Posted 05 January 2009 - 04:09 PM
I left work on Friday with a computer that was working fine. Not a single problem with it...
I came in this morning to find that apparently my computer had not completely shutdown. I close the offending programs that were keeping it stuck on including Google Installer/Updater.
I reboot and as im going to a few normal sites, im getting oddly redirected to random pages.
I check F-Secure (Thats the virus scanner we use at work) and it doesnt notify me of an oddities. After that, I try to go to TrendMicro's Housecall only to get redirected to my local web server (I run a local PHP/MySQL stack). I try a number of other sites including BitDefender and even the site for Spybot S&D all to have them redirect to localhost. They arent redirecting in a manner that they change the URL in my address bar, but rather, its like a host entry that overrides it on the DNS level.
I also noticed that it didnt let MBAM run...
After a while, I started searching around for this specific problem, I found a couple threads, one of which pointed out that in some cases, people have a Non Plug-and-Play device installed called TDSSserv.sys that installs as a service and catches app/internet requests and filters them as it wants. They said, a resolution to allow you to get to antivirus sites and run anti-virus software was to Disable TDSSserv.sys from Device Manager. I did that but it didnt seem to fix anything immediately. However, I didnt reboot after disabling it, maybe I need to reboot for it to take effect?
They also mentioned that I could get MBAM to run by renaming the executable, which I did and it ran - My boss had me abort that scan and use SDFix from Safe-Mode. Im currently running SDFix, but it has been stuck on 50% Checked for at least an hour or more. The cursor is still blinking and I can move the mouse, but its just not going anywhere.
Has anyone had an issue like this where SDFix simply gets stuck at 50%?
Should I just kill SDFix, reboot and run MBAM and post the results here?