So I know for a fact I am infected, but I can't download Ad-Aware or SpyBot S&D to diagnose/fix.
I already checked my hosts file (C:\Windows\System32\Drivers\etc\hosts) and it seems fine, it only has 1 uncommented line
127.0.0.1 localhostwhich is how it should be (IIRC).
I also checked my registry (\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath) to make sure it was pointing to the correct hosts file, and it is.
So what else could be blocking and redirecting my traffic?
I assume a rogue process?
Luckily I was able to download HiJackThis and run it (see attached).
Update: I was able to download Ad-Aware & SpyBot S&D from my clean computer and transfer the files to the infected computer. However when I installed them they were UN-ABLE to connect to their respective servers to get updates, so I assume the definitions aren't up-to-date. I am running Ad-Aware now, and will report back with the results when the scan is complete.
Update 2: Ad-Aware Crashed: <---Click to see larger
I also noticed that if I ping a url (i.e. ping safer-networking.org) I can get an IP, and when I plug that IP into my browser (FF3) it will connect to the site, but when I click on a link it can't connect (I assume because it reverts back to the hostname, not the IP, and whatever is infecting my rig is causing it to not connect)
I will try and run SpyBot S&D now and hope that it doesn't crash :fingers-crossed:
Update 3: SpyBot S&D scan complete: <---Click to see larger
WHAT, NO INFECTIONS, this can't be ???
None of the online anti-virus scan's mentioned in the prep guide work on my infected machine (because I can't connect to them from my browser) , so what do I do next?
Update 4: I guess my only other option is to try McAfee AVERT Stinger, I downloaded this on my working computer and transfered it to the infected one, and I tried scanning, and it just froze after about 20minutes worth of scanning
I give up, any idea's anyone ?
Edited by BassKozz, 27 August 2008 - 02:33 PM.