scans complete still no good :(

Im not sure what I have

I run a business out of my house and use Godaddy to host my website. To check my email I connect to email.domainname.com and login. Up until recently I have been able to check it on all my computers in the house, but now my main office computer gets an error:

Unable to connect
Firefox can't establish a connection to the server at email.secureserver.net.
* The site could be temporarily unavailable or too busy. Try again in a few moments.
* If you are unable to load any pages, check your computer's network connection.
* If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

I would assume there is something wrong with the site, but I have my laptop sitting next to me, and it connects without a problem I have tried popping the email into outlook and get the same error message.

When I try to connect to the site with IE6 I first get a Yahoo page that asks me if I meant something else, and if I keep trying to connect to my email it eventually adds a www.and an extra .com and directs me to porn related search engines, or gives me an error that the page does not exist. I have tried in Opera too, with similar results to Firefox.

I am hoping this forum would be able to help me out, or at least point me in the right direction. I am also wondering if it would be easier just to reformat the computer to fix the problem rather than go through the malware removal, I am willing to do whatever though. Thanks in advance for any help, and if you need more information from me I will be willing to submit.

Chris

 

Re: Im not sure what I have

Welcome to MajorGeeks.com, please follow our standard cleaning procedures:

Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

Downloading, Installing, and Running HijackThis

• Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around..

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:

• CounterSpy
• AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
• Bitdefender - from step 6
• Panda Scan - from step 6
• runkeys.txt - the log from GetRunKey.bat
• newfiles.txt - the log from ShowNew.bat
• HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!

 

Just as a recap, This is what I posted yesterday before doing any of the scans, I followed the tutorials and I am getting the same results as yesterday although I was getting a shockwave error that was causing mozilla to crash, and that appears to have stopped, but the secureserver still won't let me connect. I have my laptop right here and can connect with no problems, and I can also connect on my wm5 ppc, and the three other computers in the house.

I have run all the scans and I am still very much in need of help. Thanks in advance.

I run a business out of my house and use Godaddy to host my website. To check my email I connect to email.domainname.com and login. Up until recently I have been able to check it on all my computers in the house, but now my main office computer gets an error:

Unable to connect
Firefox can't establish a connection to the server at email.secureserver.net.
* The site could be temporarily unavailable or too busy. Try again in a few moments.
* If you are unable to load any pages, check your computer's network connection.
* If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

I would assume there is something wrong with the site, but I have my laptop sitting next to me, and it connects without a problem I have tried popping the email into outlook and get the same error message.

When I try to connect to the site with IE6 I first get a Yahoo page that asks me if I meant something else, and if I keep trying to connect to my email it eventually adds a www.and an extra .com and directs me to porn related search engines, or gives me an error that the page does not exist. I have tried in Opera too, with similar results to Firefox.

I am hoping this forum would be able to help me out, or at least point me in the right direction. I am also wondering if it would be easier just to reformat the computer to fix the problem rather than go through the malware removal, I am willing to do whatever though. Thanks in advance for any help, and if you need more information from me I will be willing to submit.

Chris

 

here is the second set of attachments.

Thanks

 

Download Pocket KillBox

• Save it to your desktop or a place easy to find.
• Do not run it yet

Please see this thread: WareOut Removal

Once you complete the above, fix the below entries in HJT.

Next, run CCleaner to clean up cookies and temp files.

Locate PocketKillbox
(Procede with this step even if they do not show in blue)

Now, Copy and Paste C:\WINDOWS\system32\kdvpg.exe into the box – If it exists, it will show up in Blue. Check the option to Delete on Reboot and Click the Red X and Yes to the confirmation message. A message will ask if you want to reboot now – Click YES and allow your PC to reboot.

• If you get an error message about Pending Operations, just reboot your computer manually.

Once you have completed this post, reboot once more and attach a fresh HJT log. Also let me know how things are running.

 

Everything seems to be working now, Here are the new HJT log, and the fixwareout log. The computer booted very slowly but this could have possibly been because of killbox?

Thanks for the help!

Chris

 

I posted the wrong HJT log, here is the right one, also the computer takes about 2.5 minutes to finish booting now is there anything else in there that might be causing that, I haven't uninstalled all these programs yet, I don't know if that could be a problem, possibly counterspy?

Thanks again

 

Your log looks good now, are you having any current problems?

 

Other than a 2.5 to 3 minute boot time, and 1-1.5 minute load time for IE and Mozilla, nothing really. This computer was just built in september and up until all this happened it would boot in about 15 seconds. I am not sure if there is anything else I can do to help this process or not, or if there is something else hidden in there that is causing this. Thanks again for the help with my original problem though, I didn't want to have to reformat the system I can not thank you enough if you have any thoughts on the boot/load times let me know.

Thanks again,
Chris

 

I doubt it's malware related however to confirm please run the below...

Please download Blacklight to its own folder...

F-Secure Blacklight

After download is complete, double click to run the program. Click "Accept" to procede. Then click SCAN to begin scanning your system.

Once the scan is complete it will attempt to clean the found infections. There should be a log in the folder that you ran the program from, attach this log to your next post along with a fresh HJT log.