Unable To Access Antivirus Websites

Asus / N10j
May 20, 2009 at 05:01:05
Specs: Windows XP
Hi guys,

I too can't access any antivirus software
websites/utilities and was following an old
thread I came across on this website. Prior to
finding this thread I removed my bitdefender
antivirus software in order to attempt a re-
install. Consequently I could not do this of
course because I needed access to the
website which was in itself the problem.
The only other malware/spyware programs I
have on my computer are spybot, and RegTool
(which as far as I can tell is not significant as I
only have the registry fixer and not the
antivirus version).
I Installed the SDfix and ran it in safe mode,
after disabling Spybot and windows firewall as
instructed in the thread. However no Trojans
were reported in the log and it doesn't appear
to have made any difference to my situation...

I would really appreciate your help with this, I
have the report log from my initial SDfix and
will post it if you require it and can help me!

Many thanks in advance, I really appreciate it!


See More: Unable To Access Antivirus Websites

Report •

May 20, 2009 at 05:56:19
Please post log from SDfix and AVZ log.

Please post your AVZ log:

1) To create the logfile, download AVZ by clicking HERE. Please save this file to your desktop or "My Documents" folder.

2) Next, unpack the file to a new folder using the Compressed (zipped) folders wizard built into Windows XP/Vista, or a zip utility of your choice.

3) Once you have unpacked the contents of the zip archive, please launch the file AVZ.exe by double clicking on it or right clicking and selecting Open.
Note: If you are running Windows vista launch AVZ.exe by right clicking and selecting Run as Administrator

You should now see the main window of the AVZ utility. Please navigate to File->Custom Scripts. Copy the script below by using the keyboard shortcut CTRL+C or the corresponding option via right click.


Paste the script into the execution window by using CTRL+V keyboard shortcut, or the "paste" option via the right click menu. Click on Run to run the script, the PC will reboot. After the reboot the LOG subfolder is created in the folder with AVZ, with a file called virusinfo_syscure.zip inside. Upload that file to rapidshare.com and paste the link here.

Image Tutorial

To Private Message me Click Here

Report •

May 20, 2009 at 18:17:02
Hi Neoark,

Thanks for your help :)

Here's the AVZ log link:


and the SDFix report:

[b]SDFix: Version 1.240 [/b]
Run by Asus on Wed 05/20/2009 at 07:20 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Documents and

[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File


[b]Checking Files [/b]:

No Trojan Files Found

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware
detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-20 19:28:16
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services [/b]:

Authorized Application Key Export:

"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program


[b]Remaining Files [/b]:

[b]Files with Hidden Attributes [/b]:

Sat 21 Mar 2009 166,896 ..SHR ---
Mon 26 Jan 2009 1,740,632 A.SHR --- "C:\Program
Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program
Files\Spybot - Search & Destroy\SpybotSD.exe"
Thu 5 Mar 2009 2,260,480 A.SHR --- "C:\Program
Files\Spybot - Search & Destroy\TeaTimer.exe"


Report •

May 20, 2009 at 18:37:32
That is the wrong file i need virusinfo_syscure.zip.

To Private Message me Click Here

Report •

Related Solutions

May 20, 2009 at 19:05:42

Report •

May 20, 2009 at 19:23:12
Try this:
1) Change your DNS server to http://www.opendns.com/start/.

Check and see if you can access website. Still can't please provide traceroutes to those site's dns and ip.

To Private Message me Click Here

Report •

May 20, 2009 at 20:11:17
Ok, changed my server to open DNS.
No change, still can't access any antivirus websites.

Providing traceroutes is a bit beyond my technical know-how,
can you give me some instruction on how to do this?


Report •

May 20, 2009 at 20:46:08
How-TO: http://www.mediacollege.com/interne...

type this:

1) tracert www.bitdefender.com
2) tracert

You can post screenshots.

To Private Message me Click Here

Report •

May 20, 2009 at 23:53:04

I have posted the screenshot to rapidshare again.


I know that some of the text is cut off, but I cannot maximze
this window any further on my note book screen, and there is
no horizontal scrollbar at the foot of the window..

Is this good enough?

Report •

May 21, 2009 at 03:59:14
Yes seems like someone hijacked your dns servers. When you open http://www.opendns.com/welcome/ what do you see?

To Private Message me Click Here

Report •

May 21, 2009 at 07:54:02
I get a message saying:

"My request appears to have come from a proxy"

Report •

May 21, 2009 at 08:11:02
Well that is the problem. Are you connected to a router or connected directly to internet?

To Private Message me Click Here

Report •

May 21, 2009 at 09:52:13
I'm connected to the internet via a wireless connection from
my laptop. The main connection I use is via a router I think.

How serious is this problem? What is it possible for someone
that has highjacked my DNS server to do?

I have stopped using the internet from my machine since I
determined I had this virus (except for the procedures we have
followed followed throughout this post), but what about any
sensitive actions I might have undertaken before I was aware
of the problem?

Thanks again for your help- I really appreciate your

Report •

May 21, 2009 at 10:38:10
To cancel out possibility of virus/hijacking please follow these steps:

1) Scan you PC with kaspersky/bitdefender online antivirus scanner.

2) Run full scan with malwarebytes/superantispyware

Post your results for both the steps here. Also you might want to check your wireless router dns server setting and change them to opendns.com.

To Private Message me Click Here

Report •

May 21, 2009 at 17:57:32
I can't!

That's the problem, I cannot access ANY anitvirus
websites/scans/updates- I just get a browser message telling
me "oops! this link appears to be broken"

Report •

May 21, 2009 at 18:23:46
http://www.opendns.com/support/arti... << Read that and try to contact your ISP to find out what's going on. Also check DNS server setting on your router.

To Private Message me Click Here

Report •

May 21, 2009 at 20:17:43
You might be infected with virut. Please read http://www.symantec.com/security_re... carefully and follow direction. Other way to get rid of the virus is Antivirus bootdisk. ftp://ftp.kaspersky.com/devbuilds/RescueDisk/ Make sure you burn a bootdisk from clean PC. You can also try drweb's cureit: http://www.freedrweb.com/download+c...
Note: Run any scanner you choose twice to make sure infection is gone.

To Private Message me Click Here

Report •

May 25, 2009 at 03:56:00
Hi Neoark,

Thankfully I seem to have resolved the problem using a
combination of the tools you suggested.
I downloaded a bunch of the applications from a friends
computer and have run them to clean up my system.

Virut was not present on my system. After scanning twice
with the symantec fixvirut software.

Malwarebytes discovered:
Registry Data Items Infected:
heckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) ->
No action taken.
This was removed using Malwarebytes

Spybot found 2 Trojans:
Win32.OnLineGames: [SBI $EBE375E3] Settings (Registry
key, nothing done)
WinDHCPsvc Win32.OnLineGames: [SBI $DE0EC3B0]
Settings (Registry key, nothing done)
Spybot fixed these.

DrWebCureit was the software that actually seems to have
fixed the issue though.. following report:

RegUBP2b-Asus.reg;C:\Documents and Settings\All
Users\Application Data\Spybot - Search &
SDFix.exe\SDFix\apps\Process.exe;C:\Documents and
SDFix.exe;C:\Documents and
Settings\Asus\Desktop\VirusFix;Archive contains infected
Process.exe;C:\Documents and

Now I have reinstalled Bitdefender and am running a third
(second full) system scan with DrWebCureit.
I have full access to the webpages for antivirus packages
again. :)

Please advise me if there are any further actions I should

If not, thankyou wholeheartedly for your time and your help!!

Report •

May 25, 2009 at 04:02:33
Above log doesn't really show anything except some clean up. You might want to run full scan with bitdefender and Kaspersky AVP tool ( http://devbuilds.kaspersky-labs.com... ). Post the scan results.

To Private Message me Click Here

Report •

May 25, 2009 at 18:15:49
Did I contract this in the bitdefender software?!?

Kapersky says about ieshow.exe file:
"File contains virus & cannot be disinfected: write access is
denied." It will only allow me to 'skip' the item.

The log is 38Mb of text! A summary is below do you want me
to upload the whole log somewhere?

Scanned: 732002
Detected: 4
Untreated: 1
Start time: 5/25/2009 8:29:44 PM
Duration: 12:26:49
Finish time: 5/26/2009 8:56:33 AM

Status Object
------ ------
detected: virus Heur.Trojan.Generic (modification) File:
c:\program files\bitdefender\bitdefender 2009\ieshow.exe
quarantined: virus Heur.Trojan.Generic (modification) File:
C:\Documents and Settings\Asus\Local Settings\Temporary
not found: virus Heur.Trojan.Generic (modification) File:
C:\Program Files\Common Files\BitDefender\Setup
not found: virus Heur.Trojan.Generic (modification) File:
C:\System Volume Information\_restore{F805D318-DB22-

Report •

May 25, 2009 at 18:22:29
Can you please upload that file to rapidshare.com and private message me the download link.

File: c:\program files\bitdefender\bitdefender 2009\ieshow.exe
I am pretty sure its false positive detection. But want to make sure of it.

To Private Message me Click Here

Report •

May 25, 2009 at 19:36:07
Its a false alarm. Just ignore it for now. It should be fixed soon. Your original problem is resovled correct any other problems?

To Private Message me Click Here

Report •

May 25, 2009 at 19:45:43
That's a relief :)

Correct. Everything seems to be running ok now, Thanks for
all the assistance.

Report •

Ask Question