Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Thwarted at every turn--brilliant infection.


  • This topic is locked This topic is locked
1 reply to this topic

#1 Barthenon

Barthenon

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:51 PM

Posted 01 December 2008 - 06:24 PM

Hi. Running Windows xp service pack 3.

Run AVG 8 daily and Malware bytes and Spybot regularly once a week. Windows Defender was also available and scanned during off hours.

Well, about three days ago, I started to get search redirects from both google and yahoo. the search returns fine, but every link go do different clickthru sites or a spyware website. About the same time, my AVG 8 starts failing to update. so I try it manually. Looks like something is looping the addy to 127.0.0.1. So I check the hosts file in /drivers/etc. There is a lot of stuff from Spybot immunization, nothing particularly out of the ordinary. Lots of faked AVG addresses, none blocking the download/update stuff.

So I try to spybot s&d. It shows an hourglass for a bit, and just sits there. AVG, in the current state it is in. will run for a bit, then the whole computer freezes. Malwarebytes is disabled like spybot.

All attempts to get to a legitimate location for a reasonable download of something gets looped to 127.0.0.1. They seem to use a pretty comprehensive list of sites. So far I have found no workaround.

Tried running both malwarebytes and spybot in safe mode, no dice. I am stumped what to do next. I am trying at this point to get hijackthis.exe on to the thing and maybe try to run it renamed. Please advise if there is some clever way to do this.

I was able to run hijackthis by renaming it, and rsit ran but didn't download anything. Postin the result in the proper forum.

Thanks.


Bart.

Edited by Barthenon, 01 December 2008 - 09:57 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 01 December 2008 - 11:31 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users