Really obnoxious spyware/malware problem I cannot get rid of, please help?

Lazer77

Lazer77

CAGiversary!
Feedback
90 (100%)
I have done scans with Microsoft Security Essentials, Malwarebytes, and Spybot S&D.

MSE found one trojan downloader, I cleared it. Malwarebytes found something else similar, I cleared it. Spybot S&D did not pick up anything.

Basically my problem is that when I am clicking on links, particularly when I am doing a Google search, it redirects me to another random site with search links OR to my local yellow pages site. I have also noticed in the past few days that my browser has random spurts of complete slowdown, like I try to minimize it and open whatever else (Word document for example), and then Firefox takes 10-30 seconds to respond. I am using Firefox and this is my preferred browser.

I just don't get what is going on here. Can anyone please help?

Thanks in advance guys.
 
If you cant figure it out heres a few things to try and get rid of it:

go to your start menu and type in "msconfig" and then go to the "startup" tab. Now uncheck everything in that box and restart your computer. Honestly it's probably not there but it's good to do this anyway just in case. If you have a bunch of garbage starting up with your computer it can really slow things down after awhile. Unchecking the boxes just prevents the given program from starting up when you start your computer.

hit control + alt + delete, start task manager if it doesnt pop up right away, and go to the "processes" tab. Anything odd running? If you have no idea what many of them are google them or post whats running here (dont need the exe extensions just the names). What I do is familiarize myself with the processes normally running there on my machine. So if anything out of the ordinary is going on I check that first and can immediately recognize anything odd. Whatever your problem is, it's probably shown here.

empty your temp folder: type in "%temp% and delete everything there also. Though whatever it is is probably in your local or system files. You can try uninstalling/reinstalling your browser though I dont know that that will get rid of your problem.

Also another program to try is Advanced SystemCare Free. It has a spyware scan and will also clean up your registry if you havent done that in awhile.
 
Last edited by a moderator:
When I do scans at work I will generally do the following:

1) run rkill if you can't get anything else to run
2) superantispyware and malwarebytes
3) repeat previous step until both come up clean.
4) run a registry cleaner (ccleaner or Euring free registry cleaner)
5) if you're still having problems run tdsskiller (literally a 2 minute scan) it finds rootkits that the previous scans might not find.
6) if all else fails, try combofix. (I say if all else fails because I've seen it bluescreen many a computer before)
7) If your PC bluescreens after combofix, grab your windows cd and send me a PM.

ps - all these tools are free, so if there's a site that's asking you for money, DO NOT DOWNLOAD.
 
Last edited by a moderator:
I want to save Combofix for last, as a last resort, because I do all of my schoolwork on my computer and if I am out on a day, that would be bad. Let alone my Windows CD is back home and I don't know when I'll be back again. I did MSCONFIG and under running processes, and I should have written the name down but I found something weird which I canceled, it was like "HTTPlog Auto-Discovery" or something like that, auto-discovery summarizes really well what this does for me. I type something into Google, I click a link and takes me somewhere else. I did the task manager and found a few weird things, but then again I think its partly because I have no idea what is what. I cleared my entire temp file as well.

I will run Rkill now and let you know how it turns out.
 
I think I downloaded something else. Instead of RKill I got Reimage when I clicked to download that, it ran and completed, and then it finally asked me for a license key so I just quit.
 
[quote name='ShockandAww']Also another program to try is Advanced SystemCare Free. It has a spyware scan and will also clean up your registry if you havent done that in awhile.[/QUOTE]

I'm a big fan of ASC. I don't seem to get too much spyware, but it finds registry errors constantly. I never have any real problems when I'm running it.
 
Always check to see what addons your browser is running as well. Some newer addons do redirects and no malware detector really picks them up as being as such.

I personally when I find a infection on a pc even if I think its gone I still run malwarebyte in windows safe mode. In safemode windows loads the very bare minimum of drivers and software to operate. A lot of times malwares can avoid being detected or even fake their own removal and arent ever really gone. In safe mode the malware doesnt have a chance to even load itself so it can be cleaned better.

I also like super antispyware. Stupid title but it does a good job of what it does.

Just make sure your uninstalling the different scanners after you use them and try another. If you have multiple scanners installed they can give false positives on eachother.
 
[quote name='darthbudge']Sounds like TDSS. Try this: http://support.kaspersky.com/faq/?qid=208283363

Google about TDSS google redirects and you will find a lot of info about it.[/QUOTE]

Well I downloaded that, did the scan, found one item and I deleted it and rebooted! I will keep you posted if it shows up anytime soon, hopefully this fixed it. Thanks so much man! :D

EDIT: It just happened again :|
 
Open Firefox. Go to Tools, then Add Ons. If there are any Extensions or Plug Ins running and you dont know what they are, disable them. If that does nothing helpful:

Run HijackThis and post the results. I dont know a damn thing about it but I think it will at least show me the processes you have running.

If that gets you nowhere:

1. Run HijackThis and post the results to a tech forum. Somebody will be able to help I imagine.

Or

2. Recover Windows (Basically it reinstalls a clean version of Windows. It resets everything to factory default, meaning it will set everything back to the way it was the day you got your computer). This is what I do when I get something too nasty. If you do this just be sure to back up everything you want first. (Pics/documents/movies/music/anything that you've added to the computer after buying it because all of it will be deleted). I can guarantee this will fix your problem but it should be a last resort just because it's time consuming to back everything up and then go through the process and then reinstalling everything you want again. On the plus side your problem will be fixed and your machine will be cleaner.
 
Last edited by a moderator:
[quote name='ShockandAww']Open Firefox. Go to Tools, then Add Ons. If there are any Extensions or Plug Ins running and you dont know what they are, disable them. If that does nothing helpful:

Run HijackThis and post the results. I dont know a damn thing about it but I think it will at least show me the processes you have running.

If that gets you nowhere:

1. Run HijackThis and post the results to a tech forum. Somebody will be able to help I imagine.

Or

2. Recover Windows (Basically it reinstalls a clean version of Windows. It resets everything to factory default, meaning it will set everything back to the way it was the day you got your computer). This is what I do when I get something too nasty. If you do this just be sure to back up everything you want first. (Pics/documents/movies/music/anything that you've added to the computer after buying it because all of it will be deleted). I can guarantee this will fix your problem but it should be a last resort just because it's time consuming to back everything up and then go through the process and then reinstalling everything you want again. On the plus side your problem will be fixed and your machine will be cleaner.[/QUOTE]

I removed one weird add-on. Is there a tech forum you would recommend?
 
You may have a root kit that is loading itself into memory before windows starts hooking the kernel

I wasted 8 hours of my life a few weeks ago over an issue like this

hook your hard drive up to another computer and scan it externally
this should grab it
it might be residing in the boot sector
alundra has a variant that does this kinda stuff.
 
I have been having this same problem for a few days now and I think I've finally fixed it.

I went into the Add-ons menu and disabled EVERYTHING in Plugins and Extensions then restarted Firefox. So far the only one I've enabled again is the Flash plugin.
 
KASPERSKY. You can download a free trial and it is one the best virus-killing programs I know of. It will find and kill off the virus most likely...but if Kaspersky doesn't do it, then you may have to deal with a huge, hassle-filled virus that may need to be taken to a PC repair place.
 
You must log in or register to reply here.
bread's done
Back
Top