Discussion
Has anyone had problems recently with this nasty little virus? Hope someone can help me....
I had it dropped on me via MS Messneger last night. I blocked the install request but it appeared in Windows Prefetch. Deleted that lot and ran a registry check using Unhackme.
Now I'm experiencing some odd behaviours which I can't solve
Quick Launch toolbar disappeared so I reinstalled it (tickbox had been cleared!). Things seem ok now but I can't can't access Paypal (directly or via ebay) or Amazon (perhaps more?!), with Firefox or IE.
I can access other https sites such as "my ebay" and other "normal" sites, including my hotmail account.
So why can't I get into the previous two mentioned???
I could only get into the amazon site via IP address, didn't work with paypal...Amazon then said I should enable cookies...but they are!
Anything to do with this Worm thing above? I done so much fiddling about I could easily have messed with something in the registry, but why only affect the two sites (so far!)?
Might be worth mentioning I've used both Amazon and Paypal to pay for items in the past few days...also, running through a router with XP pro, my partners laptop n the same connection is not having problems so it's definitely my system
Any ideas....?
wrinx
I had it dropped on me via MS Messneger last night. I blocked the install request but it appeared in Windows Prefetch. Deleted that lot and ran a registry check using Unhackme.
Now I'm experiencing some odd behaviours which I can't solve
Quick Launch toolbar disappeared so I reinstalled it (tickbox had been cleared!). Things seem ok now but I can't can't access Paypal (directly or via ebay) or Amazon (perhaps more?!), with Firefox or IE.
I can access other https sites such as "my ebay" and other "normal" sites, including my hotmail account.
So why can't I get into the previous two mentioned???
I could only get into the amazon site via IP address, didn't work with paypal...Amazon then said I should enable cookies...but they are!
Anything to do with this Worm thing above? I done so much fiddling about I could easily have messed with something in the registry, but why only affect the two sites (so far!)?
Might be worth mentioning I've used both Amazon and Paypal to pay for items in the past few days...also, running through a router with XP pro, my partners laptop n the same connection is not having problems so it's definitely my system
Any ideas....?
wrinx
Edited by wrinx on Sunday 10th February 20:03
:lol: Thanks or your reply, just been looking at that file after reading http://www.howtofixcomputers.com/bb/ftopic139500.h... of them are "txt" files, but are SAM, MSN, ICS and BACKUP files???
Only websites mentioned are:
"hosts" file
127.0.0.1 localhost
"HOST.ICS" file is empty
"lmhosts" SAM file has lots of info about stuff but no info about sites.
"networks" has "loopback 127"
"protocol" has the following:
ip 0 IP # Internet protocol
icmp 1 ICMP # Internet control message protocol
ggp 3 GGP # Gateway-gateway protocol
tcp 6 TCP # Transmission control protocol
egp 8 EGP # Exterior gateway protocol
pup 12 PUP # PARC universal packet protocol
udp 17 UDP # User datagram protocol
hmp 20 HMP # Host monitoring protocol
xns-idp 22 XNS-IDP # Xerox NS IDP
rdp 27 RDP # "reliable datagram" protocol
rvd 66 RVD # MIT remote virtual disk
...and finally,the "service file" has port numbers for well-known services defined by IANA.
None of which makes much sense to me!
wrinx
Only websites mentioned are:
"hosts" file
127.0.0.1 localhost
"HOST.ICS" file is empty
"lmhosts" SAM file has lots of info about stuff but no info about sites.
"networks" has "loopback 127"
"protocol" has the following:
ip 0 IP # Internet protocol
icmp 1 ICMP # Internet control message protocol
ggp 3 GGP # Gateway-gateway protocol
tcp 6 TCP # Transmission control protocol
egp 8 EGP # Exterior gateway protocol
pup 12 PUP # PARC universal packet protocol
udp 17 UDP # User datagram protocol
hmp 20 HMP # Host monitoring protocol
xns-idp 22 XNS-IDP # Xerox NS IDP
rdp 27 RDP # "reliable datagram" protocol
rvd 66 RVD # MIT remote virtual disk
...and finally,the "service file" has port numbers for well-known services defined by IANA.
None of which makes much sense to me!
wrinx
Edited by wrinx on Sunday 10th February 23:42
Edited by wrinx on Monday 11th February 00:11
Spokey said:
.... the sneaky buggers leave a large chunk of blank space and then create a lot of entries with 127.0.0.1 as the IP address. Delete all of these from the hosts file and then you should be good.
I only have one entry in the host file....and it's that one!So I should delete it....but why aren't there any more???
Already deleted the virus but is didn't din it's way into the registry afaik, been running various bits of software for what seems like all day! :lol:
(edit....found out what you mean, lots of white space and more entries!).
wrinx
Edited by wrinx on Monday 11th February 00:26
Spokey said:
wrinx said:
Pretty sure 
I've run two different programs Registry Mechanic, Unhackme and Registry Booster, several times since last night.
Will do another check tomorrow...
wrinx
Start|Run I've run two different programs Registry Mechanic, Unhackme and Registry Booster, several times since last night.Will do another check tomorrow...
wrinx
Type in "regedit" (without the quotes)
Press enter
Move to the top and click on "My Computer"
Ctrl+F
Type in "wkssvc.exe" (without the quotes)
Press enter
wrinx
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff