Re: Can't figure this virus out
- From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>
- Date: Tue, 23 Sep 2008 16:34:53 -0400
From: "JN" <me@xxxxxxxx>
| I don't know if the computer I am trying to fix just had AntiVirusXP2008 or
| something more. I have found the manual removal instructions for AVXP and
| that seemed to work except the computer cannot access a whole host of sites.
| Mcafee.com
| Symantec.com
| windowsupdate.microsoft.com
| PandaSecurity.com
| And so on.
| I can ping the sites fine and tracert fine but when I try to go to them in
| IE7 a couple of strange things happen. First, when I try Mcafee.com it
| brings me to a google search result page as if I did a google search for
| mcafee.com. Then if I click on Mcafee.com link in those results IE7 wiill
| give me the error page as if I were not connected to the Inernet.
| If I try Symantec, Windows Update, Panda Security, or a few other sites I
| just get the standard not connected to the Internet page from IE7. Other
| sites like going to IBM, Google, MSN, etc appear to be working fine.
| I have checked the Hosts file to see if this was altered, but it is OK and I
| also checked to make sure my DNS server settings were not hijacked and they
| were OK showing my ISP's DNS servers. I wanted to be sure it was not the
| site so instead of going to PandaSecurity.com and getting blocked I went to
| the IP address and was able to browse the site fine. I also ran LSPFix.exe
| and there were not any additional protocols installed and HijackThis did not
| show any BHOs or anything
| I have tried to reinstall Panda AV, however it will not restart on reboot.
| It is obvious that something is blocking it. This is obviously specifically
| blocking Anti-virus programs and sites.
| Yes, I could just format this computer, but what fun is that.
You probably are still infected with the RootKit payload that often acoompanies this.
Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
Then post the contents of the HJT log in your post in one of the below expert forums...
{ Please - Do NOT post the HJT Log here ! }
Forums where you can get expert advice for HiJack This! (HJT) Logs.
NOTE: Registration is REQUIRED in any of the below before posting a log
Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0
Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7
Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
.
- References:
- Can't figure this virus out
- From: JN
- Can't figure this virus out
- Prev by Date: Re: Can't figure this virus out
- Next by Date: Caution! Re: Vundo
- Previous by thread: Re: Can't figure this virus out
- Next by thread: Re: Can't figure this virus out
- Index(es):
Relevant Pages
|
