Frank Saunders said:
Then you still need to eliminate the spyware that caused the problem:
See
Dealing with Unwanted Malware, Parasites, Toolbars and Search Engines
http://mvps.org/winhelp2002/unwanted.htm
Note that AdAware and SpyBot S & D will each catch some things the
other won't. Also, each needs to be updated with the program's update
function before every use, even when just downloaded. There's also a
lot more to do than just those two programs. CWShredder is also
available here:
http://www.intermute.com/products/cwshredder
**Post your HijackThis log to
http://forums.spywareinfo.com/
http://forums.tomcoyote.org/
http://castlecops.com/forum67.html
http://www.wilderssecurity.com/ or the Spyware forum at
http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not
here.**
Alternative download pages for Ad-Aware, Spybot, HijackThis and
CWShredder may be found on this page:
http://aumha.org/a/parasite.htm.
See this link for information about malware:
http://arstechnica.com/articles/paedia/malware.ars
If nothing there helps, please post back to this thread.
--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/
The reason I mentioned LSPfix is that the *removal* of some malware will
actually screw up your TCP layer. The removal of the malware's LSP will
break TCP so you cannot communicate anymore. So it is likely the OP
already used some anti-<something> product to remove spy/malware and
that is what broke his communications. Ad-Aware, Spybot S&D, MS/Giant
AntiSpyware, SpySweeper, PestPatrol, and other such products can
actually break your computer when using their, ahem, automatic
eradication procedures. That's why they should ALWAYS inform you
regarding *all* actions they intend to take BEFORE you let the tool
commit them. Alas, few actually do provide such a report and merely
give you a means of restoring back to the prior state before their
attempted eradication (which also may not work if the computer state has
changed significantly since the backup was made before eradication).
The anti-spy/malware tools aren't that good yet nor are they idiot-proof
so you still use them not just at-your-own-risk but instead
at-high-risk. I've had to fix several hosts after users let an
anti-spy/malware utility just go blindly authorize the tool to commit an
eradication. Those that blindly use these eradication tools are the
same one that blindly use registry cleanup tools, too. The user is
still the ultimate decision maker as to allowing the changes but
unfortunately the tools aren't always informative enough regarding what
changes they intend to make.
