Technology, Support, and News Forum

[jrcserver1 Profile]

I'm running an XP machine and in the last two days I've noticed network connectivity to be very slow on the computer. After a reboot, it is fine. I suspected a virus so I ran a full Symantec scan (not sure how the computer got a virus, since Symantec was enabled the whole time). It found two viruses/worms (I don't have the computer with me right so, so I don't recall the names). I deleted the infected files and then ran a Spybot scan -- it also found a couple of things which I removed.

At this point, all scans come back negative but it is still causing me hell -- websites redirect to adware sites, network is slow, etc. I tried to reboot into safe mode and run another scan, but when I try to enter safe mode the computer reboots.

I searched the net for "removal" tools for both of these viruses, but there didn't seem to be any. Symantec's website just recommended a full scan of the computer to remove the virus.

Any suggestions would be appreciated.

[mnemonicj Profile]

I don't think the viruses are the issue anymore, I think the damage that did the viruses is. You are not the first person I know to have Symantec and still get viruses. One place to start would be to look at your hosts file and see if the viruses edited it to forward you to adware web pages.

Your hosts file is here:
C:\WINDOWS\system32\drivers\etc

Open it with notepad and it should look like this. Anything more could be added by the viruses.

Code: Select all

 Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost

[augie]

Try the NOD32 fully functional trial AV app. I don't use NOD(free apps for me) but many here swear by it! Very often that alone takes care of the buggers. Some other good ones are SUPERAntiSpyware and Malwarebytes Anti-Malware, the free versions have a great scan/removal capability. Not being able to boot into safe-mode is problematical. Can you at least kill system restore as those things often hide in there. Good luck!