #4Proxies are 'DNS SERVERS' that are not local, so the web browser uses those servers rather than the locally defined ones for your ISP. They can control what traffic you see, and can get connections into your computer, since you connect to them first.Darias wrote:Goat wrote:Here is some instructionsDarias wrote:I have a malware problem. It's called shell.exe.
Everytime I load a webpage, my Kaspersky antivirus pop-up blocker says it blocks something caused by shell.
I even downloaded Malwarebytes - and scanned and waited for it to find the problem. It did. It deleted it. But also my ability to use firefox and internet explorer.
I had to restore some of the deleted items.
I managed to get back online, but I don't know what to do now. its 4:48AM and I can't get rid of it :'(
from http://forums.techguy.org/windows-vista ... virus.html
Malware will often change LAN settings and configure proxy settings by "tunneling" traffic through a certain port (e.g. Local address: 127.0.0.1 Port: 5555).
Open Internet Explorer. Click Tools > Internet Options > Connections > LAN settings > Proxy server > Advanced > delete proxy server settings > click OK > uncheck all boxes > click OK.
In Firefox, click Tools > Options... > General > Advanced > Network > Settings > delete proxy settings > select No proxy > click OK.
__________________
Hey thanks a million. I ran Malwarebytes again and deleted all infected files and then turned off the proxies for Firefox and IE.
I'm not computer illiterate, but I'm not sure what the proxies were for in the first place? :/
Anyways, no more pop-ups and viruses!
Since you connect to them first, they can reinfect your computer.
“What do you think science is? There is nothing magical about science. It is simply a systematic way for carefully and thoroughly observing nature and using consistent logic to evaluate results. So which part of that exactly do you disagree with? Do you disagree with being thorough? Using careful observation? Being systematic? Or using consistent logic?�
Steven Novella
Steven Novella
