Solved

No IP after cleaning up FBI Scam

Posted on 2013-10-24
10
510 Views
Last Modified: 2016-11-23
After cleaning up an FBI Scam, I cannot get an IP address to save my life...help!

Also, I cannot turn the Windows Firewall back on.

I've cleaned several computers with this fbi scam, but this has been a chore.

I've got a Dell Inspiron Laptop with Win7 64bit.  

To repair the virus I start with Rogue Killer, then MalwareBytes Rootkit removal (and there were several) then I uninstall any malware on the computer that I can possibly find, remove add ons run MBytes full malware scan and then Ccleaner including the Registry cleaner.

I've disabled 3rd party services and Startup programs.
Tried Safe Mode with Networking
Tried reinstalling Ethernet drivers

What else can I do?

Thanks in advance!

Phil W.
0
Comment
Question by:philw3995
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 8

Expert Comment

by:Bird Dog
ID: 39597139
The last time I removed this virus it ran in safe mode as well. I ended up killing it in safemode by changing the name of process explorer .exe file and shutting the virus down. Then I could remove the virus manually and clean the startup with autoruns.
0
 
LVL 24

Expert Comment

by:aadih
ID: 39597361
FWIW: The few times I removed this virus from friends' PCs were by booting up in safe mode with command prompt and typing rstrui.exe to do system restore to a point before the virus.  Then scanning with MBAM -- just to make sure. Worked each time (except when a system restore point was unavailable).
0
 

Author Comment

by:philw3995
ID: 39599326
On the surface the virus is gone.  I'm not getting an ip address and windows firewall is not working.
0
 

Author Comment

by:philw3995
ID: 39599359
Really surprised with the lack of technicians helping out here.  

Going to restore to factory, as much as I hate to!
0
 
LVL 5

Expert Comment

by:mebaby333
ID: 39600487
The difficult part is there is a risk with running a bajillion fixers.... while they have benefits and I use all of them that you named you run the risk of deleting data that is necessary for system functionality especially when registry keys have been deleted. I would be led to believe this is a possibility.

Restoring is going to be the quickest most efficient and reliable method to get up and running.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 5

Expert Comment

by:mebaby333
ID: 39600757
Microsoft does have a FixIt tool here -> http://support.microsoft.com/fixit/
and it runs through diagnosing the networking issues... it may repair damaged files.

You could also try a scandisk repair - chkdsk /r ran in the administrative command prompt...
0
 

Accepted Solution

by:
philw3995 earned 0 total points
ID: 39601888
I ran the Win7 disc and chose to Upgrade to do a Repair, which actually worked on this computer...haven't had success with that option much, usually says OS is newer than CD.

Anyway, after the upgrade the computer went into repair .Net Framework which I'm assuming was the problem with the Internet and Windows Firewall not working.

I'm thinking, mebaby333's idea of running MS FixIt may have worked.

After, I got it working MS Updates messed up and then reversed the procedure.  I've changed the settings on the Updates and have been installing them two at a time.

Thanks for all of your help!
0
 
LVL 5

Expert Comment

by:mebaby333
ID: 39601934
Glad to hear you got it fixed :)
0
 
LVL 24

Expert Comment

by:aadih
ID: 39602647
Great. You fixed it. :-)
0
 

Author Closing Comment

by:philw3995
ID: 39623810
My solution for Repairing/Upgrading Windows 7 fixed the issue with not having an IP address after removing the FBI virus.  

It also triggered the repair of .Net Framework and Windows Updates.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now