Re: Can't figure this virus out
- From: Malke <malke@xxxxxxxxxxxxxxx>
- Date: Tue, 23 Sep 2008 12:57:20 -0700
JN wrote:
I don't know if the computer I am trying to fix just had AntiVirusXP2008
or
something more. I have found the manual removal instructions for AVXP and
that seemed to work except the computer cannot access a whole host of
sites.
Mcafee.com
Symantec.com
windowsupdate.microsoft.com
PandaSecurity.com
And so on.
I can ping the sites fine and tracert fine but when I try to go to them in
IE7 a couple of strange things happen. First, when I try Mcafee.com it
brings me to a google search result page as if I did a google search for
mcafee.com. Then if I click on Mcafee.com link in those results IE7 wiill
give me the error page as if I were not connected to the Inernet.
If I try Symantec, Windows Update, Panda Security, or a few other sites I
just get the standard not connected to the Internet page from IE7. Other
sites like going to IBM, Google, MSN, etc appear to be working fine.
I have checked the Hosts file to see if this was altered, but it is OK and
I also checked to make sure my DNS server settings were not hijacked and
they
were OK showing my ISP's DNS servers. I wanted to be sure it was not the
site so instead of going to PandaSecurity.com and getting blocked I went
to
the IP address and was able to browse the site fine. I also ran
LSPFix.exe and there were not any additional protocols installed and
HijackThis did not show any BHOs or anything
I have tried to reinstall Panda AV, however it will not restart on reboot.
It is obvious that something is blocking it. This is obviously
specifically blocking Anti-virus programs and sites.
Sounds like your computer isn't clean. Unfortunately, some XP Antivirus
infections also include Vundo and/or SDBot trojans, all protected by a
rootkit. Since you didn't specify what manual removal steps you did, here
are my usual instructions about these sorts of infections. My guess is that
you should go for the guided help at this point.
Here are removal steps:
http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009
http://www.bleepingcomputer.com/forums/topic154529.html (earlier versions)
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html
These may work for you and all may be well. However, in many cases the
computer will also be infected with Zlob and/or Vundo trojans and protected
by a rootkit. These machines are extremely difficult to clean.
If your machine is one of these cases, either get guided help at one of the
specialty forums below OR back up your data and do a clean install of
Windows. It is your choice. If you are unsure how to back up your data or
how to do a clean install, you can take your machine to a local computer
professional. I don't recommend using BigComputerStore/GeekSquad types of
places.
PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS.
http://aumha.org/downloads/hijackthis.zip
http://aumha.net/ - Click on the HijackThis forum. Read the announcement and
the stickies *first*.
http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarewarrior.com/viewforum.php?f=5
http://forums.techguy.org/54-security/
http://forums.tomcoyote.org/
http://www.thespykiller.co.uk/index.php?board=3.0
http://forums.subratam.org/index.php?showforum=7
Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ
.
- References:
- Can't figure this virus out
- From: JN
- Can't figure this virus out
- Prev by Date: Can't figure this virus out
- Next by Date: Re: Can't figure this virus out
- Previous by thread: Can't figure this virus out
- Next by thread: Re: Can't figure this virus out
- Index(es):
Relevant Pages
|
