Can access all except one website - help!!

D

dp

I cannot get to google.com. I can get to any other
website. The page tries to load but it takes forever and
then I get "page cannot be displayed". I have reset the
speed of the nic card to 100 full, cleared the internet
cache, lowered the History folder size to 5 days, lowered
the size of the temporary internet files folder to 10
megs, checked the security and privacy tabs in Internet
Explorer, upgraded to IE 6 Service Pack1, checked the
lmhosts files, all tcpip is dhcp. Still nothing. Nada.
Anybody ever seen this one? And yes I have tried
google.com and www.google.com and www.google.com.
 
M

Michel Halbaut

Same problem than yours. In addition, I can not search
the web using google, yahoo, hotbot, and msn... I called
the MSN service center to no avail. we tried a few things
but nothing works.

I will investigate the subject on my own and keep you
informed. Please do the same.

Thanks,

Michel
 
H

H Leboeuf

Qhosts virus/trojan, aka delude.

http://www.f-secure.com/v-descs/delude.shtml

NAME: Delude
ALIAS: Trojan.BAT.Startpage.a
Delude is a trojan that is available on a web page. The web page contains a
code that uses a vulnerability in the Internet Explorer (MS03-032) to
execute.
More information about the vulnerability, including a fix, is available from
Microsoft at:
http://www.microsoft.com/security/security_bulletins/ms03-032.asp
VARIANT: Delude.A
The HTA code available on a web page downloads a file "partyboy.exe" from an
ftp site and runs it. This file is is packed with UPX. It is a batch file
which was compiled to executable binary (".exe") using a BatToExe tool.
When executed, it changes the Internet Explorer start page to find-now.info.
It prevents access to the most major search engines such as Google, Yahoo,
Lycos, MSN and AltaVista. To do this it replaces the following file:

More:

http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.html
http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.removal.tool.html
http://vil.nai.com/vil/content/v_100719.htm
http://www.sophos.com/virusinfo/analyses/trojqhosts1.html

An other removal tool that has been used with success.
http://www.brown.edu/Facilities/CIS/Software_Services/virus/index.html
 
H

H Leboeuf

Qhosts virus/trojan, aka delude.

http://www.f-secure.com/v-descs/delude.shtml

NAME: Delude
ALIAS: Trojan.BAT.Startpage.a
Delude is a trojan that is available on a web page. The web page contains a
code that uses a vulnerability in the Internet Explorer (MS03-032) to
execute.
More information about the vulnerability, including a fix, is available from
Microsoft at:
http://www.microsoft.com/security/security_bulletins/ms03-032.asp
VARIANT: Delude.A
The HTA code available on a web page downloads a file "partyboy.exe" from an
ftp site and runs it. This file is is packed with UPX. It is a batch file
which was compiled to executable binary (".exe") using a BatToExe tool.
When executed, it changes the Internet Explorer start page to find-now.info.
It prevents access to the most major search engines such as Google, Yahoo,
Lycos, MSN and AltaVista. To do this it replaces the following file:

More:

http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.html
http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.removal.tool.html
http://vil.nai.com/vil/content/v_100719.htm
http://www.sophos.com/virusinfo/analyses/trojqhosts1.html

An other removal tool that has been used with success.
http://www.brown.edu/Facilities/CIS/Software_Services/virus/index.html
 
D

dp

Thanks so very much!
-----Original Message-----
Qhosts virus/trojan, aka delude.

http://www.f-secure.com/v-descs/delude.shtml

NAME: Delude
ALIAS: Trojan.BAT.Startpage.a
Delude is a trojan that is available on a web page. The web page contains a
code that uses a vulnerability in the Internet Explorer (MS03-032) to
execute.
More information about the vulnerability, including a fix, is available from
Microsoft at:
http://www.microsoft.com/security/security_bulletins/ms03- 032.asp
VARIANT: Delude.A
The HTA code available on a web page downloads a file "partyboy.exe" from an
ftp site and runs it. This file is is packed with UPX. It is a batch file
which was compiled to executable binary (".exe") using a BatToExe tool.
When executed, it changes the Internet Explorer start page to find-now.info.
It prevents access to the most major search engines such as Google, Yahoo,
Lycos, MSN and AltaVista. To do this it replaces the following file:

More:

http://securityresponse.symantec.com/avcenter/venc/data/tr ojan.qhosts.html
ojan.qhosts.removal.tool.html
http://vil.nai.com/vil/content/v_100719.htm
http://www.sophos.com/virusinfo/analyses/trojqhosts1.html

An other removal tool that has been used with success.
http://www.brown.edu/Facilities/CIS/Software_Services/viru s/index.html






.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

need help ---cant get to one website 2
Trouble accessing only 1 website! 4
ie 6 and google 1
unable to access a single web page 2
Cannot access website 2
Cannot access a specific website 7
typing full adress, cannot find pages, or cannot be displayed 1
Browser stuck on old proxy homepage! Won't reach any websites. 1

Top