Got a nasty little virus

KaleunBier · 10-11-11, 06:27 PM

Hey all I've gotten a nasty little virus that redirects all of my search engine results to ad pages and am wondering if any of you have dealt with it before or have a solution. I have thrown Avast, Trend Micro, and Malwarebytes at this problem but am unable to get rid of it! This virus seems to disable my predictive text within search engines too, including youtube. I would google this problem but obviously I am unable to do so at the moment lol.

the_tyrant · 10-11-11, 06:44 PM

I believe that this post belongs in the PC forum

Have you checked your hosts file yet?
http://en.wikipedia.org/wiki/Hosts_%28file%29

vienna · 10-11-11, 06:52 PM

Also, it may be worth it to go take a look at your cookies in your browser; I would delete any cookies I could not identify or associate with legitimate sites I have used. Sometimes these cookies and viruses are loaded via the popup ads that appear on your screen. Also, check your running processes via the Task Manager to see if you find anything odd there...

ajrimmer42 · 10-12-11, 02:27 AM

also try running 'Spybot Search & Destroy' as I've found that can find stuff that MBAM doesn't.

Sammi79 · 10-12-11, 03:15 AM

Rename the MBAM.exe to a random name [for example - KJQW.exe] as some viruses are designed to check for particular program executions. Start computer in safe mode, run full scan. Only problem might be updating MBAM first if the virus redirects, and thus prevents the update. I have removed this malware from mine and friends PCs in the past using this method.

Rhodes · 10-12-11, 03:17 AM

I got one of those a few time ago. It's a rootkit virus or malware. Try hitman pro 3.5. http://www.surfright.nl/en/hitmanpro It was the only program that cleaned my pc and solve the problem.

d@rk51d3 · 10-12-11, 03:52 AM

Do your scans in safe mode if you aren't already.

Some viruses will hide in your system restore files too.

antikristuseke · 10-12-11, 04:52 AM

If you have spent more than 2 hours chasing down a virus just format and reinstall windows, any more time spent is a waste of effort.

soopaman2 · 10-12-11, 06:53 AM

Quote:

Originally Posted by antikristuseke

If you have spent more than 2 hours chasing down a virus just format and reinstall windows, any more time spent is a waste of effort.

This.
Computer always runs better afterwards too. Only pain in the butt is redownloading the massive amount of steam games I own. Then again, no disc searching either. So it's a fair trade off. Just burn to disc stuff you don't want to have to chase down again.

antikristuseke · 10-12-11, 08:26 AM

Install steam games on secondary drive or partition?

kraznyi_oktjabr · 10-12-11, 08:36 AM

Quote:

Originally Posted by antikristuseke

Install steam games on secondary drive or partition?

Wouldn't that preserve virus from destruction as well?

Arclight · 10-12-11, 09:37 AM

Generally they are contained within system file locations, basically scattered between bits of Windows or any OS.

It's certainly possible for it to tuck itself away on other locations, but thus far I've never seen any of them actually do that.

Agree with the format btw. It's often quicker and cleaner than actually dealing with removing the bugger, but then I have the luxury of being able to wipe C: without actually losing anything. To friends I always offer to come over, hook up to the network and backup what they want to keep before formatting.

KaleunBier · 10-12-11, 08:45 PM

Sorry about posting in the wrong area and thanks for all the replies! I was able to get rid of it with ComboFix. Never heard of it until I got this little bugger but I'm glad I found it. Thanks again!

10-11-11, 06:27 PM	#1
KaleunBier Bosun Join Date: Sep 2008 Location: Milwaukee, WI Posts: 63 Downloads: 72 Uploads: 0	Got a nasty little virus Hey all I've gotten a nasty little virus that redirects all of my search engine results to ad pages and am wondering if any of you have dealt with it before or have a solution. I have thrown Avast, Trend Micro, and Malwarebytes at this problem but am unable to get rid of it! This virus seems to disable my predictive text within search engines too, including youtube. I would google this problem but obviously I am unable to do so at the moment lol.

10-11-11, 06:44 PM	#2
the_tyrant Admiral Join Date: Jun 2010 Location: Canada Posts: 2,272 Downloads: 58 Uploads: 0	I believe that this post belongs in the PC forum Have you checked your hosts file yet? http://en.wikipedia.org/wiki/Hosts_%28file%29 __________________ My own open source project on Sourceforge OTP.net KGB grade encryption for the rest of us

10-12-11, 02:27 AM	#4
ajrimmer42 Royal Kinotropist Join Date: Mar 2007 Location: Sheffield, UK Posts: 987 Downloads: 18 Uploads: 0	also try running 'Spybot Search & Destroy' as I've found that can find stuff that MBAM doesn't. __________________ Alex Don't judge a ship by the number of it's guns, but by the skill of it's crew.

10-12-11, 03:15 AM	#5
Sammi79 XO Join Date: Jan 2010 Location: Penzance Posts: 428 Downloads: 272 Uploads: 0	Rename the MBAM.exe to a random name [for example - KJQW.exe] as some viruses are designed to check for particular program executions. Start computer in safe mode, run full scan. Only problem might be updating MBAM first if the virus redirects, and thus prevents the update. I have removed this malware from mine and friends PCs in the past using this method. __________________ Gadewais fy beic nghadwyno i'r rhai a rheiliau, pan wnes i ddychwelyd, yno mae'n roedd... Wedi mynd.

10-12-11, 03:17 AM	#6
Rhodes Silent Hunter Join Date: Aug 2005 Location: Figueira da Foz, Portugal Posts: 4,486 Downloads: 109 Uploads: 0	I got one of those a few time ago. It's a rootkit virus or malware. Try hitman pro 3.5. http://www.surfright.nl/en/hitmanpro It was the only program that cleaned my pc and solve the problem. __________________ http://www.flickr.com/photos/16416646@N05/

10-11-11, 06:52 PM	#3
vienna Navy Seal Join Date: Jun 2005 Location: Anywhere but the here & now... Posts: 7,507 Downloads: 85 Uploads: 0	Also, it may be worth it to go take a look at your cookies in your browser; I would delete any cookies I could not identify or associate with legitimate sites I have used. Sometimes these cookies and viruses are loaded via the popup ads that appear on your screen. Also, check your running processes via the Task Manager to see if you find anything odd there...

10-12-11, 03:52 AM	#7
d@rk51d3 Sea Lord Join Date: Sep 2006 Location: Adelaide, South Australia Posts: 1,917 Downloads: 193 Uploads: 0	Do your scans in safe mode if you aren't already. Some viruses will hide in your system restore files too.

10-12-11, 04:52 AM	#8
antikristuseke Silent Hunter Join Date: Jun 2007 Location: Estland Posts: 4,330 Downloads: 3 Uploads: 0	If you have spent more than 2 hours chasing down a virus just format and reinstall windows, any more time spent is a waste of effort.

10-12-11, 08:26 AM	#10
antikristuseke Silent Hunter Join Date: Jun 2007 Location: Estland Posts: 4,330 Downloads: 3 Uploads: 0	Install steam games on secondary drive or partition?

10-12-11, 09:37 AM	#12
Arclight Navy Seal Join Date: Jun 2008 Location: Land of windmills, tulips, wooden shoes and cheese. Lots of cheese. Posts: 8,467 Downloads: 53 Uploads: 10	Generally they are contained within system file locations, basically scattered between bits of Windows or any OS. It's certainly possible for it to tuck itself away on other locations, but thus far I've never seen any of them actually do that. Agree with the format btw. It's often quicker and cleaner than actually dealing with removing the bugger, but then I have the luxury of being able to wipe C: without actually losing anything. To friends I always offer to come over, hook up to the network and backup what they want to keep before formatting. __________________ Contritium praecedit superbia.

10-12-11, 08:45 PM	#13
KaleunBier Bosun Join Date: Sep 2008 Location: Milwaukee, WI Posts: 63 Downloads: 72 Uploads: 0	Sorry about posting in the wrong area and thanks for all the replies! I was able to get rid of it with ComboFix. Never heard of it until I got this little bugger but I'm glad I found it. Thanks again!