Jump to content

Does anyone else have trouble connecting to Microsoft update

ExTruckie

By ExTruckie
in Windows XP

 Share

Recommended Posts


ZOOM-BOOM

ZOOM-BOOM

Posted
Posted
not only ms sites it also like mcafee too

I use firefox

Sorry to here of your problem..I had a similiar issue it may even be the same.!!

What you may have is a Trojan Called "Trojan DNS Changer" it took me two days to work out the problem and solve it..

What this trojan does is redirect your connection as you have discribed..to other than what you desired so..

The solution is download Malwarebytes here http://www.malwarebytes.org/index.php and scan your computer..

If anything is found click on repair reboot system and walla your done..Let us no if this worked?

Cheers ZOOM

Link to comment
Share on other sites
ExTruckie

ExTruckie

Posted
  • Author
Posted

I have Malwarebytes and ran a scan on the whole computer. It found 1 thing. I removed it and restarted, no change. I do recall a file called that, several days ago and it was removed. I guess without success :( I have one other thing I can try before I do a total wipe and reinstall of windows. no time to explain. Will post back results.

Link to comment
Share on other sites
Octopuss

Octopuss

Posted
Posted

How about the "built-in" windows update? Afaik it doesn't need browser and might work directly.

Just an idea...

Also, I would try to download say latest version of NOD32 and do a scan while not connected to the internet.

Link to comment
Share on other sites
ExTruckie

ExTruckie

Posted
  • Author
Posted

Reinstalled Windows got reinfected by Firefox browser backup. Ran AVG and malwarebytes. Antivirus caught and killed all the viruses and 3 trojans. Malwarebytes caught 3 more trojans.

Everything seems ok with the exception of not being able to go to windows update or mcafee update. I can live without mcafee since I got AVG. but not windows update. I cant even install netframework3.5.

Below is my host file

# Copyright © 1993-1999 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

I deleted the localhost line and retried to download from MS and it times out.

I dont know what else to do.

Link to comment
Share on other sites
CoffeeFiend

CoffeeFiend

Posted
Posted

I had expected it to be a line in your hosts file, but like I said, you probably have malware, which can add that line again anytime, and it can have embedded itself in your TCP/IP stack and everything else. You got to clean your PC from that stuff first. A hijackthis log would be a start.

Link to comment
Share on other sites
ceez

ceez

Posted
Posted

@extruckie, if you have that DNS changer trojan then you're in for a wild ride of desperation. no matter what you run, malwarebytes, hijack, av of any sort, spybot, reading on many of the forums that provide a handful of diff tools, etc...that **** thing wont leave. If you check your dns settings and you have an address that just wont go away then you have it.

I cleaned up a computer like that about 2 weeks ago. After fruitless tries, the best way to get rid of it was to take the drive and plug it to another computer (make sure that other computer is clean with AV & antispyware software up to date) and then perform a FULL scan of that drive with all the AV/antispyware software that you might have on it.

That's the only way that I got to get rid of it.

good luck

Link to comment
Share on other sites
ExTruckie

ExTruckie

Posted
  • Author
Posted

:hello: Well All I got it fixed I followed the advise from the Spyware Beware website. I am happy to report that all is well :whistle::thumbup

@extruckie, if you have that DNS changer trojan then you're in for a wild ride of desperation. no matter what you run, malwarebytes, hijack, av of any sort, spybot, reading on many of the forums that provide a handful of diff tools, etc...that **** thing wont leave. If you check your dns settings and you have an address that just wont go away then you have it.

I cleaned up a computer like that about 2 weeks ago. After fruitless tries, the best way to get rid of it was to take the drive and plug it to another computer (make sure that other computer is clean with AV & antispyware software up to date) and then perform a FULL scan of that drive with all the AV/antispyware software that you might have on it.

That's the only way that I got to get rid of it.

good luck

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...