Not sure if this is the right place, but here it goes:
Yesterday I was having problems while on my g/fs Parents PC which connects to the internet through DSL from Verizon. While surfing the web & chatting on aim, the CIS automatic updated kept popping up saying that it failed to updated & that there was a problem with my internet connection when the internet was working just fine.
So, I uninstalled CIS thinking I’d just use the XP SP2 firewall which is good enough for what her parents use the internet for (checking the lottery website mostly) and just use a good anti-virus program. After the program was uninstalled and I removed any registry traces, I tried to enable the XP SP2 firewall, but wasn’t able to; everything was greyed out. I also have not been able to visit ANY websites that pertain to anti-virus, firewalls or anti-spyware. So I can’t visit any sites from Comodo, AVG, Norton, Eset, etc… on that pc after uninstalling CIS…what’s going on here?
I’m able to view other sites just fine like yahoo, google, espn, etc.; just not any sites for internet protection.
First I want you to look up the Hosts file and see if there are redirections in it. YOu can find it under system32\drivers\etc\ . Right click on it and disable read only (also make sure none of your security programs protects it). Then right click again and choose Open then choose to open with Notepad.
When opened remove all entries that look like: 127.0.0.1 www.blabla.com except for 127.0.0.1 localhost (that one needs to be there at anytime). Now close and save. Notice this file has no extension
When there were additional enties try surfing to the sites of security program vendors.
When that doesn’t work out download the following programs from another computer and install them on the other computer and let them scan:
Super Antispyware
Malwarebytes antimalware
Spybot Search and Destroy
A squared Free
Spy Sweeper trial version
Let them scan and see what it brings. Notice you may be not able to update them.
My hosts is fine, that’s 1 of the first things I looked at once I realized that I was only able to visit certain sites and since I wasn’t able to view any sites to run scans I figured maybe an infection. I’ll try the files you listed this weekend.
Ok, so I got to take a ■■■■■ at the machine tonight. I ran all the suggested software and while it did find and remove the trojans/malware/adware it found, it didn’t fix the problem of being able to visit sites with anything to due with removing viruses/trojans/malware/etc…
I noticed that the PC had a fat32 recovery partition…so I scanned that and it came up clean. I also deleted the restore points it had, which aren’t many because I just recently turned the option on…
I’m stumped. I was going to run the XP CD to delete the fat32 partition next time I’m over the g/fs parents house, but I wanted some more options to try while I’m there…
The fat32 recovery partition is probably the only way you can restore that computer, are you sure you want to delete it?
It’s quite likely that the computer is still infected. You’re best bet would be to post on a forum that specializes in malware removal, like GeeksToGO, WhatTheTech or Spyware Beware.