Jump to content

Recommended Posts

I use Windows XP, and Firefox as my browser.

Far as I can tell, I contracted one of the nasty rootkits within the past week. The first symptom I noticed is that if I clicked on the result of a Google search, most of the time, I get redirected to one of a dozen other search pages. There have been much worse symptoms: spontaneous IE windows opening, Malwarebytes being corrupted so it couldn't launch (mbam.exe being deleted, even upon reinstallation), Windows Update being disabled, unable to boot Windows to Safe Mode. I've had to do a lot of self-education very fast. Much thanks to whoever posted the explorer.exe workaround for mbam.exe.

I'm currently using the free versions of Malwarebytes' Anti-Malware, Avira, Zonealarm, CrapCleaner, HijackThis,and SUPERAntiSpyware. (I actually ditched AVG, which wasn't picking up anything.) I updated to the latest version of Java. Using these in combination, I've eliminated all but the first symptom, the Google search hijack.

I've scanned using Malwarebytes, SuperAntiSpyware, and Avira, rebooted, and did so again a couple of times. Each program keeps indicating that no threats are detected, the only exception being that Avira's real-time scanning sometimes throws up an alarm, but those windows often close themselves faster than I can get to/read them. I suspect that Adobe Reader 6 was infected, and removed it.

At this point, none of my scanning programs are picking up any problems, and no alarms trigger when a Google search gets hijacked in Firefox. I'm really not sure what to do next. Not being able to click on search links is also making researching fixing this problem much harder!

Thanks in advance for any help!

Link to post
Share on other sites

Hello Monstoro , and welcome to Malwarebytes.org

It seems that some of the infection is still in your system - I would suggest you follow the advice below as it can still be an active infection -

Try using IE or another browser for a while and see if the problem still exists then you will know you still have the infection active -

We don't work on Malware removal and diagnostics in the general forums so please follow the instructions below -

Please read then print out and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available to help clean your system -

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post -

Thank You - :D

Link to post
Share on other sites

I'm having the *exact* same problem. Keep getting redirected and Malwarebytes isn't finding anything.

It's been going on for a while and I kept running MB and not finding anything. Then a couple of days ago I was having problems and went to run Malwarebytes and it didn't work. I clicked on the icon and my computer couldnt find the program. I tried to install a new version and it wouldn't let me install a new one. I was having a code 2 failure. So I followed instructions on how to download a randomly named version of MB, installed it on my computer in the MB program folder and found something like 28 Vundo.h viruses. Quarantined and deleted them and thought that was it.

Then started having the same problem again!

Link to post
Share on other sites

Hi yoodle and welcome -

If you had contracted 28 Vundo infections there will still be some infection remaining - It WILL hide in your system once entrenched and becomes very hard to fully remove it - (As an aside -Please check on the sites you visit) I am sorry but you will need an expert to remove it fully - :D

Please read and print out then follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance to clean your system when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post

Please use the Add Reply tab when responding -

Thank You - :)

EDIT - To Monstroso you sound like you have a similar problem (left over infection) -

Link to post
Share on other sites

Thanks yoodle and you have done it almost the right way also - Could you now please be patient as the experts are very busy - Do not worry if you do not get an answer for a day or even 3 (depending on the load) - They are just Expert Helpers and give their time freely, as most work in IT at other jobs - Also please do not ask for assistance here while you are waiting -

Thank You - :lol:

Link to post
Share on other sites

Thanks yoodle and you have done it the right way also - Could you now please be patient as the experts are very busy - Do not worry if you do not get an answer for a day or even 3 (depending on the load) - They are just Expert Helpers and give their time freely, as most work in IT at other jobs - Also please do not ask for assistance here while you are waiting -

Thank You - :lol:

noknojon, I'm afraid it looks like my thread has sunk to page 4 or 5 and no one is helping. What should I do? Is it ok if I bump it?

Link to post
Share on other sites

@ yoodle -

It can take 3 days , sometimes more , for the Experts to catch up with the backlog of problems - Please be patient as the experts give their time freely and are usually employed at other IT jobs during the day -

Please add the logs that AdvancedSetup has asked for -

Thank You - :lol:

Link to post
Share on other sites

@ yoodle -

It can take 3 days , sometimes more , for the Experts to catch up with the backlog of problems - Please be patient as the experts give their time freely and are usually employed at other IT jobs during the day -

Please add the logs that AdvancedSetup has asked for -

Thank You - :lol:

Thank you, Noknojon, for this. The web is full of posts on every known technical forum site, from people who are experiencing this problem. Until now I haven't seen any evidence that any of the antivirus vendors are paying any attention to it at all.

I don't have time to try the procedure you've provided, and I can live with the problem for three days in hopes that a simpler solution will be found.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.