1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hijackthis log, anyone help ?

Discussion in 'Windows & Other Software' started by LOAM, 11 Jun 2010.

  1. LOAM

    Capodecina

    Joined: 20 Oct 2004

    Posts: 12,608

    Location: Nottingham

    Hello

    Is anyone able to look at this hijack this log ?

    One of our directors has brought his pc in as its "acting up". it wont run windows update, it tries to but fails with the error code 80072EFE. In addition web pages are being redirected. His OS is vista 32bit running AVG free which shows no infection. I've run malwarebytes on it and that's come up clean as well, as has search and destroy.

    A hijackthis log looks like this

    Any thoughts ? i cant really see whats up with it, and yet it is redirecting to all sorts of wierd sites when you click google/bing/yahoo search results.
     
  2. thepeganator

    Wise Guy

    Joined: 14 Sep 2008

    Posts: 2,486

    Location: Portsmouth/Salisbury

    Check your DNS settings has been suggested.
     
  3. LOAM

    Capodecina

    Joined: 20 Oct 2004

    Posts: 12,608

    Location: Nottingham

    they are set to get DNS settings automatically from the router which in this case is open dns.

    ive just tried to update the nic drivers from intel and got redirected to dannysloans.com lol, the hosts files is fine as well btw
     
  4. alex24

    Capodecina

    Joined: 1 Jan 2008

    Posts: 10,849

    Does this happen in every browser? Hijackthis log looks fine at first inspection.
     
  5. LOAM

    Capodecina

    Joined: 20 Oct 2004

    Posts: 12,608

    Location: Nottingham

    yeah its every browser, FF/IE8 etc. Driving me mad tbh
     
  6. alex24

    Capodecina

    Joined: 1 Jan 2008

    Posts: 10,849

    Well back when I used to repair Win98 machines, I used to use Hijackthis, and run msconfig and disable all startup processes then reboot. Re-enable the safe ones one by one and isolate the ones causing the problem. This may not be a fix for Vista, things have advanced a lot!

    I don't rate AVG at all, perhaps you could use another online scanner (look at trend micro, panda activescan) to cover all bases if you can get the page up by disabling services! There's always safe mode too.
     
  7. LOAM

    Capodecina

    Joined: 20 Oct 2004

    Posts: 12,608

    Location: Nottingham

    its currently running the Nod32 online scanner, been running for a couple of hours, nothing found atm
     
  8. thepeganator

    Wise Guy

    Joined: 14 Sep 2008

    Posts: 2,486

    Location: Portsmouth/Salisbury

    If all else fails you could try and "upgrade" reinstall.

    Much like the repair option in xp, just start the installation from inside Vista.
     
  9. LOAM

    Capodecina

    Joined: 20 Oct 2004

    Posts: 12,608

    Location: Nottingham

    Nod32 finished fine
    trying trend now, then kav

    bonkers tbh, its deffo infected as you simply can not hit MS sites at all, it just gives you page can not be displayed or redirects you to a different site.
     
  10. LOAM

    Capodecina

    Joined: 20 Oct 2004

    Posts: 12,608

    Location: Nottingham

    trend has found something.......


    need to wait for the thing to finish though to get details, hope its not just a cookie :p
     
  11. ricky

    Gangster

    Joined: 28 Dec 2008

    Posts: 390

    Location: Nottingham

    Post you log above into hijackthis.de
    Looks fine though.
     
  12. Vauxmad

    Gangster

    Joined: 18 Oct 2002

    Posts: 446

    Location: Stoke

    Did you ever get to the bottom of this?

    My laptop has started redirecting and seems to be to do with admarketplace.com. Tried to find a removal tool but they all seem a bit dodgy/pay downloads.