Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't use Internet Explorer and other programs


  • Please log in to reply

#16
eaglet

eaglet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hi happyrck

Yes I did that. Rebooted and the result was as I described in my last post. i.e. it made no difference.

Regards

eaglet

Edited by eaglet, 29 August 2008 - 03:18 AM.

  • 0

Advertisements


#17
happyrock

happyrock

    Tech Moderator

  • Retired Staff
  • 9,285 posts
at this point I would back up my data and do a fresh install...
maybe someone else has a idea...
  • 0

#18
eaglet

eaglet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Do you mean a reinstall of my operating system???
  • 0

#19
happyrock

happyrock

    Tech Moderator

  • Retired Staff
  • 9,285 posts
yep
  • 0

#20
eaglet

eaglet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hi happyrck

As I was reluctant to do a reinstall I tried at Aumha to see if they could help. They identified the problem as malware after all. They said it was a rootkit DNS Changer, often associated with Vundo and Zlob.

They have managed to get rid of it and the system is working fine now:

http://aumha.net/vie...hp?f=30&t=35775

Should I tell your malware people for future reference?

Thanks for all your help anyway.

regards

eaglet

Edited by eaglet, 02 September 2008 - 03:16 AM.

  • 0

#21
happyrock

happyrock

    Tech Moderator

  • Retired Staff
  • 9,285 posts
yes ...by all means tell them.... post in your old thread or start a new topic and tell them what happened and give them the link to your thread there...they may learn a new trick
  • 0

#22
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,833 posts
Hello eaglet,

I have been following your thread so am aware of what has been happening.

I have also consulted with my moderator about this and we have looked at the Aumha topic and seen the scans.

The ComboFix tool has picked up something but as far as we can tell it is not DNS Changer.

If you go to the link below you can watch a video on how DNS Changer works.



You can also go here to read about "C:\WINDOWS\system32\REGOBJ.DLL" which is a legitimate file deleted at Aumha.

http://www.nateirwin...ll-Problem.aspx

The items ComboFix picked up should have shown in our scans if they were infected.

I am not sure what we can learn from this.

The main thing though is that we are aware of it and that you have solved your problem.

regards
emeraldnzl
  • 0

#23
happyrock

happyrock

    Tech Moderator

  • Retired Staff
  • 9,285 posts
I believe it was the proxy redirecting you to 80.240.57.XXX:XX..that was causing your problem
( I replaced the last 5 digits withX's to keep anyone from going there)... possible drive by downloads..??
posted screenshot of it though
  • 0

#24
eaglet

eaglet

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Well at least the problem is resolved. Thanks again for all your time and effort guys.

Regards

eaglet
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP