Blocked Update and Sites

Discussion in 'Windows Update' started by mic, Dec 3, 2008.

  1. mic

    mic Guest

    Our small home network is one XP computer and a wirless network connected
    through a router to a DSL modem.
    Recently, all windows updates and Mcafee updates ceased. Websites for these
    services and many other virus/malware sites became unaccessible-- the browser
    indicates that it is not connected to the web. If these sites are approached
    through Google, the browser is randomly redirected to a variety of websites.
    Wireless-connected computers are able to access all sites and appear
    unaffected.
    Use of several virus/malware products downloaded via a different computer
    and manually installed detected nothing, but the MS product did find a
    trojan, which was eliminated (unfortunately, I did not record the name, and
    there is no activity log in the product). After the trojan was removed, the
    problem still continues.
    Any ideas would be welcomed.
    Thank you.
     
    mic, Dec 3, 2008
    #1
    1. Advertisements

  2. mic

    S-bair Guest

    I seem to be having the same problem to 'mic', this time in England. In
    addition I cannot get onto the update or security areas of the Microsoft
    website to check that my system is up to date.

    This problem is also interfering with updates from any security website that
    I use in conjunction with Microsoft products. i.e. AVG, Superantispyware,
    Smitfraudfix, CCleaner. These I used to get rid of a Trojan a while ago but
    now they seem to be blocked and all I get is the unable to connect screen,
    but the connection checker comes back +ve. Anyone any Ideas please post:-

    Also anyone at Microsoft reading this please send some help!
     
    S-bair, Dec 3, 2008
    #2
    1. Advertisements

  3. Sounds like a DNS.Changer infection to me. If so, you'll have to clean all
    networked machines *and* either reset or reinstall the router, else a
    machine will be reinfected within seconds of being connected to the network
    and/or router.

    1. See if you can download/run the MSRT manually:
    http://www.microsoft.com/security/malwareremove/default.mspx

    2. Run this online scan (in safe mode w/networking, if need be):
    http://onecare.live.com/site/en-us/center/howsafe.htm

    3. Run additional checks for hijackware, including posting your hijackthis
    log to an appropriate forum.

    Checking for/Help with Hijackware
    http://aumha.org/a/parasite.htm
    http://aumha.org/a/quickfix.htm
    http://aumha.net/viewtopic.php?t=5878
    http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
    http://mvps.org/winhelp2002/unwanted.htm
    http://inetexplorer.mvps.org/data/prevention.htm
    http://inetexplorer.mvps.org/tshoot.html
    http://www.mvps.org/sramesh2k/Malware_Defence.htm
    http://defendingyourmachine2.blogspot.com/
    http://www.elephantboycomputers.com/page2.html#Removing_Malware

    When all else fails, HijackThis v2.0.2
    (http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use (in
    conjuction with some other utilities). HijackThis will NOT fix anything on
    its own, but it will help you to both identify and remove any
    hijackware/spyware with assistance from an expert. **Post your log to
    http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
    http://forums.spybot.info/forumdisplay.php?f=22,
    http://aumha.net/viewforum.php?f=30, or another appropriate forum for review
    by an expert in such matters, not here.**

    If the procedures look too complex - and there is no shame in admitting this
    isn't your cup of tea - take the machine to a local, reputable and
    independent (i.e., not BigBoxStoreUSA) computer repair shop.
    =====================
    Start a free Windows Update support incident request:
    https://support.microsoft.com/oas/default.aspx?gprid=6527

    Support for Windows Update:
    http://support.microsoft.com/gp/wusupport

    For home users, no-charge support is available by calling 1-866-PCSAFETY in
    the United States and in Canada or by contacting your local Microsoft
    subsidiary. There is no-charge for support calls that are associated with
    security updates.
     
    PA Bear [MS MVP], Dec 3, 2008
    #3
  4. mic

    S-bair Guest

    Thank you for your post PA Bear.

    Working my way down the list of things given, put the One Care Safety
    Scanner on & went to bed! In the morning it Identified 2 Tojans:-

    - Win32/FakeXPA
    - Downloader:Win 32

    and removed these, great.

    then when we tried Google we were diverted to random sites. Then I couldn't
    get through to "http://aumha.org/downloads/hijackthis.exe" but could get
    through to your discussion groups at "aumha.net" but again not the ".org"
    site

    Do these Hijackers attack certain file names and not others? I ran the
    "onecarelive" in safe mode and it said my system was clear. Then again I was
    diverted when I tried connecting through Google, could it be a problem with
    the Google Site? I've nothing to compare it with as Installing 'onecare'
    removed Yahoo via AVG when it was installed.

    Again thanks for the Help. any more would be very much appreciated

    Kind regards

    S-bair
    Darlington, near Yorkshire
     
    S-bair, Dec 4, 2008
    #4
  5. I suspect you do have a DNS.Changer infection on your hands.

    Repost:
    That means that even though OneCare gave the machine a clean bill of health
    the second time around, you're going to be back at square one if you haven't
    also (1) cleaned all networked machines *and* (2) either reset or reinstall
    the router *before* connecting any/all machines to the router and network
    again.

    Repost:
    In your case, you'd need to take all of the machines and the router to the
    shop. Good luck, this is a real nasty one.

    NB: It is NOT safe for any of the machines to be connected to the internet
    in their current state!
    --
    ~Robear Dyer (PA Bear)
    MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
    AumHa VSOP & Admin http://aumha.net
    DTS-L http://dts-l.net/
     
    PA Bear [MS MVP], Dec 5, 2008
    #5
  6. mic

    mic Guest

    Thank you for all the advice. I had already tried most of your suggestions
    (from a previous post by anothe victim). But, I tried it all again and reset
    and reconnected the network. The problem has not resolved. Curiously, other
    machines on the same network are not affected by this problem.
    Is it possible that the registry has been changed? Is there a way to
    reinstall or clean the registry?
    Thank you.
     
    mic, Dec 8, 2008
    #6
  7. See Step #3 in my first reply to this thread.
     
    PA Bear [MS MVP], Dec 8, 2008
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.