for the past few days everytime i open internet explorer, numerous web pages pop up continuously—all has error 404 on it… plus my computer has been running slow. i’ve think i’ve been infected with a trojandownloader
well, heres my hijack log
everytime i do a hijack, it pops up with this, “for some reason your system denied write access to Hosts file…”
will post log once i get it down…
The symptoms you describe could be vundo/smitfraud and the pages may be blocked by your hosts file. The blocking is ok. The access denied to the host may not be so good.
If you have spybot, we will have to turn teatimer off untill we are done. I’ll post the instructions.
Also, since you can’t get HJT to work, we’ll try a different tool which will give us the same info and more. If this tool fails to run, we’ll try a different trick.
So let’s start with teatimer, if it’s relavent. If not procede to the next step.
Open Spybot and make sure teatimer is disabled, we will re-enable afterwards. To do so do the following
Click mode
click Advanced mode
if you get a warning answer “yes”
click tools
click resident
uncheck resident “teatimer”
click allow change
Please download Deckard’s System Scanner (DSS) and save it to your Desktop.
[*]Close all other windows before proceeding.
[*]Double-click on dss.exe and follow the prompts.
[*]When it has finished, dss will open two Notepads main.txt and extra.txt – please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.
Please note: some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so.
well, my Hjt works just that i can’t seem to save a logfile, but i will try the above method anyways, also i don’t have spybot, but i have superanti-spyware will that work…
If you click “Do a system scan and save a logfile” (top button), notepad should open with the log. Copy and paste that in your reply. If that doesn’t work, check the hjt folder for a log. DSS will also produce one as part of it’s scan.
"for some reason your system denied write access to Hosts file. If any hijacked domains are in this file, hijackthis may not be able to fix this.
if that happens, you need to edit the file yourself. to do this, click start, run and type:
notepad C:\windows\system32\drivers\etc\hosts
and press enter. find the line hijack this reports and delete them.
save the file as ‘hosts’ and reboot.
when i do a HijackThis, this seems to be poppin up everytime, i can’t seem to get rid of this… what is it
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll
010- Unknown file in Winsock LSP:c:\windows\system32\wpclsp.dll