Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Nov 2003
Posts: 478
A
UGN Member
OP Offline
UGN Member
A
Joined: Nov 2003
Posts: 478
2 new things that I am having to deal with.

I can not show hidden files. The option in view, advanced settings are there but it reverts back to "Do not show...".

Second thing is that I can't access any Microsoft websites. I only noticed that when I was trying to upgrade MS livecam software. All other websites work.

In conclusion: I really need to format and upgrade to WIN7. Which I will do as soon as a service pack is made available.
Until then I am still on XP SP2.

There are a few fixes for these problems out there.
I am not willing to go into the registry and change values, (one of the fixes) as that usually creates more problems but it seems like the easiest one.

As for unable to access the MS website and extensions. Meh.

I downloaded NOD32 anti virus and it is slow as.

Regmech, Spybot S&D, I have used and they do not fix these 2 problems. I have a feeling Spybot isn't working that well these days.

Can send you a HJT log if you are interested.


Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
I was about to say, it sounds like you have some sort of malware installed that won't allow you to visit M$ websites (as live update is one of them and would usually fix an issue).

I'm thinking that whatever it is likely overwrote your hosts file blocking M$ sites as well as some others as well.

You should get Ad Aware, Spybot, and Avast ASAP.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Joined: Mar 2002
Posts: 256
Likes: 1
UGN Security Staff
Offline
UGN Security Staff
Joined: Mar 2002
Posts: 256
Likes: 1
Yeah, def sounds like you're infected. I would use only 3rd party browsers, Microsoft Internet Explorer is easily exploited. I've had better luck with Mozilla Firefox. As a temporary solution try going to Start -> Run, "msconfig" [ok]. (Keyboard shortcut Windows+R). Msconfig will have a "startup" column, thats one of the more common ways a virus will start itself up. I would just use the "disable all" nothing in their is needed and if there was something that you notice you were accustomed to that is no longer starting up, it would be easier to find... Don't believe anything that claims to be a "Microsoft" program. There is a company SysInternals, which is now owned by Microsoft... They make a utility called AutoRuns, and it is much more in-depth -- if msconfig doesn't cut it, try that. Really though, unless you disassemble the virus after locating it and having confidence that you know what it did, I'd backup your data and re-format.

Joined: Dec 2009
Posts: 4
R
UGN Newbie
Offline
UGN Newbie
R
Joined: Dec 2009
Posts: 4
Boot from Linux and try visiting the same Microsoft websites? I have done a lot of de-virus for food money (college kid) but have never seen a virus that prohibits visiting Microsoft websites. I just spent about 6 months doing research on bot nets and virus payloads, one of the sub topics was AV effectiveness, Trend Micro did the best for its price (we only tested the personal usage ones). If you know the processes your computer runs pretty well you could go threw the [censored] of manually disabling each one until you hit the one that usually isn't there (I believe mean dormancy on viruses was around 4 months to avoid detection) which probably wont allow you to disable it, download an app and go from there. If you send me a zip of the log files I can probably take a look of them in a few hours (I am stuck on the comp any way, motor cycle accident). Anyway first post, hope I can help.

O personal note, would shy away from multiple AV's, they tend to bog down system resources as you stated and the companies have a tendency to dislike competing software and do not try their hardest to allow for harmonious coding.

Least you don't have Vista

Joined: Mar 2002
Posts: 256
Likes: 1
UGN Security Staff
Offline
UGN Security Staff
Joined: Mar 2002
Posts: 256
Likes: 1
As for blocked websites, check the "hosts" file.

By default it is located in: %SystemRoot%\System32\drivers\etc %SystemRoot% is an environment variable, often C:\windows

But it is possible that a virus could change the registry value that tcpip.sys uses to locate the host file... HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath

In there you will see lines such as this:
Code
127.0.0.1	localhost


The system by default is configured to check this hosts file before bothering to resort to DNS. This has many useful applications, but in your case they've used it to prevent you from updating your system... Which makes me think the virus exploited your unpatched windows machine. Remember to keep up to date. Remove the suspect lines, other than the line I listed this file should be pretty much empty if you haven't applied some "Ad Block"ing software.

Joined: Nov 2003
Posts: 478
A
UGN Member
OP Offline
UGN Member
A
Joined: Nov 2003
Posts: 478
thanks for the help. fixed both problems.

though the hidden files thing sometimes reoccurs. I do note that multiple AV programs slows the sys down. But then again I've always known and still do it.
They even tell you.


Joined: Mar 2002
Posts: 256
Likes: 1
UGN Security Staff
Offline
UGN Security Staff
Joined: Mar 2002
Posts: 256
Likes: 1
If the problem is still recurring it sounds like your still infected. I usually end up reinstalling windows, you don't need to necessarily reformat, though if backing up your data isn't a problem I recommend it because it is "cleaner". You can install windows on a drive that has windows installed already, it will just change the path of the windows folder. Then when you login as administrator under the new setup you can go find your old files or try using the file and settings transfer wizard tool available from Microsoft. Anti Virus really works best for prevention. Don't use your computer for "sensitive" things like logging in to websites. They could be watching what you type =p. Edit "C:\boot.ini" to remove your old windows install from the boot list and you wont have to wait 30 seconds or press enter.

Joined: Nov 2003
Posts: 478
A
UGN Member
OP Offline
UGN Member
A
Joined: Nov 2003
Posts: 478
thanks ninjaneo. I'm definitely reinstalling windows soon. I think she actually has the conflickter worm as well lol. It is so infected. Not only that, they (virus) find their way on all my flash drives and I have a feeling it's also on my seagate portable HDD.

Im going to explode if once im done reinstalling xp, the seagate freeagent infects it again (while i transfer my backup-ed files).



Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5