|
Need help with Virus
So my computer has this really annoying virus that disregards all your settings and occasionally redirects you to malicious websites when you click a search result off of a site like google. A while back microsoft security essentials detected a tracur.an virus and I removed it. But this problem still occurs, and now the program doesn't detect it and windows defender seems to be blocked.
Anyone have any ideas on how to fix this? no it isn't a browser extension, I removed all of mine and it happens in all browsers. I also checked my processes and see nothing strange. I read somewhere that tracur.an redirects you to a server hosted by a specific ip that they posted, is there a way I can block all connections to that ip? |
You can take it in to a local computer shop or something like that.
|
get malware bytes, screw all the microsoft crap.
|
waiting from a post from someone like fp4 :/
|
then pm him
|
Quote:
|
norton180
|
I found MalwareBytes to be better than Norton360.
|
MalwareBytes has always worked for me. Have you tried running it in safe mode or specifying exactly what the virus does? Does it have a particular look to it, like a fake anti-virus program?
|
Hello actual computer technician here, who deals with this kind of thing regularly (this is my secret formula):
1. Download and run TDSSKiller: http://support.kaspersky.com/downloa...tdsskiller.exe Before running it click Advanced Options, and check the 'Check for TLDFS Filesystem' checkbox. 2. Download and run a Malwarebytes Anti-Malware Quick Scan (Looks like you've already done this): http://ninite.com/malwarebytes/ 3. If the Virus still persists I recommend that you run ComboFix: http://www.bleepingcomputer.com/download/combofix/ When downloading ComboFix, click Save and give the file a name like REDDRAGONS (this tends to be enough to fool viruses looking for anti-virus tools). If it still persists after all that, try running them all while in Safe Mode, if still then we'll have to do a more in-depth check. |
This type of virus is a pain in the ass to remove. When my Grandfather's PC had this type of virus it took a long time to get it removed, and no software(malwarebytes, Avira) removed it at the time, though they may have finally caught on. I sadly don't remember how I ended up removing it, but you can look in your host file and see if they added something there, though I don't think this is the route the virus took when I had to remove it.
You can search for "search injection virus" or the sort and see if you can pull up any results. |
Quote:
The easiest way to remove it is to use a partitioning cd or Windows' utilties diskpart. If ComboFix doesn't solve the problem that's the next place we'll be looking. |
Think I fixed it, microsoft security essentials randomly updated their definitions overnight as I was running a full scan after deciding to go to sleep, and picked up the last of it. Don't seem to be getting any more redirects. I managed to remove the first one manually by deleting the file as listed by the program from the system32 folder rather than simple clicking remove on the anti virus interface since apparently the virus detected that and recreates itself whenever you try it. Deleting it manually worked though.
Apparently I had like 2 different viruses that each triggered their own redirect, which explains why I still had problems after removing the first one. The second one was this, updated this morning. Removed it within the program and it seemed to fix it: http://www.microsoft.com/security/po...tid=2147657386 anyways is there any way I can check what runs on startup so nothing comes back if I restart my computer? I'm also afraid that the viruses might have installed a keylogger and other things that aren't getting detected. |
Just run the tools I linked, just to be double-sure it's gone.
|
Delete the system32 folder, that should solve your problems.
|
| All times are GMT. The time now is 10:48 PM. |
Powered by vBulletin/Copyright ©2000 - 2025, vBulletin Solutions Inc.