jenniwilliams
asked on
Cannot access any Anti-virus websites, live updates etc.
Recently My computer encountered a problem with the internet. When I went to specific sites such as google, utoronto.ca and download.com, I'd be able to browse the sites but when I did a google search or download, I got a redirected page of "Search the Web" - which was spyware. Apropos to be exact. So after some difficulty Ad-aware got rid of it. Unfortunately, after we got rid of it my internet just stopped working.
We took a number of steps to fix this:
1) Checked file/drive consistency
2) Rollback to a week ago Restore Point
3) Debated corrupted sock5 file
4) Unplugged and plugged router etc.
Then we made a drastic move and just reinstalled windows again to renew any corrupted files. I know it isn’t a problem with the internet itself because my roommate runs off the same router and her internet was fine. After reinstalling windows, the internet was still down.
So my friend guessed maybe my IP address was blocked somehow so he changed the IP and internet worked fine. However, when I downloaded Norton off a cd, I could not do a Live Update.
I could neither access any anti-virus websites. After using an online anti-virus scanner – Microworld – I discovered the agrobot virus. It got rid of it and right after I was finally able to update my virus definitions. However when I rebooted the virus was back and I could not access live update or any ant-virus websites (Grisoft AVG, Symantec Norton, Mc Afee).
Any ideas to what I may have or how I may fix it?
Thanks,
Jenni
We took a number of steps to fix this:
1) Checked file/drive consistency
2) Rollback to a week ago Restore Point
3) Debated corrupted sock5 file
4) Unplugged and plugged router etc.
Then we made a drastic move and just reinstalled windows again to renew any corrupted files. I know it isn’t a problem with the internet itself because my roommate runs off the same router and her internet was fine. After reinstalling windows, the internet was still down.
So my friend guessed maybe my IP address was blocked somehow so he changed the IP and internet worked fine. However, when I downloaded Norton off a cd, I could not do a Live Update.
I could neither access any anti-virus websites. After using an online anti-virus scanner – Microworld – I discovered the agrobot virus. It got rid of it and right after I was finally able to update my virus definitions. However when I rebooted the virus was back and I could not access live update or any ant-virus websites (Grisoft AVG, Symantec Norton, Mc Afee).
Any ideas to what I may have or how I may fix it?
Thanks,
Jenni
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Debugging IIS Deadlocks and Blockings - e.g. if you have a dllhost.exe that consumes 100% CPU.
http://www.windowswebsolutions.com/Articles/Index.cfm?ArticleID=22276
http://www.windowswebsolutions.com/Articles/Index.cfm?ArticleID=22276
ASKER
The correct name of the virus is agobot, not agrobot, sorry for the error. This is an example of a virus search log for the virus:
File C:\WINDOWS\System32\regsvc
****
I followed JohnK813's advice and found these--
127.0.0.1 update.symantec.com
127.0.0.1 updates.symantec.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 customer.symantec.com
127.0.0.1 rads.mcafee.com
127.0.0.1 trendmicro.com
127.0.0.1 www.trendmicro.com
127.0.0.1 www.grisoft.com
There were more lines top of that but those are just to name a few. Since JohnK813 had said to look for 0.0.0.0 I wasn't sure if I should delete any of the lines. Still I experimented and deleted "127.0.0.1 mcafee.com" and was finally able to access the site. Perhaps because I am on a network that is shared the IP 0.0.0.0 would not be the same but -- 127.0.0.1.
I have finally updated my Virus Definitions properly and am running a Virus Scan right now and I sincerely want to give my thanks. I was considering bringing my computer in to a shop so I'm grateful that I got a response that worked.
trywaredk - Thanks as well, but I checked my task manager and it seemed my CPU usage was normal. I checked out the site for more information - it's good to know all possibilities.
Thanks again,
Jenni
File C:\WINDOWS\System32\regsvc
****
I followed JohnK813's advice and found these--
127.0.0.1 update.symantec.com
127.0.0.1 updates.symantec.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 customer.symantec.com
127.0.0.1 rads.mcafee.com
127.0.0.1 trendmicro.com
127.0.0.1 www.trendmicro.com
127.0.0.1 www.grisoft.com
There were more lines top of that but those are just to name a few. Since JohnK813 had said to look for 0.0.0.0 I wasn't sure if I should delete any of the lines. Still I experimented and deleted "127.0.0.1 mcafee.com" and was finally able to access the site. Perhaps because I am on a network that is shared the IP 0.0.0.0 would not be the same but -- 127.0.0.1.
I have finally updated my Virus Definitions properly and am running a Virus Scan right now and I sincerely want to give my thanks. I was considering bringing my computer in to a shop so I'm grateful that I got a response that worked.
trywaredk - Thanks as well, but I checked my task manager and it seemed my CPU usage was normal. I checked out the site for more information - it's good to know all possibilities.
Thanks again,
Jenni
:o) Your welcome
BTW: The hosts file is used for redirecting an url, and the ip-number in front of an url, means to redirect the use of the url to the ip-number instead.
127.0.0.1 is your own computer. Thus typing www.trendmicro.com in your browser, you are not getting www.trendmicro.com, but your own computer, so "nothing happens"
BTW: The hosts file is used for redirecting an url, and the ip-number in front of an url, means to redirect the use of the url to the ip-number instead.
127.0.0.1 is your own computer. Thus typing www.trendmicro.com in your browser, you are not getting www.trendmicro.com, but your own computer, so "nothing happens"
i have the same problem.
i fixed the file hosts as sugested, but the problem wasn't fixed. i still can't access antivirus websites
i fixed the file hosts as sugested, but the problem wasn't fixed. i still can't access antivirus websites
HAD -
Piggybacking a question like this isn't liked too well around here, unfortunately. If you'd like, you can ask your own question (check the left column, under Page Options), and I'm sure there are tons of experts who would be glad to help with your situation. In fact, if you post a link to your new question here, I'll take a look and try to help you myself.
Cheers,
John
Piggybacking a question like this isn't liked too well around here, unfortunately. If you'd like, you can ask your own question (check the left column, under Page Options), and I'm sure there are tons of experts who would be glad to help with your situation. In fact, if you post a link to your new question here, I'll take a look and try to help you myself.
Cheers,
John
Dear Mr johnK813
Sorry if my post wasn't up to your level. I myself am an IT manager and was trying to share with you the problem i was facing.
after cleaning the file hosts, and restarting the computer, the line i deleted are rewritten.
I updated the virus definitions and scan my PC. nothing was found.
i got the Gaobot removal tool. nothing was found.
does any one have suggestion ??
Sorry if my post wasn't up to your level. I myself am an IT manager and was trying to share with you the problem i was facing.
after cleaning the file hosts, and restarting the computer, the line i deleted are rewritten.
I updated the virus definitions and scan my PC. nothing was found.
i got the Gaobot removal tool. nothing was found.
does any one have suggestion ??
HAD -
I didn't mean to insult you or your question in any way. It's a very good question and a very common and annoying situation. I was just trying to be helpful and inform you of the way things are done around here before someone tries to accuse you of cheating the system (see here for more information: https://www.experts-exchange.com/Community_Support/help.jsp#hi107).
If you open a new question, there will be many experts offering many suggestions to try to help you. But, by posting here, you only have the attention of me, trywaredk, and jenniwilliams. And, since Jenni's problem is solved, she may be getting annoyed by receiving an email each time one of us posts a comment to this thread. So, it's really in your best interest to open a new question.
As for your situation, I'd suggest checking your system restore points and using a few of the spy/adware removal tools listed here: http:Q_20975384.html But, as I said before, open a new question, and you'll receive many more suggestions and help by people who may know more about your problem than I do.
I didn't mean to insult you or your question in any way. It's a very good question and a very common and annoying situation. I was just trying to be helpful and inform you of the way things are done around here before someone tries to accuse you of cheating the system (see here for more information: https://www.experts-exchange.com/Community_Support/help.jsp#hi107).
If you open a new question, there will be many experts offering many suggestions to try to help you. But, by posting here, you only have the attention of me, trywaredk, and jenniwilliams. And, since Jenni's problem is solved, she may be getting annoyed by receiving an email each time one of us posts a comment to this thread. So, it's really in your best interest to open a new question.
As for your situation, I'd suggest checking your system restore points and using a few of the spy/adware removal tools listed here: http:Q_20975384.html But, as I said before, open a new question, and you'll receive many more suggestions and help by people who may know more about your problem than I do.
hat's the correct name of the virus?
Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark
:o) Your brain is like a parachute. It works best when it's open