Sign In
Create Account
0
Ok, I cleared about 2 dozen diff viruses and rogues off of a pc. Now when i try to acces malwarebytes.org i get an error page
If I try to ping it it resolves to 127.0.0.1(loopback). I have checked the hosts and lmhosts, verified the dns and I can't find it.
I have searched the registry, I have searched the HDD using a hex editor that checks the contents of the files and I cannot figure out where these sites are being redirected.
I have scanned with MBAM and Rogueremover as well as several other apps.
I can't find the redirects. Its driving me NUTS!!
Back to top
#2
Posted 21 October 2008 - 04:17 AM
-
- Administrators
-
- 22,568 posts
Forum Deity
- Gender:Male
- Location:US
Maybe the router has been hacked?
When you say DNS checks out let's see some logs or information from this computer please.
Do a TRACERT via IP and via host name and see what you get.
malwarebytes.org. A 69.162.79.74
When you say DNS checks out let's see some logs or information from this computer please.
Do a TRACERT via IP and via host name and see what you get.
malwarebytes.org. A 69.162.79.74
#3
Posted 23 October 2008 - 03:50 PM
-
- Members
-
- 2 posts
New Member
I have a user with the same problem. Anytime you try to go to any antivirus/spyware website (avg, malware, etc) you get a Can not connect to page error.
Pinging www.avg.com redirects to 127.0.0.1
I have ran malwarebytes in safe and normal mode. deleting the infections it finds but still this problem remains.
If I am in safe mode with networking I can get to the pages just fine as both administrator and the user. It is only when the user is logged in normally that the websites get redirected.
Other things I have done:
netsh ip reset
ipconfig /flushdns
reset IE to defaults (loaded chrome and it is blocked from that browser too)
checked the etc\hosts file
checked registry to make sure host file wasnt redirected to another file
turned off all startup options in msconfig
Any help is greatly appreciated.
Pinging www.avg.com redirects to 127.0.0.1
I have ran malwarebytes in safe and normal mode. deleting the infections it finds but still this problem remains.
If I am in safe mode with networking I can get to the pages just fine as both administrator and the user. It is only when the user is logged in normally that the websites get redirected.
Other things I have done:
netsh ip reset
ipconfig /flushdns
reset IE to defaults (loaded chrome and it is blocked from that browser too)
checked the etc\hosts file
checked registry to make sure host file wasnt redirected to another file
turned off all startup options in msconfig
Any help is greatly appreciated.
#4
Posted 23 October 2008 - 04:33 PM
-
- Members
-
- 2 posts
New Member
Just ran malwarebytes in safe mode (thought i had before..maybe I didnt) and it found 15 infections.
Deleted them all and got the pop up to reboot.
Problem is gone and can now get to avg ok now.
Deleted them all and got the pop up to reboot.
Problem is gone and can now get to avg ok now.
#5
Posted 23 October 2008 - 06:33 PM
-
- Administrators
-
- 22,568 posts
Forum Deity
- Gender:Male
- Location:US
Hello and Welcome to Malwarebytes.org
It is highly suggested that you follow the instructions below so that someone with experience can review your logs and help to ensure you really are clean.
Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs
Someone will be happy to assist you further with cleaning your system.
During this scan and cleanup process you should not install any other software unless requested to do so.
It is highly suggested that you follow the instructions below so that someone with experience can review your logs and help to ensure you really are clean.
Please read and follow the instructions provided here: Pre- HJT Post Instructions
When ready please post your logs here: Malware Removal - HijackThis Logs
Someone will be happy to assist you further with cleaning your system.
During this scan and cleanup process you should not install any other software unless requested to do so.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
