Associate
OK, I seem to have acquired this little git on my laptop (running Vista Home Premium SP1) last night. Its a right bugger and I just can't get rid of it.
Symptoms:
What I've tried so far:
I've had a look around for a fix and tried a couple of things, but neither worked. I think I may be getting to the stage where I need to re-install. I've backed all my data up in readiness, but would like to avoid re-installing if necessary.
One thing I have noticed is that my hosts file only has the following entry:
::1 localhost
Shouldn't this be 127.0.0.1 localhost?
Anyone come across this infection before and successfully got rid of it?
Thanks
Symptoms:
- Browsers (Chrome and IE8) opening up at random and displaying links to dodgy downloads
- Windows defender is stating a very high risk and I'm infected with Trojan Downloader Win32/Renos.DZ
- When I do a Google search in either browser, the first result I click on opens up www.kdirectory.co.uk with a load of dodgy links.
What I've tried so far:
- Told Windows Defender to remove the infected object. This works for about 30 minutes, but then its back again.
- I'm running AVG Free on the laptop. Obviously this didn't pick up the original infection. Did a full system scan, nothing found.
- Tried to install Hijack This, but laptop blue screens towards the end of the installation. Having researched the issue, seems this is a common problem with this infection.
- Tried to download Malwarebytes, but both Chrome and IE tell me their web page is not available, although I can access it fine from my XP machine. Installs OK from memory stick, but won't run.
- Installed Ad-Aware OK, but can't use it as the update feature doesn't work, again this works fine on my XP machine.
I've had a look around for a fix and tried a couple of things, but neither worked. I think I may be getting to the stage where I need to re-install. I've backed all my data up in readiness, but would like to avoid re-installing if necessary.
One thing I have noticed is that my hosts file only has the following entry:
::1 localhost
Shouldn't this be 127.0.0.1 localhost?
Anyone come across this infection before and successfully got rid of it?
Thanks