Author Topic: KillAV.KI {TRJ} JS:FakeAV-K[TRJ], TRJ[GEN], avast not updatind, Sad But True  (Read 54751 times)

0 Members and 1 Guest are viewing this topic.

St.Anger_561_

  • Guest
Hello Micky77.  I do not see eSellerateEngine.dll anywhere.  As far as the problems I am having the avast is still not updating, also MBAM is not updating.  Avast is giving me an error "packet broken" and MBAM tells me "you have the most recent update" but I know this is not true MBAM is updating on my other system.

I have not been using my infected system very much, but I am pretty confident that it is still redirecting the browser.  I will try to use my infected pc some more this evening when I get home to see if I can reproduce the errors and crashes it was having.  Thank you again for your time.

I do not know why the logs were all scrambled.  That is strange, I can try to post them again, if you wish.  Thank you again for your time.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Sorry, the thread is too long to find it out...
Is your hosts file clean?

It sounds like a hosts file problem. Check the contents of the file at the location for your operating system.

Windows 95 - C:\windows
Windows 98 - C:\windows
Windows Me - C:\windows
Windows 2000 - C:windows\system32\drivers\etc
Windows XP - C:\windows\system32\drivers\etc
Windows NT - C:\winnt\system32\drivers\etc
Windows Vista - C:\winnt\system32\drivers\etc

note the file does not have an extention, it's simply hosts

Remove any reference to avast from the file. The file can be viewed with notepad.

The default file consists of a number of example lines preceded with # The only required line is
127.0.0.1       localhost

You can get a good replacement and more info on what the hosts file does from here

http://www.mvps.org/winhelp2002/hosts.htm

HOSTS file redirect a common malware tactic to block AV sites making it difficult to remove malware. Check your HOSTS file using notepad or a text editor of your choice and look for entries with avast.com on the line, you may well see other AV sites.
The best things in life are free.

micky77

  • Guest
  I do not see eSellerateEngine.dll anywhere. 
Hello again,because we didn't seem to be having much success,i asked if someone more experienced would run through the thread. He kindly did, and examined your log.I,m not sure if eSellerateEngine.dll would be responsible for your problems, but it should be removed.In the scrambled log it said C:\WINDOWS\eSellerateEngine.dll  NOT unregistered.No need to post anymore logs. As he did not see anything else bad, I assume there is no malware on your pc, ( mbam did initially remove some malware ).Hence the recommendation to run gooredfix etc.
Its possible the pc is clean but your host file still has bad entries. You could try using this tool to clear your host file.There is no need to install this program,just run it from where you download it too

http://www.funkytoad.com/index.php?option=com_content&task=view&id=13&Itemid=&28d444df85eb4f435055ed9d39c02f03=e10955cd0fb40d35143be6e908fcb198

# Run HostsXpert 4.2 - Hosts File Manager
# Click on "File Handling".
# Click on "Restore MS Hosts File".
# Click OK on the Confirmation box.
# Click on "Make Read Only?"
# Click the X to exit the program.


St.Anger_561_

  • Guest
well I truly appreciate your help Micky and Tech too, but I think there is still a trojan on my system. 

My avast will still not update and MBAM will still not update, although I am getting different error messages then I was before.  Also I have double checked the host file, there are no entries in it at all.  The only listing there is:

127.0.0.1 local host

I have used the host expert program previously, but I will give it a shot again.

My browser is still being redirected, for example when I clicked on a link in google it redirected me to a white pages listing for local house cleaners, which had nothing to do with what I clicked on.

I did notice another thing, when my wife was using her profile I logged her off of the cpu.  The "logging off" grey box was on the system for several minutes, approximately 3 - 5, before it disappeared.  I found this odd because usually it only takes a matter of seconds before it logs off the system.

Again I do not know what else to do, but I am open to any other suggestions that you or anyone using the forum may have.  I really do not want to reformat my hard drive, but if we have given up here then I suppose I can start a thread in another forum and try it all over again there. 

I appreciate your time, effort, and expertise.

micky77

  • Guest
Ok, try this tool, http://www.bleepingcomputer.com/forums/topic131299.html
 then run fully updated MBAM, and SAS , and post all three logs

YoKenny

  • Guest
Try these:
MB won't run(Fix), Total-Security (FakeAlert)
http://www.malwarebytes.org/forums/index.php?showtopic=12873
MBAM wont run (Fix), av360 (Fakealert)
http://www.malwarebytes.org/forums/index.php?showtopic=12713
MBAM wont install or will not run., CLB Rootkit driver=TDSS/Seneka/GAOPDX/UAC/ovfst
http://www.malwarebytes.org/forums/index.php?showtopic=12709

These are the experts so register there and follow the directions:
Hello and welcome to Malwarebytes
http://www.malwarebytes.org/forums/index.php?showtopic=9573