Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect and Win64Obfuscation.A ..Ugh


  • Please log in to reply
5 replies to this topic

#1 IrishMark

IrishMark

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:06 AM

Posted 25 May 2012 - 02:34 PM

Hello all...well I've been battling this virus for about a week but every time I think I have it beaten back it reappears. It started with a google redirect virus but through running malwarebytes, tdskiller, hitman pro, unhack me and spybot I seemed to mostly have everything working again. However I just ran a Microsoft security Scan and it told be that I had (but could not remove) VirtTool;Win64/Obfuscation.A. Additionally anytime I go to my gmail account Explorer crashes as well as just now again I got a redirect in Firefox (thought I had eliminated that particular issue.) Every scan I run now with the exception of the Microsoft Security Scan tells me I'm clean but obviously I'm still having issues.

I am running WIndows 7. Is there anything I can do to salvage this? I didn't click on any attachments or download anything recently so I don't understand why this is happening.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:06 AM

Posted 25 May 2012 - 02:51 PM

Appears to be a new variant. we will need to remove this in the Malware removal forum.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 IrishMark

IrishMark
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:06 AM

Posted 25 May 2012 - 03:33 PM

Thanks. I posted this in the other forum but nonetheless.
I ran the defogger, no problem. However, the DDS would not run. A small black window popped up too briefly to even read but then nothing. No txt file or anything.
Is there any way around this?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:06 AM

Posted 25 May 2012 - 07:33 PM

If you cannot get DDS to work, please try this instead.

Please download OTL by OldTimer and save it to your Desktop.
  • Close all other applications and windows so that you have nothing open.
  • Double click on the Posted Image icon on your desktop.

    Vista/Windows 7 users right-click and select Run As Administrator.
    If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • Under Output, ensure that Minimal Output is selected.
  • Click the "Scan All Users" checkbox.
    Leave the remaining selections to the default settings.
  • Click the Posted Image button.
  • Do not use the computer while the scan is in progress.
  • When the scan is complete, two log files will open in Notepad:
    • OTListIt.txt <- (will be maximized)
    • Extras.txt <- (will be minimized in the Task Bar).
  • Both logs are automatically saved to the Desktop.
  • Please copy and paste the contents of OTListIt.txt and Extras.txt in your next reply.
    If the Extras.txt log is too long, you may need to add a second reply to your thread or upload it as an attachment.
  • Click the red X in the upper right corner to exit OTL.
Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run. If OTL did not work, then reply back here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 IrishMark

IrishMark
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:06 AM

Posted 25 May 2012 - 10:18 PM

Thanks but I was having so much trouble with it and since the laptop didnt have much on it I just went ahead and wiped and restored it. Good as new now. Thanks for your help. This virus is a real bad one.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:06 AM

Posted 28 May 2012 - 11:17 PM

Appreciate the update!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users