Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Win32.Simda - Some domains blocked, forced compatibility mode?

26 Feb 2015   #1
Dunge

Win8.1 x64
 
 
Win32.Simda - Some domains blocked, forced compatibility mode?

Got a virus last Friday, Windows Defender identified as Win32.Simda. MalwareBytes cleaned most of it.

Windows Defender, MalwareBytes (anti-malware & anti-rookit), AdwCleaner, Hitman Pro, ESET Smart Security, Kaspersky Virus Removal Tool, Kaspersky TDSSKiller, RogueKiller, Microsoft Safety Scanner, RKill... nothing find any infection.

Safe mode don't change anything. Network works fine when booting on another HD/OS on the same computer.

The only symptoms I have are:
-Many domains blocked, in browser AND application. Anti-virus won't connect to databases, Windows update won't work, etc. List so far include: microsoft.com, eset.com, bleepingcomputer.com, virustotal.com, steampowered.com, gamespot.com, facebook.com, cnet.com, ign.com, probably tons of others. Facebook and Steam seems to connect, but it block when trying to connect to akamaihd.net for additional content. But other sites like youtube and reddit works just fine.

-If I create a new Windows user, it configure IE network setting to use a proxy (localhost:64955) and it wouldn't connect to any site, presumably because the virus service got cleaned out. Removing the proxy setting, I get the same domain blocked symptoms.

ESET Simda Cleaner Utility tells me I'm using an unsupported version of Windows.
Is there some registry key forcing compatibility mode?

GMER log attached, it found some things (that FRST/FSS/SystemLook wouldn't find).




Attached Files
File Type: txt gmer log.txt (5.7 KB, 1 views)
My System SpecsSystem Spec
.
02 Mar 2015   #2
Dunge

Win8.1 x64
 
 

This is a follow up in case anyone else get this:

The ESET support guys found the problem after trying many many thing. By deleting the Windows ipsec policy branch under regedit and rebooted, it finally fixed it. They told me it's a known threat that usually only infect Russian PCs (I'm in Canada).
My System SpecsSystem Spec
Reply

 Win32.Simda - Some domains blocked, forced compatibility mode?




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Windows Live mail "blocked senders/domains" does not work?
Can someone explain why the "blocked sender/domain list" facility does not work please? I have blocked the same senders both with the blocked senders as well as the blocked domain lists in WLM so many times, & they just keep coming back? I also have Mailwasher ,use it all the time, but the "bounce...
Browsers & Mail
Windows 7 Restarts from Forced Sleep Mode
Hello all, I would just like to start off by saying that this is my first post. So, thank you in advance for taking the time to read this. As the title suggests, I am having issues waking my computer. I have read through numerous threads with this same problem, but none of them seem to be...
Performance & Maintenance
Internet Explorer 10 is forced in 64bit mode
We have a computer where IE10 is forced to run in 64bit mode Even when following options are off needed to run 64bit IE10: - Protected Mode - Enhanced Protected Mode - UAC Is there another option that might explain why it's forced to run 64bit?
Browsers & Mail
Autochk.exe won't run in Win32 mode
I have run the sfc /scannow and as a result I have a corrupted autochk.exe file. I have six instances of this on the sfcdetails.txt file that was created on my Desktop. When I try to administer the file the response is that the file cannot run in Win32 mode. I want to replace this if needed. I...
General Discussion
Domains Being Blocked After New Installation
Hi, this is my first post here. i recently upgraded my computer from Vista to Windows 7, and upon opening my browser and trying to access http://www.4chan.org, i get this message: This domain is blocked. Site blocked. 4chan is not allowed on this network. ...
Network & Sharing
Forced classic mode and aero problems
Hi guys, I wanted some advice, as I'm getting sick and tired of these issues I'm having with w7 and I've been at this issue for hours. Basically, I left my desktop on overnight as always, and I woke up thismorning to find that the taskbar, windows etc are all forced into a classic theme. ...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:20.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App