Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine Redirect Malware


  • Please log in to reply
No replies to this topic

#1 qdarkness

qdarkness

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:18 PM

Posted 31 May 2011 - 11:19 AM

Hi, I have expended my knowledge in how to remove this malware. First of all let me tell you want happened and what I've done. In short, my computer was infected through Java from a article on Yahoo. It "removed" all my personal files, removed my background, etc. I realized it had just "hidden" all my files instead. I had a lot of system restore files dating before when I received the virus, and I chose the farthest one I could go back. That cleared most of the problems I was having, after that I ran Avira, Spybot and MalwareBytes to clear anything remaining. Spybot is the only one that found anything and it was just cookies. Thinking all was fixed, I was doing some searches to reinstall and update some programs because of the system restore and noticed that I was getting redirecting for a good 4-5 times then it would stop intermediately and allow me to go to the page I wanted. Also, I have noticed that IE will start by itself and start playing what sounds like ADs but IE isn't viewable and I can only see it running in Windows Task Manager.

So far I have ran complete scans with Avira, Spybot, MalwareBytes, Ad-aware, Hitman 3.5 and Avast. I downloaded TDSSKiller but that refuses to run. I just downloaded HiJackThis but the log isn't working, it's not saving anything even though I tell it to. Also, Avira's system scan didn't pick this up but its' Guard did, "ADSPY/AdSpy.Gen3". It showed the location of the file but it wasn't there so I just deleted the entire folder. I have cleared all my Temp folders as well. My host files only have two lines "127.0.0.1" and "::1" and spybot has it locked so it can't be changed now.

I believe that is all the steps I have done, hopefully that will help diagnose the problem easier.

Edited by hamluis, 31 May 2011 - 12:08 PM.
No logs, moved from MRL to Am I Infected.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users