I need help,asap re:malware takeover

[MrCloseShave]

eset online scanner(free online virus removal tool USE FIRST IF POSSIBLE)
Combofix (run if eset does not fix the problem)
malwarebytes (malware remover)
win patrol plus a.k.a. scotty the watchdog (real time registry protection)
ccleaner (crap cleaner, need i say more)
avg (Free antivirus software)


Been there done that in terms of virus problems, bleeping computer is second to none, just takes about a week to take care of everything.

combofix is the shiznit

 

[PawkHawk1]

I run into this 10 times a week. Do a system restore to a day before this happened and it will remove it and not lose any files. If that doesn't work download combofix from bleepingcomputer.com. either of those will remove it. U would recommend going into safemode as well to do either of them. Many time this spyware will block those programs unless its in safemode.

This is what I did. The system retore ( had to do it from safemode, as the virus would not let me from the start up menu) and reset to early this morning.

It worked great. Thank you so much meandrunk! I owe you one.

 

[PawkHawk1]

Thanks to all for the great info. I'm going to continue using SuperAntiSpyare, but will add in Avast 5.0 or AVG and definitely malwarebytes.

Thanks again.

 

[MeanDrunkR2D2]

Thanks to all for the great info. I'm going to continue using SuperAntiSpyare, but will add in Avast 5.0 or AVG and definitely malwarebytes.

Thanks again.

You're welcome. I recommend avast over avg, but I would recommend Microsoft forefront. It's free and in fact we just switched over to that last week for our enterprise solution at work.

This may not be the last time you see this spyware. You can minimize the risk further by using FireFox with the ad block plus and no ****** add in running. These programs use java usually via legitimately hacked ads.

Glad to hear it worked for you.

 

[AZHAWKFAN1]

this is what is great about Hawk fans and Iowans in general, always willing to help!

 

[superfan12]

buy a mac, no problems with mine. sorry can't help you with your problem but it seems like the guys on here should get you fixed up!

 

[DuffMan]

What others have said. I got nailed with this a few months back. It highjacked all my web browsers and wouldn't let me run any program with .exe at the end.

It took me a few days of bumbling but I finally got rid of it. On a second machine I googled the name of the hijacker and got some instructions on what to do and followed them and it worked.

 

[MeanDrunkR2D2]

What others have said. I got nailed with this a few months back. It highjacked all my web browsers and wouldn't let me run any program with .exe at the end.

It took me a few days of bumbling but I finally got rid of it. On a second machine I googled the name of the hijacker and got some instructions on what to do and followed them and it worked.

There are many variants of this spyware out there and some are nastier than others. The ones that really annoy me are the ones that they are able to get it to work in safe mode. But as long as you have combofix, it will kill it all. No need to use rkill as it is a bit of overkill for this type of virus and just an extra step that isn't needed. I've probably cleaned 150 machines of this type of virus this year alone, and 148 of them I was able to fix by just running system restore. Sometimes right away, and others by going into safe mode. The other 2 I needed to run combofix (which I have updated constantly and on our network here) that i can pull off and run with no issues.

 

[DuffMan]

Stinks my first post won't be Hawkeye related, but this happened to me last week....You need to download a file called rkill which will stop the popups redirection etc. It won't get rid of the file but then you can run a malware program like Malwarebytes. As another poster mentioned this can be downloaded from bleeping computer. I had to use my other computer and copy the files to a flash drive. Rkill also comes in several fake names on bleeping computer and I only got one of the files to work. Just remember Rkill only ends the programs, then you need to use some Malware program to delete the bad files. If you restart after just running Rkill the same thing will happen again. Good luck, this one took me a night to get figured out because it wont let you open files etc. if you pm me I'll try to help if I can.

Not to take away from what R2 said as I'm sure he's right but this is exactly what I ended up doing and it worked as well. It did take me several hours.

Actually if I remember right Mozilla's on board AV actually cuaght this and stopped it so I could at least use Mozilla to surf and download what I needed. Again mine was particularly nasty in that it wouldn't let me run any programs or .exe files.

By the way I'd suggest your daughter grab some AV software also. Wallmart has both bit defender and a bit for under 40 bucks. It pays for iteself the first time it catches something that would otherwise send your puter to a tech to disinfect.