Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spybot, Hijackthis, Sdfix, Internet all NOT working


  • Please log in to reply
29 replies to this topic

#1 viperkp

viperkp

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 19 November 2008 - 09:28 PM

Hey Guys,

By now, I'm very frustrated but I'll do my best to explain my situation as clearly and succinctly as possible.

I was doing some work earlier today, and all of a sudden, a red circle with a white X shows up on the bottom right of screen stating, "Your computer is infected". I started typing in "registry cleaners" into google and every single link that I'd click on would be sent to BS websites for stopzilla or generic websites that contain links to download registry cleaners. I typed in ad-aware and spybot and same result. Any link that would help me in getting rid of my "infection" would be deflected to a BS website. So I went back to my AVG and update does not work. Trouble connecting to server. So I DL Spybot and Ad-Aware from downloads.com and install. Spybot had problems installing because I had checked "Download updates immediately" and it would say "Cannot connect to server". So i installed it without updates and tried to run it and nothing happens. No error message, no cmd prompt flashing; nothing. So I install Ad-Aware and this time it can update. Run it and get rid of random things.

Search online on my buddy's comp, since mine won't work. I tried HijackThis but it doesn't start. Tried again in Safe Mode; nothing. DL SDFix and nothing. Also DLed Malwarebyte Anti-Malware and nothing.

Please, if anyone can help, I would greatly appreciate it. I've already reformatted my computer numerous times and cringe at the thought of having to do it again. I thank everyone in advance for any help they can give me.

I'm runing XP with the latest service pack. I will provide any additional info to help with a fix.

Edited by viperkp, 19 November 2008 - 09:31 PM.


BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:08:51 PM

Posted 19 November 2008 - 09:44 PM

Have you tried loading and running sdfix on the infected computer in safe mode?
Chewy

No. Try not. Do... or do not. There is no try.

#3 viperkp

viperkp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 19 November 2008 - 10:04 PM

Yes, I've tried running all applications listed both in normal as well as safe mode

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:51 AM

Posted 19 November 2008 - 10:10 PM

What happens if you try to run a scan with AVG in Safe Mode?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 viperkp

viperkp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 19 November 2008 - 10:24 PM

I'm sorry, I forgot to mention that AVG and Ad-Aware both do work in normal mode. Should I run them again in Safe Mode?

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:51 AM

Posted 19 November 2008 - 10:26 PM

Yeah - try scanning with them in Safe Mode
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 viperkp

viperkp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 19 November 2008 - 10:27 PM

Will do. It'll take a while so I'll be back later. Thanks guys.

#8 viperkp

viperkp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 19 November 2008 - 10:37 PM

AVG is currently running as a "command-line module". A CMD window is up and it's scanning that way. Apparantly, that's the only way for it to scan in Safe Mode. Tried running Ad-Aware and this Error came up:
"Exception EAccessViolation in module Ad-Aware.exe at 001DA25C. Access violation at address 005DA25C in module 'Ad-Aware.exe'. Read of address 00000418"

#9 viperkp

viperkp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 19 November 2008 - 10:40 PM

AVG did find C:\\windows\brastk.exe Trojan Horse Downloader.Zlob.AGWH. Also infected in C:\\WINDOWS\system32\brastk.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\brastk Found registry key with reference to infected file C:\\windows\brastk.exe

Edited by viperkp, 19 November 2008 - 10:43 PM.


#10 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:51 AM

Posted 19 November 2008 - 10:56 PM

Is your system running any better after the AVG scan?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#11 viperkp

viperkp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 19 November 2008 - 11:01 PM

It's actually still running. I'm just putting up what it's stating so I can possibly get help in determining what the next step is. It also came up with "Trojan Horse Downloader.Wimad.F"

#12 viperkp

viperkp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 20 November 2008 - 12:15 AM

ok, so i went back and it was finally done, but nothing on the screen. The cmd prompt was done and closed and it was just the desktop. I didn't get a chance to look over what was found or even if it deleted the trojans. I'm so ready to just format my comp...can someone please help? i realize each situation is unique so I can't really blame anyone for not knowing what's going on. But thank you for trying. I would really love some insight as to what to do next....and going back to normal mode, everything is still the same. still says I'm infected....SDFix, Spybot, and Malwarebyte not opening...

Edited by viperkp, 20 November 2008 - 12:17 AM.


#13 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:51 AM

Posted 20 November 2008 - 12:32 AM

What happens when you try to run SDFix?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#14 viperkp

viperkp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 20 November 2008 - 01:16 AM

it doesn't open. the little hourglass will show up for a split second and then disappear and nothing. same with Malwarebyte, and Spybot.

#15 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:08:51 PM

Posted 20 November 2008 - 11:13 AM

Your infection sounds pretty bad

You could try making a bootable linux cd on another computer and working from it

I would just reload myself

Avira AntiVir Rescue System
Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to:

repair a damaged system,

rescue data,

scan the system for virus infections.

Just double-click on the rescue system package to burn it to a CD/DVD. You can then use this CD/DVD to boot your computer.
The Avira AntiVir Rescue System is updated several times a day so that the most recent security updates are always available.

http://www.free-av.com/en/tools/12/avira_a...cue_system.html

Edited by DaChew, 20 November 2008 - 11:13 AM.

Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users