Virus

[Gary Richardson]

Bit more info on the Sears issue.

http://news.yahoo.com/s/pcworld/1409...j_Qz9qvBIDW7oF

[skydog]

Gary...not a good month. I went over my girl friend's house tonight and now she can't get on the internet . I called the cable company and we checked the connection. I went to run>cmd and checked for an IP number and had a good one. When in did a "ping" I had no connection/response. I reset the computer to an earlier date when I know there was a connection and still no connection. Any ideas?

[Gary Richardson]

Which browser are you using, do you get a connection if you use an alternate browser?

Have you altered your hosts file at all? (some infections do this).

Easiest just to re-set it to default as follows.

Quote:

Download HostsXpert and unzip it to your computer, somewhere where you can find it.

• Double click on HostsXpert.exe (the icon that's an orange circle with a big letter h) to launch the programme.
• Check to see if top button on left hand side says Make Writable ?
  • If it does. click on it then proceed to next instruction.
  • If not, just proceed to next instruction
• Click on Restore MS Hosts File to restore your Hosts file to its default condition.
• When prompted to confirm, click OK.
• Click on Make Read Only ? to secure it against further infection.
• Exit the programme.

Her Firewall could be blocking her, check Firewall settings. Alternately switch off her Firewall (if it's a 3rd Party installation) and switch on Windows Firewall, then see if you can connect. (Don't try to connect without a Firewall).



Her LSP (Layered Service Protocols) could be corrupted.

Can you run HJT on her computer and send me a log please.

Quote:

Download HJTInstall.exe to your Desktop.

• Doubleclick HJTInstall.exe to install it.
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
• Click on Install.
• It will create a HijackThis icon on the desktop.
• Once installed, it will launch Hijackthis.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Copy/Paste the log to your next reply please.
• Don't use the Analyse This button, its findings are dangerous if misinterpreted.
• Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Note: As you are unable to DL the programmes using your GF's computer, you'll have to DL them yourself to a USB disk (or CD/DVD) and transfer them to her computer.

[skydog]

I'll do as you say. I did look at control panel>Network Internet Connections>Nework Connections and found the connections locked. I also thought I had a firewall problem. I started up in safemode and still locked. I went to windows security and turned off the firewall and was now unlocked. I tried to connect and still no connection but I still had an IP address...just no ping.

The computer is using XP (Swamp I know I know) and explorer (I need to check the version) but I suspect the latest because there is a Favorite center on the top.

[Gary Richardson]

OK, reset her hosts and send me a HJT log, that'll give me the chance to see if her problem is virus related or not, and whether her LSP stack looks OK.

[Gary Richardson]

Here's a worrying thought for you all, is your Camera/MP3 player/Memory Card or any other USB memory device carrying an infection?

http://www.informationweek.com/news/...leID=205210426

Quote:

They are not practical for mass attacks (you have to buy, prep, and distribute the drives). We don't believe it's a significant trend. It's not cost effective."

The bigger fear, said Haley, would be that a manufacturer might unwittingly put malware on a device of some sort.

That appears to be just what happened to the maker of the Victory LT-200 MP3 player, according to a blog post published on Friday by Kaspersky Lab researcher Roel Schouwenberg. The manufacturer "told us they were aware that a few months ago there was a partially infected batch of these MP3 players, and that they'd taken steps to fix the problem," he said.

[Gary Richardson]

Report of first Rogue Anti-Spyware programme for Macs

http://www.f-secure.com/weblog/archives/00001362.html

I hope that no one here would be foolish enough to fall for this, but please be aware that this kind of thing exists, and knowing the writers of this thing, there will be a whole lot more appearing.

[skydog]

Gary...thanks for the support. By the time I got back to the computer the problem had been fixed. Her daughter had spend six hours on the phone with microsoft customer support and the problem was fixed. She has no idea what they did, but fortunately the problem was resolved. I have no idea what that cost either.

[Gary Richardson]

Glad the problem got resolved, hope it didn't cost her too much, the one thing M$ do know how to do is make money.

Thanks for the update.