Hello
I’m infected with some malware and I just don’t know how to get its name to get started with my investigation about its removal … anyone knows?
I cannot connect to any antivirus site (unless by a proxy). When I tried a DNS for any site of those the address returned is 127.0.0.1
Also, the notepad crashed when I run it saying that windows blocked it for safety reasons or whatever.
The bug also avoids me from running scanners and setup files for scanners like spybot … I had to rename the file to anythin else at that point only, the program can run.
any knowledge about that ?
thanks
Can you schedule a boot time scan with avast!? Right click the scanner screen, select ‘schedule a boot time scan’ and reboot when requested.
If you can download files on another computer and burn to disk, try the following, but rename the files before burning:
Try a scan with DrWeb CureIT!
and post a HijackThis! log.
The blocks are probably in the Hosts file. Delete it and Windows will create a new one. You can find the location here:
http://en.wikipedia.org/wiki/Hosts_file
Hello
thanks amigo!
I will do that as soon as I get back home. In fact I downloaded avast already into a flash memory from my work place and I will try it at home and make a boot scan. I had this in my mind today.
I will also try the other scan and get a HJT log (it’s gona be hard one to get since notepad is not working but I think I can get it somehow).
But is there any idea about the name of this thing!?!?!? couldn’t find any descriptions for it!
There are many viruses/worms/Trojans that do this.
Good luck anyway!
ah not my lucky day anyway!!
thanks again!
I will get back to the thread after trying this at home!
Hi Sean :
Try installing the FREE “HostsXpert” program available at
www.funkytoad.com/content/view/13/31 and using either its “Restore MS
Hosts” and/or “Remove Block Items” feature to resolve the “problem” .
IF successful, then run as many antiSPYWARE/antiTROJAN programs you have
on the computer ; we usually recommend the FREE Ver of
“SUPERAntiSpyware” from www.superantispyware.com as a Good 1st Choice .
ok guys I think I solved this matter. Now I don’t have any problem connecting to security sites or to technical forums, and my notepad doesn’t crash and I don’t have to rename EXE files to be able to run anti-malware programs.
Thanks FreewheelinFrank for the tip. DrWeb was the beginning.
In case it is essential to post logs for HJT (after the problem is over) and Avast as well (nfortunately didn’t get a log for DrWeb), I can do that upon request when I get back home. The process was sooooooo long but it’s worthy I guess. I had to use each scanner twice or thrice … once in normal mode and once or more in safe mode. I used DrWeb, Spybot, Avast, VundoFix and Combofix.