HELP - Security sites and Windows Update blocked - other sitesavailable

  • Thread starter Thread starter FlDave
  • Start date Start date
F

FlDave

Guest
We had a virus/spyware attack on my Dad's computer. An image
automatically loaded to the computer about the system has a virus and
he should click here to get it removed. Thankfully, he didn't. I
think it was called something like Anti Virus XP 2008. Anyway, Spybot
and SuperAntiSpyware helped, but not perfect.

Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to
any of the anti-virus (AVG), anti-spyware or securtiy sites, or even
Windows Update. He gets the Page Not Found message.

I've deleted all the entries in the hosts file, that didn't help.
After the fact, I installed Firefox and the same thing happens.

I suspect somewhere some program is intercepting requests and routing
them back to the localhost. I was able to find AVG's IP address and
can ping it and when I use that in the address line, I can get there.
But avg.com, nope.

I also went into the router and checked that but I don't see anything
that would reroute those requests.

Any help is appreciated!

Dave
 
Re: HELP - Security sites and Windows Update blocked - other sites available

Re: HELP - Security sites and Windows Update blocked - other sites available


"FlDave" <fldavem@gmail.com> wrote in message
news:178c6766-8a5c-40d7-b5cd-ae2d32bcc607@26g2000hsk.googlegroups.com...
> We had a virus/spyware attack on my Dad's computer. An image
> automatically loaded to the computer about the system has a virus and
> he should click here to get it removed. Thankfully, he didn't. I
> think it was called something like Anti Virus XP 2008. Anyway, Spybot
> and SuperAntiSpyware helped, but not perfect.
>
> Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to
> any of the anti-virus (AVG), anti-spyware or securtiy sites, or even
> Windows Update. He gets the Page Not Found message.
>
> I've deleted all the entries in the hosts file, that didn't help.
> After the fact, I installed Firefox and the same thing happens.
>
> I suspect somewhere some program is intercepting requests and routing
> them back to the localhost. I was able to find AVG's IP address and
> can ping it and when I use that in the address line, I can get there.
> But avg.com, nope.
>
> I also went into the router and checked that but I don't see anything
> that would reroute those requests.
>
> Any help is appreciated!
>
> Dave



Hi Dave :)

Maybe you should try scanning with MBAM available here:- http://www.malwarebytes.org/

A new version launched ............. today!

Let us know if it helps.

Dave (aka ~BD~)
 
Re: HELP - Security sites and Windows Update blocked - other sites available

Re: HELP - Security sites and Windows Update blocked - other sites available

FlDave wrote:

> We had a virus/spyware attack on my Dad's computer. An image
> automatically loaded to the computer about the system has a virus and
> he should click here to get it removed. Thankfully, he didn't. I
> think it was called something like Anti Virus XP 2008. Anyway, Spybot
> and SuperAntiSpyware helped, but not perfect.
>
> Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to
> any of the anti-virus (AVG), anti-spyware or securtiy sites, or even
> Windows Update. He gets the Page Not Found message.
>
> I've deleted all the entries in the hosts file, that didn't help.
> After the fact, I installed Firefox and the same thing happens.

Your system is infected with a rogue antivirus program. It is called "rogue"
because it pretends to be A Good Guy but is really Evil. Do not pay them!

Here are removal steps:

http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009
http://www.bleepingcomputer.com/forums/topic154529.html (earlier versions)

These may work for you and all may be well. However, in many cases the
computer will also be infected with Zlob and/or Vundo trojans and protected
by a rootkit. These machines are extremely difficult to clean.

If your machine is one of these cases, either get guided help at one of the
specialty forums below OR back up your data and do a clean install of
Windows. It is your choice. If you are unsure how to back up your data or
how to do a clean install, you can take your machine to a local computer
professional. I don't recommend using BigComputerStore/GeekSquad types of
places.

PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS.

http://aumha.org/downloads/hijackthis.zip
http://aumha.net/ - Click on the HijackThis forum. Read the announcement and
the stickies *first*.
http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarewarrior.com/viewforum.php?f=5
http://forums.techguy.org/54-security/
http://forums.tomcoyote.org/
http://www.thespykiller.co.uk/index.php?board=3.0
http://forums.subratam.org/index.php?showforum=7

Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ
 
Re: HELP - Security sites and Windows Update blocked - other sites available

Re: HELP - Security sites and Windows Update blocked - other sites available


"FlDave" <fldavem@gmail.com> wrote in message
news:178c6766-8a5c-40d7-b5cd-ae2d32bcc607@26g2000hsk.googlegroups.com...
> We had a virus/spyware attack on my Dad's computer. An image
> automatically loaded to the computer about the system has a virus and
> he should click here to get it removed. Thankfully, he didn't. I
> think it was called something like Anti Virus XP 2008. Anyway, Spybot
> and SuperAntiSpyware helped, but not perfect.
>
> Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to
> any of the anti-virus (AVG), anti-spyware or securtiy sites, or even
> Windows Update. He gets the Page Not Found message.
>
> I've deleted all the entries in the hosts file, that didn't help.
> After the fact, I installed Firefox and the same thing happens.
>
> I suspect somewhere some program is intercepting requests and routing
> them back to the localhost. I was able to find AVG's IP address and
> can ping it and when I use that in the address line, I can get there.
> But avg.com, nope.
>
> I also went into the router and checked that but I don't see anything
> that would reroute those requests.
>
> Any help is appreciated!

Another place for looking up IP addresses associated with
given domain names (like the hosts file) is the Domain Name
Server (DNS). Usually you don't have to do anything with
that setting in your network connections dialog, but it may
be that malware has changed your primary and/or secondary
(alternate) DNS server settings.

Malware removal programs couldn't very well set it back to
what it is supposed to be because it has no way of knowing
what it was supposed to be.

Ask your ISP what the settings are supposed to be for your
account.

Go to your network icon. Mine is located at:

click start - hover over "connect to" - click on view all
connections - right click on the desired connection icon
- click on properties - click on "Internet Protocol (TCP/IP)"
- click on properties - at the bottom of this dialog I have
"Obtain DNS server address automatically" radio button
checked.

(XP Pro / RoadRunner)

My old dialup account had actual addresses in those lower
fields Win9x/Linux / monad.net (a local provider)

Follow Malke's advice, and if you still experience DNS problems
afterward - maybe this is why.
 
Re: HELP - Security sites and Windows Update blocked - other sites available

Re: HELP - Security sites and Windows Update blocked - other sites available

Use my Remove-it software, it will remove that malware from your system.
Choose yes for all options when prompted. Download it here
http://pcbutts1.com/downloads/tools/tools.htm

--
Cyberstalking is a crime. If you had one as bad as I did simply ignoring
them is not an option.




"FlDave" <fldavem@gmail.com> wrote in message
news:178c6766-8a5c-40d7-b5cd-ae2d32bcc607@26g2000hsk.googlegroups.com...
> We had a virus/spyware attack on my Dad's computer. An image
> automatically loaded to the computer about the system has a virus and
> he should click here to get it removed. Thankfully, he didn't. I
> think it was called something like Anti Virus XP 2008. Anyway, Spybot
> and SuperAntiSpyware helped, but not perfect.
>
> Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to
> any of the anti-virus (AVG), anti-spyware or securtiy sites, or even
> Windows Update. He gets the Page Not Found message.
>
> I've deleted all the entries in the hosts file, that didn't help.
> After the fact, I installed Firefox and the same thing happens.
>
> I suspect somewhere some program is intercepting requests and routing
> them back to the localhost. I was able to find AVG's IP address and
> can ping it and when I use that in the address line, I can get there.
> But avg.com, nope.
>
> I also went into the router and checked that but I don't see anything
> that would reroute those requests.
>
> Any help is appreciated!
>
> Dave
 
Re: HELP - Security sites and Windows Update blocked - other sites available

Re: HELP - Security sites and Windows Update blocked - other sites available

Don't use anything from pcbutts website. Only download programs from the
developer's site or authorized distributor. Butts is not a developer,
distributor or an MVP.
 
vundo obstructing me for updates..please please help meeeeeeee

vundo obstructing me for updates..please please help meeeeeeee


my vundo is not leaving my computer.
C:/windows/system32/urqRJBTM is the infection shown by VundoFix V7.0.6
but i am not able to fix that..
can i manually delete it.....?
thanx in advance..
now i am scanning with windows live scanner...but this is my second time. i
got the error in first time..
i am not able to browse others site of Microsoft...including download and
support.
thanx again again..
i am not able to browse windows security and upada..also i am not able to
browse microsoft sites like support and download...
please help meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
i don wanat to format my computer.. though i ve XP CD...
 
Re: vundo obstructing me for updates..please please help meeeeeeee

Re: vundo obstructing me for updates..please please help meeeeeeee

"lifesuckedme" <lifesuckedme@discussions.microsoft.com> wrote in message
news:048D2825-7C42-483A-99C3-D561A3FB6AEA@microsoft.com...
>
> my vundo is not leaving my computer.
> C:/windows/system32/urqRJBTM is the infection shown by VundoFix V7.0.6
> but i am not able to fix that..
> can i manually delete it.....?
> thanx in advance..
> now i am scanning with windows live scanner...but this is my second time.
> i
> got the error in first time..
> i am not able to browse others site of Microsoft...including download and
> support.
> thanx again again..
> i am not able to browse windows security and upada..also i am not able to
> browse microsoft sites like support and download...
> please help meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
> i don wanat to format my computer.. though i ve XP CD...


Give a try to www.superantispyware.com. They have a free trial program that
converts to the free edition. Try in safe mode first. Let us know how it
works.
 
Re: vundo obstructing me for updates..please please help meeeeeeee

Re: vundo obstructing me for updates..please please help meeeeeeee



"---Fitz---"
believe me MBAM works...
i don know about pcbutts...
now only i have problem for security enabling....error 1079 in service exe.
i started getting windows update...
fitz what to do for error 1079..
 
Re: vundo obstructing me for updates..please please help meeeeeeee

Re: vundo obstructing me for updates..please please help meeeeeeee

In article <78DA2680-AF23-4C8B-BD47-56B3F4F6E656@microsoft.com>,
lifesuckedme@discussions.microsoft.com says...
>
>
> "---Fitz---"
> believe me MBAM works...
> i don know about pcbutts...
> now only i have problem for security enabling....error 1079 in service exe.
> i started getting windows update...
> fitz what to do for error 1079..

You need to understand a couple simple things that will make life easier
for you:

1) Malware can and does screw up your computer
2) You can not be 100% certain that all malware is removed by any tool
3) In order to ensure a 100% clean machine you need to wipe and rebuild
it from scratch in a clean environment
4) No single protection method works all the time
5) Just because your computer "appears" to be clean does not mean it is

I suggest that you try running a repair and see if that fixes your
problems:

http://www.geekstogo.com/forum/How-to-repair-Windows-XP-t138.html


--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)
 
Re: vundo obstructing me for updates..please please help meeeeeeee

Re: vundo obstructing me for updates..please please help meeeeeeee

I have the Automatic Updates and WindowsUpdate Reset tool it will fix your
issue. Use the email link at the bottom of my webpage and email me and I
will send it to you http://pcbutts1.com/downloads/tools/tools.htm. The link
to the Codeplex site is down. Do NOT listen to the other fools who want you
to format and wipe your system you do NOT need to do that. They will tell
you anything to get you to not work with me. I have the knowledge and
expertise to fix it they don't.


--
Cyberstalking is a crime. If you had one as bad as I did simply ignoring
them is not an option.




"lifesuckedme" <lifesuckedme@discussions.microsoft.com> wrote in message
news:78DA2680-AF23-4C8B-BD47-56B3F4F6E656@microsoft.com...
>
>
> "---Fitz---"
> believe me MBAM works...
> i don know about pcbutts...
> now only i have problem for security enabling....error 1079 in service
> exe.
> i started getting windows update...
> fitz what to do for error 1079..
>
 
Back
Top