Re: Cannot access some websites after virus cleaning


Alex schreef:
Hi,

I experience huge issues with my laptop since I was infected by Virtumonde earlier this week.

I managed to clean Virtumonde by using spybot, but even though the virus seems to have disappeared, I still experience huge problems with Internet browsing.

I can access some websites like Lenovo, FreeCall, Free, my router, my bank,

but I cannot access other websites such as www.lemonde.fr, linkedin, facebook, oanda, smartmoney...

that's weird, that seem that a pipe is blocked or something filtering the DNS, only allowing some sites... but ping and resolving is OK!

I tried flushing DNS to no avail, I have cleared all my caches and temp files to no avail, I have tried with deactivating the fw to no avail... I dont know what to do...

I could not find anything on the Internet...

Here is the symptom: when I start www.facebook.com (or another website), firefox displays Waiting for www.facebook.com... in the status bar and nothing else happens....

The problem is also similar with IE7 and I cannot access Windows Update.

I tried upgrading to Firefox 3, but the problem remains. I am on Windows XP OEM SP2... I am hesitating installing SP3, I don't think that would solve the problem.

I checked my router and it seems OK, since other PC on the same router have no problem accessing any website.

I think the mess was created when I tried to eradicate the virus... also my MS Office seems corrupted, when I try to launch Excel, he asks for CD. Winword and Outlook are fine though.

I have been using Windows PCs for 15 years and I am an IT professional, but that's the first time I see something like that. I am getting crazy...

Any help would be very much appreciated; do u think I should reinstall Windows, or is there anything else I could try? Any kind of test to indentify the problem?

Cheers,

Alex


Hi Alex,

I don't know what screwed up Office, but if you cannot reach some websites, try this:
1) In C:\WINDOWS\system32\drivers\etc you will find a file named hosts.
(It has no extension.)
Op this in notepad.

It should only contain a bunch of comments that start with # and:
127.0.0.1 localhost
unless you added more by hand.

Do you see more?
I am no virusexpert, so I don't know the one you described, but some malware likes to change your hosts file, in such a way it can fool you.
eg, you type:
www.mybank.com

but you end up on a completely different site that tries to get your logincredentials.

Could that be your problem?
(If you are in doubt and see more entries than 127.0.0.1 localhost, just delete them all.)

Regards,
Erwin Moller
.

Relevant Pages

  • Cannot access some websites after virus cleaning
    ... I managed to clean Virtumonde by using spybot, ... I can access some websites like Lenovo, FreeCall, Free, my router, my bank, ... The problem is also similar with IE7 and I cannot access Windows Update. ...
    (microsoft.public.windowsxp.general)
  • Re: Crashes With ERROR Message
    ... Then When I Could Not Send Email to CONACTS on Websites Like ... "How to determine which version of Internet Explorer is installed". ... So I Clicked MICROSOFT WINDOWS. ... Thats Why I Should UN INSTALL IE 6 & Re Install IE 7 ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: NetSurf and JavaScript
    ... superb enough to get you into 99% of websites - it even does Google Maps. ... The Windows 95 comment and the old hardware were separate issues. ... Firefox does to here - in fact, NetSurf and Firefox take approximately ...
    (comp.sys.acorn.apps)
  • Re: Suggestions please
    ... I mentioned my OS and browser because websites should work in different ... More people using Windows are turning to Mozilla (or its ... want a real html editor. ...
    (microsoft.public.windowsxp.general)
  • Re: OFT say you have our attention on M$
    ... > Okay but don't you think that is the fault of the program ... > the program makers not making linux versions. ... Similarly for websites, although nowadays that's a much weaker ... > If the companies attached themselves to versions of windows and mac ...
    (uk.comp.os.linux)