• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 283
  • Last Modified:

Huge Malware Problem

I recently have had some issues with my itnternet.  I'm using firefox and everytime I would type a website (example yahoo) it would take me to something else.  I also noticed that my antivirus (avg) was not updating properly and it got a connections error, so I update it manually.  Ran it and it found some viruses.  I deleted the things, but the internet issue was still a problem.  So I tried running some spyware.  I tried running adaware (the auto update could not coonect to the internet either so I did a manual update).  This found a couple and were deleted.  Next I tried spybot, but this would not open.  I tried going online to these websites, but every website that was antispyware or antivirus related with not open.  I went into safe mode and tried running each, but nothing more was found with adaware and spybot would not open.  I tried running a online scanner for viruses, but before it could start it said connection timed out.  I even tried installing the microsoft malware removal tool, but it would not install/load.  Anybody know a solution to this I had viruses before, but none like this.  Thank you
0
Rob26Smith
Asked:
Rob26Smith
  • 4
  • 4
  • 2
  • +1
1 Solution
 
DMTechGrooupCommented:

As rpggamergirl would say....


Download Hijackthis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download 

Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.
Paste the log in the "Code Snippet" or "Attach File" window.

then download and install www.malwarebytes.org and for its logfile do the same as the Hijackthis.
0
 
Rob26SmithAuthor Commented:
Here you go.  Thank you.  Please note the malwarebytes found a trojan and deleted it, but problems still persist.  I attached another scan ran today with no issues.
hijackthis.log
mbam-log-2009-02-08--07-17-26-.txt
mbam-log-2009-02-08--12-29-48-.txt
0
 
mooglinuxCommented:
something to consider: which would take less effort, removing all the malware by hand, or backing up the important data and reformatting, then reinstalling everything? neither one is pleasant, but there comes a point when reformatting is the only way to really be sure you got it all.

HijackFREE has a database that can help you sort the known-good items from the bad ones. That would probably be a good starting point
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
xmachineCommented:
Hi,

It could be the HOST file that may got poisoned by wrong/malicious entries. Or some rootkit that is intercepting DNS requests to these security websites.

Try using Symantec Online Security Scan: (No need to reolve anything, you can browse it by IP)

http://206.204.52.6/sscv6/home.asp?langid=ie&venid=sym&plfid=24&pkj=GEKLIZQSLDBQSBKXIGL 



A Symantec Certified Specialist @ your service
0
 
Rob26SmithAuthor Commented:
I tried the symantec online scan with no luck.  It's asking me to install the active x which I do, but then nothing.  The scan doesn't proceed.  I understand I might need to format the drive, but I would like to avoid that as much as possible.  Any other suggestions?
0
 
xmachineCommented:
There is nothing malicious in your log files. I think you should scan your system using a bootable CD. Try one of the following live CDs:

http://dl.antivir.de/down/vdf/rescuecd/rescuecd.iso

http://download.bitdefender.com/rescue_cd/bitdefender_2008_RescueCD_v2.iso

http://www.volatileminds.net/projects/clamav/ClamAVLiveCD2.0.iso

ftp://ftp.drweb.com/pub/drweb/livecd/minDrWebLiveCD-4.44.1.0811190.iso



A Symantec Certified Specialist @ your service
0
 
DMTechGrooupCommented:
Could be a rookit.. SDFIX will check and fix the hosts file.. Combofix will also search out rootkits.
0
 
Rob26SmithAuthor Commented:
SDFix and ComboFix worked.  Here are the logs.  Please let me know if I need to do something else.
ComboFix.txt
report.txt
0
 
DMTechGrooupCommented:
Rescan with malwarebytes and AV scanner.
0
 
Rob26SmithAuthor Commented:
Thank you
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now