Virus/Worm is owning my computer

[Andarvi]

So a couple days ago i got a trojan or a worm or something that was hijacking all my browsers prohibiting me from getting online. Anyone that I would open, the browser background would turn red and a message would pop up trying to sell my some bs antivirus, typical shit. So i ran two very long scans, one with malwarebytes and another, more successful one with emisoft, which found more items including a worm called worm.win32.VBNA!IK. I was able to remove the stuff so the browsers are no longer getting hijacked, but I can no longer get online with any of them despite being fully connected to my wireless network. What is going on? Any ideas?

[Andarvi]

And oddly, I can get AIM and stuff just no internet browser...

[Cayos]

Try deleting your browser and reinstalling it. Sounds like the virus deleted a part of it.

[Kurokikaze]

Also, it may be possible that you have a rootkit preventing you from using the browser. Use Safe Mode w/o Networking to run your scans.

What Anti-Virus are you using? Try to get Kapersky if you can.

[Tythera]

I'd also check your hosts file at C:\Windows\System32\drivers\etc and make sure there's nothing in there without a # at the start of the line

[Cephius]

Hosts file is possible but I'd bank on it trying to use a blank proxy or something, check the proxy settings within IE/Firefox and turn them off if something's in there.

[bungiefan]

Sounds like a flavor of that Super Antispyware thing that people bring in to work now and then to get removed. I have to be able to load our web site to install the tools to remove it since they don't allow us to use USB flash drives or burned CDs to store our files, as they might spread something between the machines, and "don't look professional in a retail environment". I've been unable to get past it with those limitations the past two times I have seen it without heavy use of regedit to remove all references to it.

One of the things it did was to link major search and antivirus sites to 127.0.0.1 in the registry and hosts file, which loops them back to your computer instead of their normal sites.

My best recommendation would be, if you have another computer, to remove the drive from the infected one, attach it as a secondary or external drive to one that is up to date with a good antivirus, and scan it on the uninfected machine. Manually trying to remove it from the infected machine while booted to the infected OS is a pain.

[Isiolia]

Go into device manager, delete your network device(s) and then have them get redetected/reinstalled (right click the root computer object and hit detect hardware). I've seen that fix similar problems. I think the basic issue is that the malware futzes with the settings, and by reinstalling the device you reset it all to defaults.

[Melena]

Make sure work offline is not checked in your browser. We've had a couple at work with that virus and somehow as a last fuck you checked tha box.

[viperlasson]

backup and reformat :D

[Rellikard]

Try this. Whatever your browser is, go to Options > Network > Proxy/LAN Settings. Uncheck any Proxy Server settings which most viruses w/ redirects do to redirect you to their sites so once they're gone your browser's still setup to connect to them. As soon as you're done, should be able to browse the web even w/o restarting your browser.

Merry Christmas.