Re: VIRUS - Changing IP Address
- From: Newell White <NewellWhite@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 16 Oct 2007 01:39:02 -0700
One way malware can intefere with your internet access is by modifying the file
C:\windows\system32\drivers\etc\hosts
Before you do anything else, write down the 'Modified' date/time of this
file - this may indicate when
infection occurred, vital for locating the malware files.
Unless you have modified it yourself, Yours should look like this:
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
--
Newell White
"Momtoysj" wrote:
Thanks. I know I have to clean the computer first but I'm not sure I can.
even get on the internet to run the stuff you indicate. As mentioned when I
launch internet explorer I just get the blank screen and can't go anywhere
else. Yes this does sound a little bit much, perhaps not my cup of tea and I
may just have to bring it in somewhere, but I'll try if I can get on the
internet or do you know a magic way of doing it? If I change the IP address
will I at least be able to get to the internet to perform the clean up as you
suggested or will changing the IP address do nothing until it's cleaned up?
I've heard I can change the IP address (maybe) by turning off the the
cable/dsl modem for a while and in many cases this will change the IP
address. Your thoughts and help is appreciated. Thanks.
"Malke" wrote:
Momtoysj wrote:
Some viruses were recently accidentally downloaded on my laptop. We kept
getting a pop up window, exclamation mark in yellow saying we had viruses, my
husband accidentally clicked on it and then we were taken to some "VIRUS
removal" website. I tried to delete the files, ran some virus software, that
says the virus was found but can't be cleaned, so it's only moved to another
area. This has also affected our internet, MSN connection, when I try to
sign on to MSN Messenger, i get an error saying "incorrect IP address" or
something along those lines. When I try to launch internet explorer, the
home page has been changed to "about:blank". At one point I was able to just
type in a different web page, ie google.ca and it was okay, but now the
internet doesn't go anywhere. How do I go about change the IP address so I
can get back on the internet???? Please help. Thank you.
Nicki
You need to clean up your computer first. Simply changing the IP address
will not do it.
Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware
Include scanning with David Lipman's Multi_AV and follow instructions to
do all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.
http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html
The site is in German but David's tool is in English so don't let that
worry you. Scroll all the way down to almost the bottom of the page and
you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
You'll see "Download von www pctipp.ch" and the live link to download
Multi_AV.
You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html
When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).
Not all tools used will work in Vista and you will need to run them
elevated. Since Vista is so new, it will be a while before removal
techniques and tools are developed. If you are unable to remove the
infection by following the general steps, register at one of the
HijackThis forums as suggested.
Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.
Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
- References:
- Re: VIRUS - Changing IP Address
- From: Malke
- Re: VIRUS - Changing IP Address
- From: Momtoysj
- Re: VIRUS - Changing IP Address
- Prev by Date: Re: Infected machine on dial-up
- Next by Date: Norton 360
- Previous by thread: Re: VIRUS - Changing IP Address
- Next by thread: Re: VIRUS - Changing IP Address
- Index(es):
Relevant Pages
|
|
