1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I think my computer has been infected. Any ideas?

Discussion in 'BlackHat Lounge' started by xplicit, Jan 7, 2010.

  1. xplicit

    xplicit BANNED BANNED

    Joined:
    Jul 21, 2008
    Messages:
    1,119
    Likes Received:
    1,053
    my brother in law was on my computer (bullshit ass myspace) and when I got back on, I noticed the background on my desktop was showing a big red box with a "Warning you have been infected" . Well I was able to get rid of that, but now I am hearing this beeping sound, almost sounds like a pop-up blocker, and everytime I do a search on google some weird search engine is coming up. (not to mention firefox crashes all the time now.)

    I was running mcaffee but switched to AVG and installed malware Bytes.

    Any ideas on what I can do to get rid of this crap?

    Should I do a hijackthis, and if so where do I submit the logs to?
     
  2. xplicit

    xplicit BANNED BANNED

    Joined:
    Jul 21, 2008
    Messages:
    1,119
    Likes Received:
    1,053
    Well kinda weird, when I went in to do that, there were no previous restore points. I am running XP by the way.
     
  3. Nihilist

    Nihilist Registered Member

    Joined:
    Oct 11, 2009
    Messages:
    59
    Likes Received:
    75
    Occupation:
    Network Sec / Electronics / IT / Programming
    Location:
    Virginia Beach, VA, USA
    Try CCleaner. It's quick and generally fixes my browser when I get a hijack type bug.
     
  4. origin

    origin Regular Member

    Joined:
    Nov 11, 2008
    Messages:
    334
    Likes Received:
    90
    Home Page:
  5. angrish10

    angrish10 Junior Member

    Joined:
    Aug 24, 2009
    Messages:
    181
    Likes Received:
    184
    Location:
    La Isla Bonita
    Malware Bytes should work.
    1) Disconnect all your Network Connections.
    2) Stop Antivirus s/w if any
    3) Perform the scan via malware Bytes

    It works..atleast it did im my case..when the crapy worms took over my system.
     
  6. Nihilist

    Nihilist Registered Member

    Joined:
    Oct 11, 2009
    Messages:
    59
    Likes Received:
    75
    Occupation:
    Network Sec / Electronics / IT / Programming
    Location:
    Virginia Beach, VA, USA
    This thread on MajorGeeks is pretty much the shitz when it comes to removing malware if that doesn't work. Good luck!
    Code:
    http://forums.majorgeeks.com/showthread.php?t=35407
     
  7. xplicit

    xplicit BANNED BANNED

    Joined:
    Jul 21, 2008
    Messages:
    1,119
    Likes Received:
    1,053
    I run CCleaner everyday, but nothings working.

    I have tried

    Spybot S&D
    AVG Scan
    Malware Bytes

    But its staying the same, I was able to get that thing off the desktop and back to my original but its like when I search on google and click on a result, some weird other search engine comes up.
     
  8. angrish10

    angrish10 Junior Member

    Joined:
    Aug 24, 2009
    Messages:
    181
    Likes Received:
    184
    Location:
    La Isla Bonita
    Aww...Try deleting all files from your Temporary Folder(hidden files included).
    I still back using malware Bytes
     
  9. xplicit

    xplicit BANNED BANNED

    Joined:
    Jul 21, 2008
    Messages:
    1,119
    Likes Received:
    1,053
    When I tried deleting all the files.

    Start - search, the %temp%, not alot of files came up,


    But when I run Spybot S&D it says 258 temp files cannot be deleted.
     
  10. cyberzilla

    cyberzilla Elite Member Premium Member

    Joined:
    Nov 15, 2009
    Messages:
    2,204
    Likes Received:
    3,363
    Location:
    zeta reticuli
    Hey, your PC is infected by a kind of adware or malware. First backup your data before troubleshooting. Malware bytes is one of the best software to deal with this issue, but not sure whether you did a proper scan. If you are gonna do scans do it in safe mode because most of the f... viruses won't work in safe mode, but still there are exceptions. If you are looking for a forum to post Hijack this log, just type " forum hijack this log " in Google you will get many security forums.Hope this helps you....Let me know in case if you need further help....

    To all BHW members: It doesn't matter what Anti virus software you use, but you should update it daily to avoid these kind of issues. Most of the antivirus software supports schedule automatic update. Just turn it on!:)
     
  11. nipit007

    nipit007 Junior Member

    Joined:
    Feb 22, 2009
    Messages:
    107
    Likes Received:
    13
    Just went through this..Bought an external hard drive, moved it all over, and now have a clean computer...Just bring things over as I need it, and of course run a scan on everything befor I bring it back.
     
  12. xplicit

    xplicit BANNED BANNED

    Joined:
    Jul 21, 2008
    Messages:
    1,119
    Likes Received:
    1,053
    Ok, when I try and boot up in safe mode, the computer just keeps restarting itself.

    Also , what is ya'lls top security program?

    AVG
    Mcaffee
    Norton
    Kasper (whatever it is..lol)
     
    Last edited: Jan 7, 2010
  13. shadowedsniper

    shadowedsniper Junior Member

    Joined:
    Aug 15, 2008
    Messages:
    168
    Likes Received:
    100
    What search engine is it redirecting you to from Google? I had that problem a few months ago and it was a bitch to clean up. I had the Vundo/virtumonde trogan and it just wouldn't go away... I ended up just reformatting. Might be your best bet if you can back everything up?
     
  14. LHaskins

    LHaskins Regular Member

    Joined:
    Apr 30, 2008
    Messages:
    264
    Likes Received:
    165
    Yeah, You got a bad one. All the indications are there.....no restore, no safe mode, ect. You might not be able to clean this one out with out a reformat.

    I would switch browsers so you can at least get online. I would also create another account on your computer and work out of it for now. Most virus and malware depend on the ability to make changes from the main (admin) account on your computer. A good way to set up your computer in the future is to set up a admin account that you don't hardly use and then create user accounts that you do your main work in, also a user account with minimum priviliges that you call "guest". The guest account is the one that you let other people use on your computer..that way if they screw things up, it does not directly affect your main setup. Also think about installing a "sandbox" (search "sandboxie") and set up browsers that are sandboxed so they can't affect the rest of the system.

    I know this really sucks, and I hope you get your computer back to normal soon. Nothing worse than having to worry about saving your data.

    Antivirus? Kaperski and NOD32 are two really good ones.
     
    Last edited: Jan 7, 2010
  15. xplicit

    xplicit BANNED BANNED

    Joined:
    Jul 21, 2008
    Messages:
    1,119
    Likes Received:
    1,053
    Awesome advice there.

    As for right now I am working off my laptop while i try and get my main back to normal.

    I am looking at just getting my files backedup, more less all my clients and work..

    As for the programs I have most of them on disk already, Just gonna take some time to get all this done. Actually have the wife getting me a flash drive now so I can start transferring stuff over.
     
  16. werrich

    werrich Regular Member

    Joined:
    Feb 17, 2009
    Messages:
    374
    Likes Received:
    42
    i had this same problem a few months ago and it was really bad. It was a rootkit browser hijacker. sounds like what u have. u may have to download hijackthis and post the results in some of the forums that walk u through rootkit removal. But some rootkits are hard even for techs to remove, so u may need a fresh install of windows. i eventually did. (it sucked because i tried getting rid of it myself, and am usually good at virus removal.)

    the bright side was all my files on my hd were still intact, so i was able to back things up before doing a fresh windows install. if u do have a rootkit u may have to go through this too.
     
  17. radi2k

    radi2k Junior Member

    Joined:
    Nov 29, 2009
    Messages:
    117
    Likes Received:
    34
    Location:
    Germany
    reinstalled the whole computer. just backup your data beforehand and then reinstall it. then after you have finished reinstalling, create a system image with norton ghost or acronis true image. so if your system gets infected again or is broken you can reinstall your pc based on the images within 15-20 minutes. works well :)

    or switch to linux as i did. backup is easy: save your home folder anywhere and which packages are installed. reinstall the whole OS copy home folder back to old location and reinstall the old packages. very cool system :) try ubuntu for example^^
     
    • Thanks Thanks x 1
  18. xplicit

    xplicit BANNED BANNED

    Joined:
    Jul 21, 2008
    Messages:
    1,119
    Likes Received:
    1,053
    I probably would go with linux if I knew how to run programs like photoshop and dreamweaver with it. Not to mention my 3d programs like maya
     
  19. mfriedl1

    mfriedl1 Regular Member

    Joined:
    Sep 12, 2007
    Messages:
    308
    Likes Received:
    13
    Try SUPERantispyware. When Malwarebytes and spybot don't do the job, this tends to do it.
     
  20. MikeHustle

    MikeHustle Power Member

    Joined:
    Mar 1, 2009
    Messages:
    634
    Likes Received:
    236
    Arggghhhh I had the same symptoms on Saturday night. I left to go eat diner and I had the blue screen of death. I tried everything to restore windows. I got pissed off and installed ubuntu. I'm now looking to run windows as a vm because wine wont install any of the applications I use for IM.