Re: Virus preventing me from doing an update
From: Gary Burton (gbNOSPAM_at_pvbb.net)
Date: 11/08/04
- Next message: LTKhoo: "How to remove spyware-added link in Tools menu ?"
- Previous message: Gary Burton: "Re: Big problems with IE6"
- In reply to: Frank Saunders, MS-MVP: "Re: Virus preventing me from doing an update"
- Next in thread: Frank Saunders, MS-MVP IE/OE: "Re: Virus preventing me from doing an update"
- Reply: Frank Saunders, MS-MVP IE/OE: "Re: Virus preventing me from doing an update"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 7 Nov 2004 17:52:39 -0800
I still have the problem. Please stick with me a little longer. I
really appreciate your help. I got good suggestions from 3 people, of which
you were one. The information in this combined response will be relevant to
all three of you, if you are still willing to help me.
Here is what I have tried:
I have run all of the following scumware scanners. I have updated the
definitions unless otherwise stated. In the cases when I didn't update, it
was because I got a "Can't find server" error when I tried to update.
AdAware
SpyBot S&D
Pest Patrol. (Couldn't update). This was very encouraging because it
found several problems the other programs didn't find a problem with
references to Windowsupd2, but removing all of them did not allow me to log
on to the Windows Update site. A second scan with Pest Patrol found
nothing.
BHO Demon 2.0 (Couldn't update)
CW Shredder (Couldn't update)
HijackThis: I could only muster the courage to attempt to fix the O10
items (Hijacks of Winsock). I had 6 entries, and they were all the same:
"O10-Unknown file in Winsock LSP: c:\Windows\system32\jdmmbc.dll". My
courage was wasted because HijackThis never really deleted the entries. the
first time I tried, I was told that HijackThis could not delete the entries.
I tried it again several times anyway. On the repeat tries I wasn't not
told anything, but a re-scan showed them to still be there. I also had a
hits in the R0, R1, R3, O2, O4, O8, and O16 entries, but I did nothing about
them because the type descriptions did not seem to relate to my problem.
It seems like HijackThis could have been on the right track, but I was
not able to make it work.
I'm stumped again. Can you take me to another step?
"Frank Saunders, MS-MVP" <franksaunders@mvps.org> wrote in message
news:OOupIwLxEHA.1192@tk2msftngp13.phx.gbl...
> "Gary Burton" <gbNOSPAM@pvbb.net> wrote in message
> news:uQASJ0HxEHA.1452@TK2MSFTNGP11.phx.gbl
> > My computer has apparently been infected with a virus that is not
> > caught by the latest versions of Norton Antivirus or AdAware. It may
> > be that one of the recent security updates would fixt this problem.
> > However the virus interferes with some websites -- most noteably it
> > prevents me from logging on to the Windows Update website via IE6. I
> > can log on to it with my other networked computer over the same
> > internet connection. I just performed an update on the second
> > computer, but I am at a loss as to what to do on my main computer.
> >
> > I downloaded Firefox, but I think the same virus may be
> > preventing me from using it. The installation seemed to go OK, but
> > as soon as I try to open it, I get "The connection was refused when
> > attempting to log on to Mozilla.com". FireFox initializes to the
> > extent that I can type in other URLs, but I get the same message for
> > any URL I try to connect to.
> >
> > I don't often get this stumped. I need some expert help.
>
> First eliminate any scumware.
> See
> Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
> http://mvps.org/winhelp2002/unwanted.htm
>
> Note that AdAware and SpyBot S & D will each catch some things the other
> won't. Also, each needs to be updated with the program's update function
> before every use, even when just downloaded. There's also a lot more to
do
> than just those two programs. CWShredder is also available here:
> http://www.kellys-korner-xp.com/regs_edits/cwshredder.zip
> **Post your HijackThis log to
> http://forums.spywareinfo.com/ or the Spyware forum at
> http://forum.aumha.org/ for expert analysis, not here.**
> Alternative download pages for Ad-Aware, Spybot, HijackThis and CWShredder
> may be found on this page:
> http://aumha.org/a/parasite.htm.
> CAUTION!!!!! Before you try to remove spyware using any of the programs
> below, download a copy of LSPFIX from any of the following sites:
> http://www.cexx.org/lspfix.htm
> http://www.spychecker.com/program/winsockxpfix.html
> (if your OS is Win2k or XP) The process of removing certain malware may
kill
> your internet connection. If this should occur, this program, LSPFIX, will
> enable you to regain your connection.
>
> Windows Update Fails:
> Disable your anti-virus when obtaining the updates.
> Make sure that your firewall is allowing the connection to Windows Update
.
> This would be on ports 80 and 443.
> http://v4.windowsupdate.microsoft.com/en/default.asp
> If no joy - http://v4.windowsupdate.microsoft.com/troubleshoot/
> Windows Update Checklist
> http://www3.telus.net/dandemar/updtcl.htm
> This newsgroup is read by MS staff:
> news://msnews.microsoft.com/microsoft.public.windowsupdate
>
> --
> Frank Saunders, MS-MVP, IE/OE
> Please respond in Newsgroup only. Do not send email
> http://www.fjsmjs.com
> Protect your PC
> http://www.microsoft.com/security/protect/
>
>
- Next message: LTKhoo: "How to remove spyware-added link in Tools menu ?"
- Previous message: Gary Burton: "Re: Big problems with IE6"
- In reply to: Frank Saunders, MS-MVP: "Re: Virus preventing me from doing an update"
- Next in thread: Frank Saunders, MS-MVP IE/OE: "Re: Virus preventing me from doing an update"
- Reply: Frank Saunders, MS-MVP IE/OE: "Re: Virus preventing me from doing an update"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
