HELP - Security sites and Windows Update blocked - other sitesavailable

[Guest FlDave]

We had a virus/spyware attack on my Dad's computer. An image

automatically loaded to the computer about the system has a virus and

he should click here to get it removed. Thankfully, he didn't. I

think it was called something like Anti Virus XP 2008. Anyway, Spybot

and SuperAntiSpyware helped, but not perfect.

 

Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to

any of the anti-virus (AVG), anti-spyware or securtiy sites, or even

Windows Update. He gets the Page Not Found message.

 

I've deleted all the entries in the hosts file, that didn't help.

After the fact, I installed Firefox and the same thing happens.

 

I suspect somewhere some program is intercepting requests and routing

them back to the localhost. I was able to find AVG's IP address and

can ping it and when I use that in the address line, I can get there.

But avg.com, nope.

 

I also went into the router and checked that but I don't see anything

that would reroute those requests.

 

Any help is appreciated!

 

Dave

[Guest ~BD~]

Re: HELP - Security sites and Windows Update blocked - other sites available

 

"FlDave" <fldavem@gmail.com> wrote in message

news:178c6766-8a5c-40d7-b5cd-ae2d32bcc607@26g2000hsk.googlegroups.com...<span style="color:blue">

> We had a virus/spyware attack on my Dad's computer. An image

> automatically loaded to the computer about the system has a virus and

> he should click here to get it removed. Thankfully, he didn't. I

> think it was called something like Anti Virus XP 2008. Anyway, Spybot

> and SuperAntiSpyware helped, but not perfect.

>

> Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to

> any of the anti-virus (AVG), anti-spyware or securtiy sites, or even

> Windows Update. He gets the Page Not Found message.

>

> I've deleted all the entries in the hosts file, that didn't help.

> After the fact, I installed Firefox and the same thing happens.

>

> I suspect somewhere some program is intercepting requests and routing

> them back to the localhost. I was able to find AVG's IP address and

> can ping it and when I use that in the address line, I can get there.

> But avg.com, nope.

>

> I also went into the router and checked that but I don't see anything

> that would reroute those requests.

>

> Any help is appreciated!

>

> Dave</span>

 

 

 

Hi Dave style_emoticons/

 

Maybe you should try scanning with MBAM available here:- http://www.malwarebytes.org/

 

A new version launched ............. today!

 

Let us know if it helps.

 

Dave (aka ~BD~)

[Guest Malke]

Re: HELP - Security sites and Windows Update blocked - other sites available

 

FlDave wrote:

<span style="color:blue">

> We had a virus/spyware attack on my Dad's computer. An image

> automatically loaded to the computer about the system has a virus and

> he should click here to get it removed. Thankfully, he didn't. I

> think it was called something like Anti Virus XP 2008. Anyway, Spybot

> and SuperAntiSpyware helped, but not perfect.

>

> Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to

> any of the anti-virus (AVG), anti-spyware or securtiy sites, or even

> Windows Update. He gets the Page Not Found message.

>

> I've deleted all the entries in the hosts file, that didn't help.

> After the fact, I installed Firefox and the same thing happens.</span>

 

Your system is infected with a rogue antivirus program. It is called "rogue"

because it pretends to be A Good Guy but is really Evil. Do not pay them!

 

Here are removal steps:

 

http://www.bleepingcomputer.com/malware-re...-antivirus-2009

http://www.bleepingcomputer.com/forums/topic154529.html (earlier versions)

 

These may work for you and all may be well. However, in many cases the

computer will also be infected with Zlob and/or Vundo trojans and protected

by a rootkit. These machines are extremely difficult to clean.

 

If your machine is one of these cases, either get guided help at one of the

specialty forums below OR back up your data and do a clean install of

Windows. It is your choice. If you are unsure how to back up your data or

how to do a clean install, you can take your machine to a local computer

professional. I don't recommend using BigComputerStore/GeekSquad types of

places.

 

PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS.

 

http://aumha.org/downloads/hijackthis.zip

http://aumha.net/ - Click on the HijackThis forum. Read the announcement and

the stickies first .

http://www.atribune.org/forums/index.php?showforum=9

http://aumha.net/viewforum.php?f=30

http://www.bleepingcomputer.com/forums/forum22.html

http://www.dslreports.com/forum/cleanup

http://www.cybertechhelp.com/forums/forumdisplay.php?f=25

http://www.geekstogo.com/forum/Malware_Rem...o_Here-f37.html

http://www.malwarebytes.org/forums/index.php?showforum=7

http://gladiator-antivirus.com/forum/index.php?showforum=170

http://spywarewarrior.com/viewforum.php?f=5

http://forums.techguy.org/54-security/

http://forums.tomcoyote.org/

http://www.thespykiller.co.uk/index.php?board=3.0

http://forums.subratam.org/index.php?showforum=7

 

Malke

--

MS-MVP

Elephant Boy Computers - Don't Panic!

FAQ - http://www.elephantboycomputers.com/#FAQ

[Guest FromTheRafters]

Re: HELP - Security sites and Windows Update blocked - other sites available

 

"FlDave" <fldavem@gmail.com> wrote in message

news:178c6766-8a5c-40d7-b5cd-ae2d32bcc607@26g2000hsk.googlegroups.com...<span style="color:blue">

> We had a virus/spyware attack on my Dad's computer. An image

> automatically loaded to the computer about the system has a virus and

> he should click here to get it removed. Thankfully, he didn't. I

> think it was called something like Anti Virus XP 2008. Anyway, Spybot

> and SuperAntiSpyware helped, but not perfect.

>

> Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to

> any of the anti-virus (AVG), anti-spyware or securtiy sites, or even

> Windows Update. He gets the Page Not Found message.

>

> I've deleted all the entries in the hosts file, that didn't help.

> After the fact, I installed Firefox and the same thing happens.

>

> I suspect somewhere some program is intercepting requests and routing

> them back to the localhost. I was able to find AVG's IP address and

> can ping it and when I use that in the address line, I can get there.

> But avg.com, nope.

>

> I also went into the router and checked that but I don't see anything

> that would reroute those requests.

>

> Any help is appreciated!</span>

 

Another place for looking up IP addresses associated with

given domain names (like the hosts file) is the Domain Name

Server (DNS). Usually you don't have to do anything with

that setting in your network connections dialog, but it may

be that malware has changed your primary and/or secondary

(alternate) DNS server settings.

 

Malware removal programs couldn't very well set it back to

what it is supposed to be because it has no way of knowing

what it was supposed to be.

 

Ask your ISP what the settings are supposed to be for your

account.

 

Go to your network icon. Mine is located at:

 

click start - hover over "connect to" - click on view all

connections - right click on the desired connection icon

- click on properties - click on "Internet Protocol (TCP/IP)"

- click on properties - at the bottom of this dialog I have

"Obtain DNS server address automatically" radio button

checked.

 

(XP Pro / RoadRunner)

 

My old dialup account had actual addresses in those lower

fields Win9x/Linux / monad.net (a local provider)

 

Follow Malke's advice, and if you still experience DNS problems

afterward - maybe this is why.

[Guest The Real Truth MVP]

Re: HELP - Security sites and Windows Update blocked - other sites available

 

Use my Remove-it software, it will remove that malware from your system.

Choose yes for all options when prompted. Download it here

http://pcbutts1.com/downloads/tools/tools.htm

 

--

Cyberstalking is a crime. If you had one as bad as I did simply ignoring

them is not an option.

 

 

 

 

"FlDave" <fldavem@gmail.com> wrote in message

news:178c6766-8a5c-40d7-b5cd-ae2d32bcc607@26g2000hsk.googlegroups.com...<span style="color:blue">

> We had a virus/spyware attack on my Dad's computer. An image

> automatically loaded to the computer about the system has a virus and

> he should click here to get it removed. Thankfully, he didn't. I

> think it was called something like Anti Virus XP 2008. Anyway, Spybot

> and SuperAntiSpyware helped, but not perfect.

>

> Now he can get to many sites (mlb.com, yahoo.com, etc), but not get to

> any of the anti-virus (AVG), anti-spyware or securtiy sites, or even

> Windows Update. He gets the Page Not Found message.

>

> I've deleted all the entries in the hosts file, that didn't help.

> After the fact, I installed Firefox and the same thing happens.

>

> I suspect somewhere some program is intercepting requests and routing

> them back to the localhost. I was able to find AVG's IP address and

> can ping it and when I use that in the address line, I can get there.

> But avg.com, nope.

>

> I also went into the router and checked that but I don't see anything

> that would reroute those requests.

>

> Any help is appreciated!

>

> Dave </span>

[Guest ---Fitz---]

Re: HELP - Security sites and Windows Update blocked - other sites available

 

Don't use anything from pcbutts website. Only download programs from the

developer's site or authorized distributor. Butts is not a developer,

distributor or an MVP.

[Guest lifesuckedme]

vundo obstructing me for updates..please please help meeeeeeee

 

my vundo is not leaving my computer.

C:/windows/system32/urqRJBTM is the infection shown by VundoFix V7.0.6

but i am not able to fix that..

can i manually delete it.....?

thanx in advance..

now i am scanning with windows live scanner...but this is my second time. i

got the error in first time..

i am not able to browse others site of Microsoft...including download and

support.

thanx again again..

i am not able to browse windows security and upada..also i am not able to

browse microsoft sites like support and download...

please help meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

i don wanat to format my computer.. though i ve XP CD...

[Guest ---Fitz---]

Re: vundo obstructing me for updates..please please help meeeeeeee

 

"lifesuckedme" <lifesuckedme@discussions.microsoft.com> wrote in message

news:048D2825-7C42-483A-99C3-D561A3FB6AEA@microsoft.com...<span style="color:blue">

>

> my vundo is not leaving my computer.

> C:/windows/system32/urqRJBTM is the infection shown by VundoFix V7.0.6

> but i am not able to fix that..

> can i manually delete it.....?

> thanx in advance..

> now i am scanning with windows live scanner...but this is my second time.

> i

> got the error in first time..

> i am not able to browse others site of Microsoft...including download and

> support.

> thanx again again..

> i am not able to browse windows security and upada..also i am not able to

> browse microsoft sites like support and download...

> please help meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

> i don wanat to format my computer.. though i ve XP CD...</span>

 

 

Give a try to www.superantispyware.com. They have a free trial program that

converts to the free edition. Try in safe mode first. Let us know how it

works.

[Guest lifesuckedme]

Re: vundo obstructing me for updates..please please help meeeeeeee

 

"---Fitz---"

believe me MBAM works...

i don know about pcbutts...

now only i have problem for security enabling....error 1079 in service exe.

i started getting windows update...

fitz what to do for error 1079..

[Guest Leythos]

Re: vundo obstructing me for updates..please please help meeeeeeee

 

In article <78DA2680-AF23-4C8B-BD47-56B3F4F6E656@microsoft.com>,

lifesuckedme@discussions.microsoft.com says...<span style="color:blue">

>

>

> "---Fitz---"

> believe me MBAM works...

> i don know about pcbutts...

> now only i have problem for security enabling....error 1079 in service exe.

> i started getting windows update...

> fitz what to do for error 1079..</span>

 

You need to understand a couple simple things that will make life easier

for you:

 

1) Malware can and does screw up your computer

2) You can not be 100% certain that all malware is removed by any tool

3) In order to ensure a 100% clean machine you need to wipe and rebuild

it from scratch in a clean environment

4) No single protection method works all the time

5) Just because your computer "appears" to be clean does not mean it is

 

I suggest that you try running a repair and see if that fixes your

problems:

 

http://www.geekstogo.com/forum/How-to-repa...ws-XP-t138.html

 

 

--

- Igitur qui desiderat pacem, praeparet bellum.

- Calling an illegal alien an "undocumented worker" is like calling a

drug dealer an "unlicensed pharmacist"

spam999free@rrohio.com (remove 999 for proper email address)

[Guest The Real Truth MVP]

Re: vundo obstructing me for updates..please please help meeeeeeee

 

I have the Automatic Updates and WindowsUpdate Reset tool it will fix your

issue. Use the email link at the bottom of my webpage and email me and I

will send it to you http://pcbutts1.com/downloads/tools/tools.htm. The link

to the Codeplex site is down. Do NOT listen to the other fools who want you

to format and wipe your system you do NOT need to do that. They will tell

you anything to get you to not work with me. I have the knowledge and

expertise to fix it they don't.

 

 

--

Cyberstalking is a crime. If you had one as bad as I did simply ignoring

them is not an option.

 

 

 

 

"lifesuckedme" <lifesuckedme@discussions.microsoft.com> wrote in message

news:78DA2680-AF23-4C8B-BD47-56B3F4F6E656@microsoft.com...<span style="color:blue">

>

>

> "---Fitz---"

> believe me MBAM works...

> i don know about pcbutts...

> now only i have problem for security enabling....error 1079 in service

> exe.

> i started getting windows update...

> fitz what to do for error 1079..

> </span>