My computer has the sniffles

DirtyDirtyVagrantDirtyDirtyVagrant Registered User regular
edited December 2011 in Help / Advice Forum
I just recently rid myself of the bogus Win 7 2012 antivirus program, and now I seem to have some kind of redirect thing.

What's happening is that, as I browse the forums or youtube or whatever, my browser will spontaneously open one or more tabs to various other locations, some of which seem to be pages I've visited in the past (I'm guessing it's looking at my browser history or cache file?), but most of which seem to be blogs and poorly executed video-news sites. As far as I can tell the most common redirect is a site called "News Canary," which I have never visited before of my own accord.

Other weird things going on include rkill.com (that's a DOS app, not a website) terminating "ituneshelper" and another apparently apple-related process as 'known malware processes' and malwarebytes not turning up any infected files on a full scan. My searches of tech support forums only turn up one other case of this happening to somebody and apparently the mods there thought it would be more practical to lock the thread and solve it via PM. So no info for me.

Has anybody else encountered this? What's the culprit? I don't see any suspicious processes in my task manager or anything.

e: The win 7 2012 thing was the first time I've had any kind of problem with this computer whatsoever. And now this makes two issues in as many days. Is there some utility that will allow me to scan my computer for likely vulnerabilities? Maybe I've just neglected an update somewhere?

DirtyDirtyVagrant on

Posts

  • xraydogxraydog Registered User regular
    edited December 2011
    If you can try installing and running Malwarebytes Antimalware

    http://www.malwarebytes.org/

    Also try installing and running MS Security Essentials Antivirus.

    http://windows.microsoft.com/en-US/windows/products/security-essentials

    Both are free. Between those two you should be able to clean out this kind of junk.

    edit: oops you already mentioned malwarebytes....

    xraydog on
  • schattenjaegerschattenjaeger Registered User regular
    I JUST had this problem. The Win 7 antispyware rogue spyware infection seems to have come with some friends, and they must be brand new because malwarebytes failed me too (fully up to date). What happened to me was that after removing it, MSE would pop up with several detected threats. I would clean them, then it would want to reset. After resetting, it would find them again. I did that loop twice and the PC started blue screening on boot. I figured out at least the registry was corrupt and no amount of comp-fu could make it work, even trying to copy in the backup registry files from the repair command prompt. I finally ended up just burning down the HDD and reinstalling Windows. Hopefully you have better luck.

    I have a reasonable suspicion that I picked this stuff up from imageshack. Now I am running firefox with the Noscripts add on all the time. A little inconvenient but less so than reinstalling windows

  • TychoCelchuuuTychoCelchuuu PIGEON Registered User regular
    Reformat + reinstall.

  • amateurhouramateurhour One day I'll be professionalhour The woods somewhere in TennesseeRegistered User regular
    If you've got UAC turned on there's a good chance it's just limited to your local profile. It's stored in the hidden application data folder under that profile. You can back up your music and docs and stuff and delete that profile then log in to a new profile and it might just go away. You'll want to run a root kit scanner and registry cleaner afterward but I've seen that work about 35% of the time.

    Aside from that, the redirect is coming from your network settings in Chrome(which is shared with the generic IE settings) or in the firefox settings as a proxy connection you can just disable, but you'll still need to fix the issue.

    If that doesn't work, you'll probably have to reformat and re-install. I haven't been able to successfully use malwarebytes in two years. That virus gets more and more tricky each time they update it.

    are YOU on the beer list?
  • SiskaSiska Shorty Registered User regular
    edited December 2011
    Give ad-aware by Lavasoft a try. There is a free version of it if you poke around their site. It at least was a very good program for specifically catching browser hijackers. It's turned into a bit of a resource hog over the years however. Make sure you decline any additional programs the installer wants you to add. You just want the bare bones scanner. After a day or two of running scans (and hopefully cleaned your computer) may even want to uninstall it. Even with a minimal installation it noticeably slows your computer.

    Now, Microsoft Security Essential is a great live protection antivirus program. Should not slow down your computer noticeably. In my opinion any computer that that's running windows should have it. Also, stop using windows explorer as your internet browser, if you are. Firefox with adblock plus and no-script plugins is much safer for surfing.



    Siska on
  • amateurhouramateurhour One day I'll be professionalhour The woods somewhere in TennesseeRegistered User regular
    Siska wrote:
    Firefox with adblock plus and no-script plugins is much safer for surfing.

    This... seriously it might take a week or two before you've configured no-script to do what you want and not just block everything but google and youtube, but it's incredible.

    are YOU on the beer list?
  • BartholamueBartholamue Registered User regular
    Yeah, I also recommend Ad-Block Plus. It's a lifesaver. A time-saver too, since it blocks commercials on YouTube.

    Steam- SteveBartz Xbox Live- SteveBartz PSN Name- SteveBartz
  • ToxTox I kill threads he/himRegistered User regular
    Reformat + reinstall.

    This.

    If you managed to get a bogus AV malware on your system, it has lots and lots of friends hiding out, waiting to screw with you in other new and exciting ways. There's no telling what's there, and it probably includes a trojan that may grant someone access to your system. At the very least there's probably a keylogger, so you shouldn't be accessing anything that involves money (from banking websites to WoW).

    Twitter! | Dilige, et quod vis fac
  • RobesRobes Registered User regular
    Use reformat+reinstall as a last resort. Trojans only have access to your computer if you are connected to the internet. Download/install/update malwarebytes, CCleaner, then boot up into safe mode and run them.

    "Wait" he says... do I look like a waiter?
  • DraygoDraygo Registered User regular
    If you are getting redirected after all scans are coming clean you likely have an infected boot sector.

    you can use fixboot/fixmbr to rewrite the boot sector and purge the corruption.

Sign In or Register to comment.