This i probably irrelevant but did you make sure no other obvious programs got downloaded? You could check that in the control panel.

I checked when I initially found the problem and removed a program that came in with whatever else is causing me problems. Nothing sketchy in there anymore. Thanks for the comment though.

Possible that the malware wrote over your DNS cache to kill access to certain cleanup sites.

Try Avast. You could also try a system restore, but I don't know how well that deals with pervasive infections.

Worst case, you may want to reimage your machine. Hope you have backups of your important stuff.

I suppose before you try nuking your machine you could also try booting from an AVS flash drive or CD. You'd need another computer in order to create one if you don't have one already.

You could also try forcing your DNS file to revert so you can load AVS sites and download a tool.

Thanks for the advice, Epoch. I have sent in tickets with a few companies to see if they have a solution I can follow - rather illiterate when it comes to software.

Thankfully I have everything backed up in the cloud. The current problems aren't necessarily invasive, but still problems. They don't prevent me from doing anything, or appear to slow my computer down, but I'd like them gone.

Before I try anything severe like doing a system restore, I'll see if the IT dept. at my university has any suggestions. It's not like they just built a massive building for the CS department...

The visible problems are inconveniences. However, if you actually do have malware that's rewriting your DNS cache, you could be in a lot more trouble.

Basically, when you type a URL into the address bar in your browser, your computer queries a Domain Name System server to identify the IP address associated with that domain name. The computer then uses the IP address to establish communications with the device responsible for that address.

Your computer also has a local DNS file, called a resolver cache or a hosts file, that stores the domain names and IP addresses of certain sites. Your computer will first query the resolver cache before it submits a query to the DNS server.

Now, if malware rewrites your hosts file, then it can change the IP addresses mapped to different domain names. For example, it could make the domain name of an antivirus software (AVS) site map to IP address 0.0.0.0, which is an illegitimate address and will cause the page to fail to load.

Worse, the malware could configure your hosts file to redirect queries for banking or commerce sites to forged sites in an attempt to harvest your credentials, or it could redirect popular sites like YouTube or Facebook to malware-distributing sites.

Given that you said malwarebytes's website wasn't loading, I'll bet that this is the problem you're facing. In which case you should avoid entering any credentials for any sensitive sites (you should follow this practice any time you know or suspect your computer is infected) and try to find a solution that doesn't require you to transmit sensitive info like logins, DOB, or payment info.

Thank you for the explanation, Epochalyptik. That made it pretty clear of what is likely happening. It sounds like I could be up shit creek.

I can get to the Malwarebytes webpage and download the setup file, but then it closes before running. I can navigate the Avast website until the download page, where I get the internal server error message. Not good.

I think I had a System Mechanic subscription for a friend a while back, I'll see if that's still active.

What would you recommend for my next steps?

I guess it depends on your OS and system. I would try to find your hosts file and see if it was modified in any way, but that may be somewhat difficult for you if you're not super tech savvy. As long as you don't modify the file in any invalid way, you should be fine. Just check to see if legitimate domains are being mapped to illegitimate IP addresses.

This site offers instructions on how to find and edit your hosts file.

Barring that, or if that doesn't turn up anything of import, you should talk to your university's support center. From IT's perspective (I'm an IT security analyst), any infected machine on the network is a vulnerability. If your university offers free computer support for students, take advantage of it. Just make sure there's nothing irreplaceable on the computer when you have them look at it, and be sure to tell them what you know so far and what you suspect might be the issue.

You probably don't want to mention that you were violating copyright law at the time your computer got infected, though. The university won't help you with that.

I found my hosts file and opened it, but I'm not sure what to look for when it comes to seeing if it was modified. I would be fine following instructions of what to do / look for, but understanding what it all meant is where I would have trouble.

My university does offer technical support, but it looks like they would need to take my laptop for at least a week. I'll try on Tuesday (Monday classes, the first day of classes, were cancelled due to the winter storm) and see what they say.

I'm currently running System Mechanic. My University offers Microsoft System Center Endpoint Protection, should I try loading that and see if it finds anything? I currently have Windows Defender and it didn't find anything in a full system scan.

Look for any entries that mention legit sites. Generally, the hosts file only contains information about your local host address (127.0.0.1) and maybe a few other items. Anything that maps a legitimate site to an invalid IP address like 0.0.0.0 or an incorrect IP address is a danger.

You could post the contents of your hosts file here using the code block feature.

Epochalyptik,

I followed the instructions (assuming that they are the same for Windows 10) and the hosts file just had instructions / explanation of what it is, like this image:

I'm assuming that there should be more there? I'm also in contact with Malwarebytes support. They gave me a diagnostic tool to download to get a log, but I get an error with running it. Waiting for a response on that.

Generally, that's about all that the hosts file contains. Most of the actual DNS work is done by DNS servers when your computer queries them to establish communications with the appropriate server and route your traffic. The fact that it's still mostly empty is a reassuring sign, but it also means that your virus is using some other method to block AVS.

After trying to run three different programs provided by Malwarebytes, I finally got one to work. I'm running a scan with that now and will be sending them back a log of what it finds.

I will go ahead and say Epochalyptik knows a lot more than I do about Cyber Security, but I've done enough screwing around with different AV providers to tell you the following things:

• Never Use McAfee

• Never Use Norton

• Never EVER EVER use Microsoft Security Essentials (I've watched it get uninstalled twice and it's failure to stop malicious software turned my sister's computer into scrap metal because I didn't have the proper hardware to run a preboot nuke of the system.)

• Malwarebytes should not be used as your only line of defense. It is a fantastic program but doesn't cover all the bases and should be used as a linebacker for your main AV.

• The best program I have ever used out all the ones I've tried (Microsoft Security Essentials, McAfee, Norton, Avira, AVG, Kaspersky, Avast, ESET) (and yes that was in order of preference least to most) is without a doubt ESET Smart Security. It costs, and a little more than your typical program, but there has never been a single virus it hasn't caught for me. It is low on resource consumption and runs discreetly in the background. It doesn't bother the living crap out of you with useless information and is quick and efficient. They also boast to have the lowest false positive rate (viruses that get by) out of any other major AV Software. Based on my three years of using it, they haven't been wrong so far.

• If you don't want to spend money the best free software I've ever used was Avast. They're a good deal more annoying with adware than they used to be back in the good ol' days, but they are still a solid system and I relied on it to save the systems in my house when I started realizing Microsoft Security Essentials was incapable of protecting them.

I've been using the ESET and Malwarebytes tag team for the last two years now. Haven't had a single problem.

Hope that advice helps you going forward. Glad you got it under control.

Thanks, TMBRLZ. I am going to look into Avast once this is resolved. Malwarebytes support is having trouble giving me a solution as whatever I have is blocking most of the programs they ask me to try. We finally got one to work and support is analyzing the log it generated.

Malwarebytes is a top notch team. They're dedicated to their work and not the profit.

God forbid the day that changes.

It seems that this malware is very detrimental to your computer. Have you ever tried to and its files from your computer by yourself?