I think I may have a virus :<

Discussion in 'Computer Games and General Discussion' started by War, Feb 7, 2009.

Feb 7, 2009

I think I may have a virus :< by War at 11:22 PM (1,005 Views / 0 Likes) 8 replies

  1. War
    OP

    Member War Take it easy~

    Joined:
    Oct 26, 2007
    Messages:
    5,409
    Location:
    California
    Country:
    Japan
    i just noticed this problem today and it's really annoying...

    Whenever I go to google or use the google toolbar to search for something, no matter what I search for, it will come up with the right titles for the sites but the actual sites themselves will be like ad sites and stuff. I know it's hard to understand, so I took some screenshots:

    [​IMG]

    (Just ignore the fact that I misspelled Firefox...) Do you guys see what I mean? I even tried searching for something really popular that should give me some obvious results:

    [​IMG]

    Same thing happens! I ran a Ad-Aware full system scan and it didnt find anything... I didn't get any warning from NOD32 either, but I'm doing a NOD32 full system scan right now. Do you guys know what it might be?

    I'm using Shiretoko, but this problems also happens when using IE. I tried disabling my add-ons but that didn't make a difference.
     
  2. Dack

    Member Dack GBAtemp Advanced Fan

    Joined:
    Aug 26, 2007
    Messages:
    603
    Location:
    UK
    Country:
    United Kingdom
    download and install software from www.malwarebytes.org

    It's free and should handle the Google redirect you've got.
     
  3. Tripp

    Member Tripp GBAtemp Regular

    Joined:
    Oct 17, 2006
    Messages:
    288
    Location:
    South East Florida
    Country:
    United States
    Dack even though I would expect the software you reccomened to take care of his issue. Just in case and no offence intended I'm going to add a second backup suggestion.

    Ad-Aware Free Version http://www.lavasoft.com/?langref=DE

    Make sure to have it update before running scan...

    btw Dack how have you been? Long time...

    edit it posted twice...
     
  4. Dack

    Member Dack GBAtemp Advanced Fan

    Joined:
    Aug 26, 2007
    Messages:
    603
    Location:
    UK
    Country:
    United Kingdom
    Guess you missed
    [​IMG]

    I've been busy on things and may have some releases soon [​IMG]
     
  5. War
    OP

    Member War Take it easy~

    Joined:
    Oct 26, 2007
    Messages:
    5,409
    Location:
    California
    Country:
    Japan
    Yeah, Ad-Aware did nothing. I ran Dack's program and it found 8 things... got rid of them all, restarted, and the problem was still there. I downloaded Avast! and scanned it... I did that thing where it scans your computer right when you turn it on and it found the problem, but it froze (wouldnt let me erase/move it). Finally I turned the computer back on, deleted the problem file manually, and it seems to have worked... google searches come up with normal results now. However, I'm still gonna do another Avast scan.
     
  6. playallday

    Member playallday Group: GBAtemp Ghost

    Joined:
    May 23, 2008
    Messages:
    3,773
    Location:
    [@N@[)@
    Country:
    Canada
    Try running a scan in Linux. That should do it.
     
  7. Chris_Skylock

    Member Chris_Skylock GBAtemp Advanced Maniac

    Joined:
    Dec 26, 2008
    Messages:
    1,501
    Location:
    Philippines
    Country:
    Philippines
    please download Malwarebyte's AntiMalware for scanning. Download Hijackthis and find a forum that is specialized in malwares. Can I give an anti-malware forum? DOnt want to break any rules.

    Clear your cookies with ATF cleaner http://majorgeeks.com/ATF_Cleaner_d4949.html
    to clean your cookies.

    What else do you need?

    You could try to download ComboFix but Im no malware expert. Wait until a malware expert tells you to download and use ComboFix

    You might also need rootrepeal to scan for rootkits. but you WILL NEED a malware expert for assistance as these two programs are super strong.
     
  8. kobykaan

    Member kobykaan GBAtemp Addict

    Joined:
    Aug 27, 2007
    Messages:
    2,994
    Country:
    United Kingdom
    I use SPYWARE TERMINATOR 2 link

    and SPYBOT SEARCH AND DESTROY link

    both are very good both are free and free updates too install and update them and run scans and remove anything they find!

    your not alone theres lots of posts on google out there but then you may not get them if its still wrong doh!

    google groups with same issues link

    you may want to uninstall any toolbar addons if your using IE such as ask/yahoo (even google) toolbars as they are known to drag in crap like malware [​IMG]

    have you tried cleaning your internet cache too!?

    edit just found this try removing all cookies

    C:\Documents and Settings\(your computer name here)\cookies

    note: you may need to show hidden files and folders to see them and may need to be done in safe mode if they will not delete

    and check remove here also ..

    C:\Documents and Settings\Local Services\Cookies

    spyware is related to clickfraudmanager.com and cookies and a trojan called Vundo or Seneka!
     
  9. Kurems

    Newcomer Kurems Member

    Joined:
    Nov 23, 2008
    Messages:
    24
    Location:
    Nancy
    Country:
    France
    It seems you have a naughty trojan named DNSChanger, like I had a month ago...
    Programs like Spybot, Ad-Aware or ComboFix cannot erase the problem, even with their last updates!
    Even antiviruses cannot do anything!

    When I saw that all your navigators are affected, it had given me an hint concerning the solution to adopt!

    HiJackThis! can view some of key registries used by that kind of malware, which are partially stocked in O17 ones.
    But if you are not an expert with the program, don't try anything, because you could erase your DNS provider IP address by mistake.

    The sole known solution to my mind, that have worked for my computer, was to download the last version of SmitFraudFix at:
    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php

    Run the program in safe mode and perform the command, in order :
    1. Search
    2. Clean
    3. Delete Trusted Zone
    5. Search and clean DNS hijack

    When all the operations are done, your computer will reboot and perform a final scan in normal mode...

    I hope it will greatly help you!

    EDIT : The problem seems to be solved, but I leave my solution also, if anyone will have the same problem in the future...
    This kind of malware only affects the results in Google! If you use an another searchbot, results are normal!
    Sorry if my written English could be pretty bad...
     

Share This Page