aspenjim Posted July 17, 2008 Share Posted July 17, 2008 (edited) I have just cleaned up a trojan infected PC that has windows update, symantec, etc blocked by 127.0.0.1.I looked at the host file and it just has 127.0.0.1 localhostI've reset all zones to default.Ive checked the gp settings and they are unconfigured for windows update.Where else can update sites like windows update, etc. get blocked? Edited July 17, 2008 by aspenjim Link to comment Share on other sites More sharing options...
uid0 Posted July 18, 2008 Share Posted July 18, 2008 Have you checked the dns server address?If the router had a default password there is even malware that will mess with the router's dns, but that's probably pretty rare. Link to comment Share on other sites More sharing options...
aspenjim Posted July 18, 2008 Author Share Posted July 18, 2008 This is a dell laptop that has xp Pro on it. It isn't connected to a domain and i've thought of that by doing ipconfig /flushdns though.It has to be in the registry I think Link to comment Share on other sites More sharing options...
timelord1984 Posted August 22, 2008 Share Posted August 22, 2008 Hi,have you had any luck getting that problem sorted? I've been looking at a computer with the exact same issue.ThanksMatt Link to comment Share on other sites More sharing options...
TheReasonIFail Posted August 31, 2008 Share Posted August 31, 2008 (edited) Trying getting to those sites by IP. Then it's possible that the PC may still have some spyware that's redirecting those requests.Also, try running Hijack This! and posting the log. Edited August 31, 2008 by TheReasonIFail Link to comment Share on other sites More sharing options...
fldavem Posted September 8, 2008 Share Posted September 8, 2008 I just got finished with the same issue. It was a problem for a month. It started with the AntiVirusXP2008 and a picture on the desktop. I'm sure if I clicked it I would have been much worse off.The solution was:1. Run SuperAntiSpyware2. Run SpyBot3. Run HiJackThis (but I don't think we did anything with it)4 - FINALLY FIXED IT USING the ComboFix from here:http://www.bleepingcomputer.com/combofix/how-to-use-combofixYou may not be able to get that last one - it may be blocked. Have someone email the ComboFix. That's the one that finally worked for me. I doubt the 1st 3 steps helped me, but they didn't hurt. If I had to do it again, I'd start with ComboFix. Link to comment Share on other sites More sharing options...
Tarun Posted September 8, 2008 Share Posted September 8, 2008 Combofix is well known for breaking computers. Malwarebytes Anti-Malware can remove AntiVirusXP2008 and many other variants. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now