WEB Torjan/Virus

Discussion in 'OT Technology' started by K-14 Blackhead, May 7, 2009.

  1. K-14 Blackhead

    K-14 Blackhead New Member

    Joined:
    Apr 9, 2009
    Messages:
    79
    Likes Received:
    0
    I didn't know where to post this. This forum seemed to be the most logical.

    Anyways, I think I have a trojan. Whenever I go to Google, MSN or any other search engine and search for something, it always redirects me to searchaweb.com or a web engine "toseeka". I've run AVG and done everything I can think of. HELP PLEASE! :hsd:
     
  2. White Stormy

    White Stormy Take that, subspace!

    Joined:
    Sep 17, 2002
    Messages:
    85,489
    Likes Received:
    70
    Location:
    Sparkopolis
  3. JoeyJoJoJuniorShabadoo

    JoeyJoJoJuniorShabadoo Live Free or Die

    Joined:
    Nov 9, 2004
    Messages:
    4,347
    Likes Received:
    0
    Location:
    http://www.stogietime.com
    ahhh shit, i jsut got this virus two weeks ago. I tried to get rid of that fucker but nothing helped, so I formatted my PC. The problem is that I had a USB drive and the virus got onto the drive, so after the format i got the virus again.

    Anywho, if you do format and you do have a USB drive hooked up, make sure you check the usb drives root folder for a file called autorun.inf. To see this file you will have to goto the folder options and make sure that Hid Protected Operating System Files is not checked.
     
  4. White Stormy

    White Stormy Take that, subspace!

    Joined:
    Sep 17, 2002
    Messages:
    85,489
    Likes Received:
    70
    Location:
    Sparkopolis
    I haven't had to run anything in years.. but you should maybe run spybot search & destroy and adaware and ccleaner
     
  5. Pepsi1975

    Pepsi1975 Mod of the Year

    Joined:
    Jan 6, 2005
    Messages:
    47,590
    Likes Received:
    1
    Location:
    Detroit
    I love everyone thinks the webmaster forum is the most logical for viruses
     
  6. White Stormy

    White Stormy Take that, subspace!

    Joined:
    Sep 17, 2002
    Messages:
    85,489
    Likes Received:
    70
    Location:
    Sparkopolis
    it's cause the people here are more intelligent than the people in the computers & programming subforum that's just full of nerds building gaming PCs or doing homework.
     
  7. Pepsi1975

    Pepsi1975 Mod of the Year

    Joined:
    Jan 6, 2005
    Messages:
    47,590
    Likes Received:
    1
    Location:
    Detroit
    while that may be true, usually people don't know that for the first time coming in here

    and with the name webmaster lounge and the description of Site building, Servers, Hosting, i still wonder why people think this is the place to come :rofl:
     
  8. Finest

    Finest OG #93

    Joined:
    Mar 16, 2000
    Messages:
    30,770
    Likes Received:
    42
    Location:
    Wisconsin. Seriously.
    Webmaster.

    Web = internet.

    Internet = computers.

    Hence, WML = computer experts!
     
  9. K-14 Blackhead

    K-14 Blackhead New Member

    Joined:
    Apr 9, 2009
    Messages:
    79
    Likes Received:
    0
    No USB drives in place right now.
     
  10. K-14 Blackhead

    K-14 Blackhead New Member

    Joined:
    Apr 9, 2009
    Messages:
    79
    Likes Received:
    0
    I ran ccleaner and still nothing. Can't seem to even download adaware. Still looking for a solution besides reformat.
     
  11. Finest

    Finest OG #93

    Joined:
    Mar 16, 2000
    Messages:
    30,770
    Likes Received:
    42
    Location:
    Wisconsin. Seriously.
    Hijackthis

    Remove redirects/extra toolbars/search engines/etc.
     
  12. JesterFX

    JesterFX New Member

    Joined:
    Oct 10, 2004
    Messages:
    4,557
    Likes Received:
    0
    My wife got this on our laptop a couple months ago somehow. It was a pain in the ass to get rid of too. Pretty smart little shit. Not only does it redirect search results for all the engines but it knows and blocks any type of virus removal/help forums as well as blocks virus software updates and adware site downloads and such.

    So even when someone post a fix or links to something to download it's blocked.

    I found tips by using the cached pages on google, which it didn't seem to block, but any software people suggested to use was blocked since they linked to official sites. So I had to find the various cleaners through rapidshare links and such.

    I'm not sure specifically which one ended up cleaning it but use a combination of hijackthis, malwarebytes anti-malware and ccleaner. I ran all those and restarted the laptop and it was gone.

    If you can't find those on rapidshare or somewhere else let me know and I'll try to upload them for you.
     
  13. Pepsi1975

    Pepsi1975 Mod of the Year

    Joined:
    Jan 6, 2005
    Messages:
    47,590
    Likes Received:
    1
    Location:
    Detroit
    my wife got it, i said fuck it and wiped out her hard drive and installed vista
     
  14. Falconer

    Falconer OT Supporter

    Joined:
    Jun 23, 2006
    Messages:
    65,506
    Likes Received:
    1
    Spyware
    Adaware
    Hijackthis
    cc Cleaner
    Panda Activescan
    CoolWebShredder

    That's usually what I do.

    My gf just got virtumonde and it was a bitch to get rid of.

    the worst I ever had was coolwebsearch 4 years ago which took me two full days to get rid of. that was a pain.
     
  15. K-14 Blackhead

    K-14 Blackhead New Member

    Joined:
    Apr 9, 2009
    Messages:
    79
    Likes Received:
    0

    Does it also affect computers on the same network? I have another computer in the next room and it seems to have gotten that too. That one seems to do the coolwebsearch and I'm just at my wits ends.

    I have a lot of homework fro school to do, and can't do it because it just keeps rediecting me. :wtc:
     
  16. K-14 Blackhead

    K-14 Blackhead New Member

    Joined:
    Apr 9, 2009
    Messages:
    79
    Likes Received:
    0
    PLEASE!
     
  17. Falconer

    Falconer OT Supporter

    Joined:
    Jun 23, 2006
    Messages:
    65,506
    Likes Received:
    1
    Dunno about the networks thing.

    Make sure you get the most updated version of CoolWebShredder. Coolwebsearch is a bitch and they keep updating it, so the CWShredder guy keeps updating his, too. CWShredder was created because it's almost impossible to get rid of CWSearch without it. IIRC, CWShredder checks for all variants of CWSearch when you run it, and disinfects them.


    Good luck.
     
  18. kingtoad

    kingtoad OT Supporter

    Joined:
    Sep 2, 2003
    Messages:
    55,924
    Likes Received:
    11
    Location:
    Los Angeles
    Should have bought a Mac. :hsugh:
     
  19. Mikenotmike

    Mikenotmike

    Joined:
    Jun 1, 2001
    Messages:
    6,244
    Likes Received:
    0
    Location:
    USA
    I've always relied on Spybot BUT recently I got a virus that it wouldn't fix, neither would hijackthis.de, I did some hunting around and apparently the new hotness in anti spyware/malware are these two below..

    malwarebytes.com (the free version)

    and

    superantispyware.com (free version).. I know the name almost sounds like it's a virus in disguise, but it's no joke, this one has cured two different computers for me that no other would fix in the last 60 days.

    report back
     
  20. JesterFX

    JesterFX New Member

    Joined:
    Oct 10, 2004
    Messages:
    4,557
    Likes Received:
    0
    Ok, uploaded the 3 for you here: http://rapidshare.com/files/230482743/spywarepack.rar.html


    Start with malwarebytes (mbam-setup.exe) and then ccleaner (ccsetup219.exe) and then restart. If you still have it after than then try the hijackthis. Just be careful with hijackthis as it will let you delete anything, even stuff you shouldn't and you could screw things up worse. I'm pretty sure it was malwarebytes that cleared mine up but might as well just run all 3 to clean up anything else you might have.

    edit: I wouldn't try to update any of these right away. I grabbed the most recent off each of the sites but if you try to update it may cause your bug to screw them up since it seems to know when you are trying to update. After you get rid of it go ahead and update them and run them again just to be sure though.
     
  21. Mikenotmike

    Mikenotmike

    Joined:
    Jun 1, 2001
    Messages:
    6,244
    Likes Received:
    0
    Location:
    USA
    yeah if malware bytes doesn't load when you click it, try renaming the file, if it won't start after installing it, try renaming the launch file in the /program files area.. viruses like to divert any attempts at running it
     
  22. HYBR|D

    HYBR|D Beep Beeeeee'p

    Joined:
    May 5, 2006
    Messages:
    2,009
    Likes Received:
    0
    Location:
    Ozz
    Here's how to fix it..:wavey:

    Source > http://antionline.com/showpost.php?p=947320&postcount=19
     
  23. nida

    nida Guest

    this. My gf has it on her computer as well. Make sure you are booting in safe mode so you can actually run the programs.
     
  24. projectalpha

    projectalpha 二號 Stunna

    Joined:
    Aug 4, 2001
    Messages:
    17,671
    Likes Received:
    0
    Location:
    Bay Area, California

Share This Page