Virus? Redirect Issue...

K

ktothewire

New Member
Hello,

I got a virus.. AVG removed some small things from firefox....

Before AVG removed the small malware when ever i would type in computer forum, hijack this, stuff like that ---- it would redirect to norton antivirus buy website and other internet security sites to purchase software....

Now it doesn't do that but if I go to google.com and type something in click on computer forum, it takes me to google.com and makes me re-enter it, then if I click computer forum it takes me here..

My firewall, and microsoft security ess is disabled & when I try to enable it, it gives me a warning....

I now have 1 thing left on AVG... it says
Infection:
c:\windows\System32\services.exe - Trojan Horse Patched_c.LXT = Result = Object is white-listed (critical/system file that should not be removed)

When I got o my host files.. i have a file caleld...
imhosts.sam?

(HIjack says "for some reason your system denied write access to the hosts file.)

So it won't let me do anything my host says: (removed some numbers for security)

# 10*.**.94.** rhino.acme.com # source server
# **.25.**.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
--------------------------------

Any idea why ::1?

Any idea how to fix thi? thank you.
 
Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

You must do the following to correctly run hijackthis in vista and windows 7

Vista and Windows 7 users must right click on the hijackthis icon and click on run as. If the run as option doesn't appear then press and hold the shift key while right clicking on the icon to get it to appear.


Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
 
You must log in or register to reply here.
Back
Top