Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected w/ Malware


  • Please log in to reply
1 reply to this topic

#1 Grime

Grime

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 09 March 2009 - 12:01 AM

I've never had spyware or malware I couldn't figure out how to remove before, but this one is really stumping me...

I downloaded several malware removal tools, but none of them find a problem. When I try to update them they all fail, and when I ping the update server it responds with 127.0.0.1. The hosts file is clean however. I found my DNS servers had been changed, but I fixed that, and it doesn't seem to be reseting them to incorrect servers anymore, but still can't get to the update servers.

It's also putting a hidden .com file in my recycle bin and an autorun.inf file in the root of all my drive partitions that calls the .com file. These keep replicating whenever I remove them. I first noticed the problem when clicking on links on search pages such as Windows Live and Google. When I clicked a link instead of taking me to the correct page it would take me to siteik.com, and then immediately redirect to http://someipaddress/.... which then displays various advertisements.

HijackThis didn't seem to find anything worth noting. I've tried SDFix which didn't help.... I'm really lost on this one. Help please...

Thanks.

BC AdBot (Login to Remove)

 


#2 dyaus7

dyaus7

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 10 March 2009 - 06:18 PM

When I clicked a link instead of taking me to the correct page it would take me to siteik.com, and then immediately redirect to http://someipaddress/.... which then displays various advertisements.

I'm getting that as well.

Some other curious symptoms:

When I view my network connections, there's nothing listed even though I have internet connectivity. After a few moments I'm greeted with "The Network Connections Folder was unable to retrieve the list of Network adapters on your machine. Please make sure that the Network Connections service is enabled and running." The Network Connections service is started. Restarting it yielded no change.

I have the Windows XP default (blue) theme. A few minutes after my computer being on, the theme mysteriously changes itself to classic.

Spybot's website, safer-networking.org, is unreachable (can't even ping it). Consequently I can't install Spybot even after downloading it from a different site because it evidently downloads extra files during the install process.

Operating system is sluggish. Likes to hang for long periods of time.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users