Can't get rid of hijack malware

Mark42

Mark42

Fleet Admiral
Joined
Oct 8, 2003
Messages
9,334
Managed to pick up a Trojan that re-directs the results of yahoo and google searches to their own search engines or select websites. What a pain, but worse, Malware bytes and Spybot can't find it.

Looking for a good hijack/trojan remover. This thing is driving me nuts!
 
Bondo

Bondo

Moderator
Staff member
Joined
Apr 17, 2002
Messages
70,525
Re: Can't get rid of hijack malware

Ayuh,... Have you searched cnet for it,..??
If there's a good program out there,.. They're reviewed it...
If it's Free,... They've got it....
 
HopeSheFloats

HopeSheFloats

Lieutenant Commander
Joined
Jun 12, 2009
Messages
1,674
Re: Can't get rid of hijack malware

Good luck with that... I just went thru that a week ago or so, had to wipe the drive and start over. I even used a different pc to download different apps to try to no avail.
Definitely a nasty little bugger...in fact it caused me so much grief that I renewed my subcription to iolo's system mechanic this past weekend. Hopefully someone may know a work-around.
 
j_martin

j_martin

Admiral
Joined
Sep 22, 2006
Messages
7,474
Re: Can't get rid of hijack malware

open the file C:\WINDOWS\system32\drivers\etc\hosts in notepad.

It may have a bunch of lines of explanation and instruction, each of which starts with a # sign. Those are comments. The only line that doesn't have a # sign should be:
127.0.0.1 localhost

That's called the loopback address.

If there's any other address or url lines that are not marked with a #, then:

restart in safe mode.
Go back to the hosts file and # mark the offending lines.

If it comes back on you, it'll take a Geek attack on the registry to get rid of it.

hope it helps
John
 
gonefishie

gonefishie

Commander
Joined
Jul 28, 2004
Messages
2,624
Re: Can't get rid of hijack malware

you can't get better if you don't know what exactly is making you sick. There's no such thing as a universal magic pill anymore. I second the hijackthis log post, one in normal mode and one is safemode.
 
kenmyfam

kenmyfam

Supreme Mariner
Joined
Aug 10, 2006
Messages
14,385
Re: Can't get rid of hijack malware

PC Tools Spyware Doctor has beaten anything we have ever been attacked by.
$29.95 a year but works like a charm. Updates and scans itself when you allow it to.
 
dlindeblad

dlindeblad

Petty Officer 1st Class
Joined
Jul 9, 2009
Messages
256
Re: Can't get rid of hijack malware

I second Spyware Doctor. I had a few bad viruses and could not get rid of them. I used Iolo's software, Adware, Trend Micro house call, and one or two others and could not shake it. After running all of these different programs I then ran Spyware Doctor and it found 300 infected files. The cool thing about Spyware Doctor is that for the $29.95 you get antivirus and I believe firewall too.
 
Mark42

Mark42

Fleet Admiral
Joined
Oct 8, 2003
Messages
9,334
Re: Can't get rid of hijack malware

KeyWestSkipper said:
Have you tried running Trend Micro Housecall?

http://free.antivirus.com/

While on their site you can also dl a copy of HijackThis and post a log here.
Click to expand...

I'll run hijackthis and post a log.

tx1961whaler said:
Believe it or not, try this:
http://www.microsoft.com/Security_Essentials/
It is actually very good.
Click to expand...

Ran that, but it did not find anything. Also ran Microsofts monthy malware program and it found nothing. Uggg.


j_martin said:
open the file C:\WINDOWS\system32\drivers\etc\hosts in notepad.

It may have a bunch of lines of explanation and instruction, each of which starts with a # sign. Those are comments. The only line that doesn't have a # sign should be:
127.0.0.1 localhost

That's called the loopback address.

If there's any other address or url lines that are not marked with a #, then:

restart in safe mode.
Go back to the hosts file and # mark the offending lines.

If it comes back on you, it'll take a Geek attack on the registry to get rid of it.

hope it helps
John
Click to expand...

There were pages of entries, all marked as added by Spotbot. I looked at existing backups of the same file in the same folder, and saw they look as you described. So I deleted all entries but the comments and the one address.

Still not having success.

Will run highjackthis, but have to do it this evening. Will post the log.

Thanks for your help! These root-kit malware programs are a pain to remove.
 
J

jonesg

Admiral
Joined
Feb 22, 2008
Messages
7,174
Re: Can't get rid of hijack malware

kenmyfam said:
PC Tools Spyware Doctor has beaten anything we have ever been attacked by.
$29.95 a year but works like a charm. Updates and scans itself when you allow it to.
Click to expand...

I bought spyware doctor, it doesn't work for beans with this new malware.
My computer is completely locked up now.

I ran spyware doctor and it said all was clean, I rebooted and it stays stuck in a boot loop, its says launching windows, then it says logging off.

Can't boot up in safe mode, the machine is dead, I'll have to buy a new computer. :eek:
 
cribber

cribber

Lieutenant
Joined
May 29, 2008
Messages
1,338
Re: Can't get rid of hijack malware

The best way to get rid of the malware is to run your system in safe mode and then do full scans with your spyware. Running in Safe mode prevents the malware from loading and tricking your software into think it's an antivirus program. Here is where you can get the MS Security information help and tips.

http://www.microsoft.com/Security/
 
X

xxxflhrci

Chief Petty Officer
Joined
Jun 14, 2008
Messages
637
Re: Can't get rid of hijack malware

jonesg said:
I bought spyware doctor, it doesn't work for beans with this new malware.
My computer is completely locked up now.

I ran spyware doctor and it said all was clean, I rebooted and it stays stuck in a boot loop, its says launching windows, then it says logging off.

Can't boot up in safe mode, the machine is dead, I'll have to buy a new computer. :eek:
Click to expand...

I had a similar experience about a month ago. We got a virus that destroyed my hard drive in about 3 days. I tried fighting it with several different programs, but failed. Right before she locked up, I downloaed the things I wanted off the computer to a flash drive...Then, I went to the local PC store and bought a new hard drive that was twice the size of what I had before for 50 bucks, came home installed it in about 5 minutes and loaded the computer back with my master disks. It took me a couple of hours to get it set back the way I had it before. She now zips along as fast as ever.....I learned my lesson, since I could have lost nearly 10 years worth of pics, and bought a used My Book hard drive off of eBay to save a back up of my pics and other things I don't want to lose.
 
gonefishie

gonefishie

Commander
Joined
Jul 28, 2004
Messages
2,624
Re: Can't get rid of hijack malware

have you ever consider burning them onto cd or dvd? They aren't vulnerable to virus. Dogs and small childrens are a different story.
 
NYBo

NYBo

Admiral
Joined
Oct 23, 2008
Messages
7,107
Re: Can't get rid of hijack malware

If you can't get the computer to boot at all, pull out the hard drive, hook it to another computer with a USB adapter, and run a full gamut of scans. Put the drive back and see if it boots.
 
P

PiratePast40

Lieutenant Commander
Joined
Mar 21, 2009
Messages
1,734
Re: Can't get rid of hijack malware

NYBo said:
If you can't get the computer to boot at all, pull out the hard drive, hook it to another computer with a USB adapter, and run a full gamut of scans. Put the drive back and see if it boots.
Click to expand...

Excellent idea.

I've had the same browser hijack malware recently. PC Tools was the only one that found and eradicated the virus. I tried a half dozen others including Microsoft security essentials and malawarebytes with no success. The microsoft product was able to find the virus but it morphed into a different name before it could take action.

It sounds like the success rate for removal is rather spotty - regardless of the product you use. It's really important to catch this one before it gets a chance to initialize, that is, try to run the anti-virus software in safe mode or run from a different OS and drive like recommended above.
 
J

jonesg

Admiral
Joined
Feb 22, 2008
Messages
7,174
Re: Can't get rid of hijack malware

NYBo said:
If you can't get the computer to boot at all, pull out the hard drive, hook it to another computer with a USB adapter, and run a full gamut of scans. Put the drive back and see if it boots.
Click to expand...

NAh, drop it in the dumpster. I wouldn't risk putting the infected drive near my business machine.
Whoever writes this stuff needs a beatin, this is as funny as spray painting cars in the street. I suppose its good for the computer business.
 
You must log in or register to reply here.
Top