PDA

View Full Version : Windows xp pro problem



Grumpybear2000
04-25-2009, 02:58 PM
Everytime i try to go to windows update it takes to google main page,
also when i try to connect to other sites goes to other weird sites.
Its a fresh copy of windows just set it up, reloaded because was doing
same thing earlier today. Deleted partition before reloading.

peat moss
04-26-2009, 04:21 AM
Grumpy , google Browser hijacker . That's what it sounds like some goofy malware .

Grumpybear2000
04-26-2009, 05:13 AM
just cant work out why it works fine on dial up but goes crazy on adsl for some reason. tried everything when i do a search and try to go to the page this comes up the top "http://results.yahoo.com/" then could go anywhere.

Chewie
04-26-2009, 06:50 AM
If this is on a fresh install then it sounds like the disc is pre-infected with some sort of malware.

Grumpybear2000
04-26-2009, 07:16 AM
Been same disk have had for years, have connected other computer to my connection and it does same thing. But why does everything work 100% no problem with dial-up yet when i use my adsl it plays up and wont work right

zapjb
04-26-2009, 08:40 AM
I believe some malware leaves dialup machines alone. As the connection is too slow to be sold as a bot.

Grumpybear2000
04-26-2009, 11:07 AM
looks like the modem a netcomm NB6 modem router has malaware or a virus in it. Never heard of it but did a search and there is a story where it is happening in australia. Just need answers as how to fix it.

peat moss
04-26-2009, 02:21 PM
Grumpy , don't know how true this quote is but ...



"It's quite easy to tell if a router has been compromised. Check which DNS
servers the router is using. If they aren't from your ISP the router has
been compromised. Formatting or reinstalling your OS would have no affect
at all on this. The wrong DNS settings would still exist in your router.
Flashing the router's firmware then setting a strong password and
disabling uPnP are the steps to take to correct the problem. If you think
they redirected you to a bad site that installed malware then yes, to fix
that you may need to format and reinstall the OS."

zapjb
04-26-2009, 10:10 PM
Cool I learned something. :cool:

peat moss
04-26-2009, 10:46 PM
I found it here :

http://www.windowsbbs.com/malware-virus-removal/announcements.html

Some interesting security topics . like a new program to scan running processes called DDS , its like Hyjackthis

VinX
04-27-2009, 09:07 PM
cool link peat .. just chked it out

orphess
04-27-2009, 09:23 PM
Everytime i try to go to windows update it takes to google main page,
also when i try to connect to other sites goes to other weird sites.
Its a fresh copy of windows just set it up, reloaded because was doing
same thing earlier today. Deleted partition before reloading.

Do you get the same result when entering http://update.microsoft.com (http://update.microsoft.com) in Internet Explorer as when clicking Start --> All Programs --> Windows Update ?

VinX
05-05-2009, 09:05 PM
well it definately looks like a malware .. just format and install fresh copy of windows

peat moss
05-06-2009, 03:39 AM
well it definately looks like a malware .. just format and install fresh copy of windows



Very simple but he already formatted and that's not the problem ? I'm curious too if Grumpy got it fixed tho . ;)

Grumpybear2000
05-07-2009, 09:19 AM
Just got computer back from shop still nothing found wrong with computer, waiting to hear back from netcomm

peat moss
05-08-2009, 03:22 AM
Just got computer back from shop still nothing found wrong with computer, waiting to hear back from netcomm


Very frustrating eh ? The experts can't finger it out , what chance do we have ? :lol: Stay the course and keep us up to date . ;)

bumrocks
05-08-2009, 03:59 AM
I found it here :

http://www.windowsbbs.com/malware-virus-removal/announcements.html

Some interesting security topics . like a new program to scan running processes called DDS , its like Hyjackthis

Looks like a useful forum actually. Bookmarked.

Yeah, this seems to be a very unusual case here. Out of interest and the fact that I fix computers and have never heard of this I am also interested in the updates on this.

peat moss
05-08-2009, 04:11 AM
Ya bumrocks , its useful for when you try and fix your porn lovin friends computers . :whistling


New install but butt head buddie gets trojan from some porn site , ask why and he tells me it asks for a codec to view said porn movie . I explain that I installed every codec know to man so he could surf said sites . He said not the movie he wanted ...... :dabs:

bumrocks
05-09-2009, 06:28 AM
Yeah, if it isn't my porn lovin friends it is their grade school kids...

At least your friend is honest, too! Most of the time mine play dumb. Particularly the one who I found that obviously liked tranny porn...Regularly cleaning his laptops or formatting them! True story!

Well, waiting for an update on this guy. Would like to see it resolved so we can know where the culprit is! Will check back later!

Grumpybear2000
05-18-2009, 07:25 AM
Ok over the weekend we connected 2 of my computers to my son in laws internet service and guess what both computer worked spot on. Next we took out his modem and connected mine in place of his, he is running Vista and it would not even look like starting or doing anything wouldnt even reconized the modem at all. After it tried loading up popped a message saying malware error and wouldnt doing anything more. We retried again same error, next we updated the firmware and retried to log to the internet, and fired up and connected in seconds. That proves netcomm nb6 modems can be infected with malware.

peat moss
05-18-2009, 12:39 PM
So it works now ? That's good news Grumpy , I did some searching and found a how to for updating firmware . Might help someone else in the future .


http://support.iprimus.com.au/index.php?option=com_content&task=view&id=543&Itemid=203


http://www.netcomm.com.au/support

saulin
05-18-2009, 02:59 PM
Just got computer back from shop still nothing found wrong with computer, waiting to hear back from netcomm

I would have fixed that issue for you. They don't know what they are doing whereever you took it.

First of all if can you access sites by IP?

If you can, then it's DNS. Your DNS must be hijacked by malware. Can you access the sites in safe mode with networking. Have you reset all your IE settings to defaults and have you tried a winsock fix? I would run dial-a-fix with all options enabled, I would run smitfraudfix and combofix and if that doesn't fix it last but no least I would reinstall the nework card drivers.

Also to prevent this from happenign again, you should be installing your security software as soon as you load the OS.

Also tools like hijackthis can tell you if you have dns redirect malware. But really the tools that I mentioned above should get you going if not reinstalling the network card driver should. Smitfraudfix checks and cleans your host and lmhost file if it has been altered. Dial-A-Fix fixes windows updates issues, windows installer issues, issues where important windows files are not properly registered, it also does a winsock fix. But you have to click the little hammer to go to the tools menu where you can reset all network settings as well.


Ok over the weekend we connected 2 of my computers to my son in laws internet service and guess what both computer worked spot on. Next we took out his modem and connected mine in place of his, he is running Vista and it would not even look like starting or doing anything wouldnt even reconized the modem at all. After it tried loading up popped a message saying malware error and wouldnt doing anything more. We retried again same error, next we updated the firmware and retried to log to the internet, and fired up and connected in seconds. That proves netcomm nb6 modems can be infected with malware.

But is this the first time it happened? Where you using the same firmware before? That's kind of messed up how a modem can be infected with malware? It's a good call to update the firmware but still, I would probably ask my ISP for a different modem if that's the case. Also maybe all you really needed to do was reset your modem/router settings to defaults and reconfigure anything you need to configure.

Frankthetank1
05-18-2009, 08:57 PM
u ever try hijack this? it is really good and they will help u untill your problem is fixed. You usually need a valid copy of windows though or just make sure the name of it isnt the name of a pirated version of windows in the logs u send them.

http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

lynx
05-18-2009, 11:02 PM
Don't you just wish people would read the thread before running off at the mouth (or in this case keyboard).