Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Web Site Found. Waiting For Reply...


  • Please log in to reply
4 replies to this topic

#1 vconfused

vconfused

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:02 PM

Posted 02 July 2008 - 09:20 PM

I have a computer that was completely infested with malware. It had those fake spyware programs on it, had items that were running with winlogon so that I could not delete them without the use of Killbox, had to use VundoFix, etc. you name it, it probably had it. After running a number of antivirus programs (Avira, avast, etc.) and antispyware (AdAware, Spybot, etc.), I finally removed everything, or so it seems. HiJackThis is not showing anything out of the ordinary, but since the computer does not have access to the Internet I cannot post the log. I can ping IP addresses and domain names (i.e. google.com), but I cannot visit any web sites via Firefox, IE 7, and the antivirus/antispyware programs are unable to connect to the Internet to update.
I tried the following in a number of orders while rebooting between:
uninstalling the network card
netsh winsock reset catalog
netsh int ip reset reset.log
deleting the HKLM\System\CurrentControlSet\Services\Winsock2 key (which then stopped me from pinging even after reboot until I ran the backup.reg file)
sfc /scannow
I tried Reset in Internet Options / Advanced
I turned off all firewalls that I used to help find out what was going on (LavaSoft's and Windows Firewall)
Nothing seems to work.

I can get files to it by burning them onto a CD if I need to.

Does anyone have any ideas as to what I missed? Thanks!!

BC AdBot (Login to Remove)

 


m

#2 powerjuce

powerjuce

  • Members
  • 321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 02 July 2008 - 09:25 PM

try this

http://www.bleepingcomputer.com/files/hostfix.php

it may be a problem that your host file has been messed up

this will help

#3 vconfused

vconfused
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:02 PM

Posted 02 July 2008 - 11:00 PM

Thanks! I checked the hosts file (C:\Windows\System32\Drivers\ETC\Hosts) and it was last modified in 2004 and it looks fine -- only thing in it is the localhost pointing to 127.0.0.1. Also, unrelated, but I tried with another profile and tried in safe mode. Anything else I can try? Thanks again!

Edited by vconfused, 03 July 2008 - 06:51 AM.


#4 powerjuce

powerjuce

  • Members
  • 321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 03 July 2008 - 02:09 PM

Ok, now even i am not sure, there is one tool

This one is an advanced tool, so I am not sure how it will work,

http://www.bleepingcomputer.com/files/lspfix.php

before running it please read this tutorial

#5 vconfused

vconfused
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:02 PM

Posted 03 July 2008 - 06:38 PM

Thanks, but unfortunately that did not work. It said no problems found and had 3 listings: mswsock.dll, winrnr.dll, and rsvpsp.dll. I clicked Finish anyway, but it said no changes have been made and I can still ping, but not access the Internet in any other way that I have tried.

OK, issue resolved, thanks for all of your help! It turned out to be Lavasoft Firewall. Even though I had disabled it and disabled the driver in the network connection's properties, it was still doing something. After uninstalling and rebooting, voila! Thanks again!

Edited by vconfused, 03 July 2008 - 08:10 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users