Think I May Have Caught A Virus

[MAJIC]

No, relax it's not me personally,it's my Laptop!

About 4 days ago,I kept seeing highlighted text,as if it was a blue text link.

well it was a link,but nothing to do with the article I was reading,or the Postings in Thai Visa,from other members.

To describe it,every time I clicked on any blue word,it led me to the same page as follows:

Top left hand corner was a Union Jack (UK Flag)

Below this was text asking me to do a survey,and if I did I would be entitled to go in the draw and might win an Ipod. Sometimes the screen is peppered with these one word links,and all different words,leading to the same thing.

Now I know that its probably Advertising of some sort,but the nasty part of it is,it won't let me get out of it,only by CONTROL, ALT, & DELETE.

By right clicking my mouse on the Flag,and clicking on Source,it comes up with 200+ lines of programming,but of course will not let me delete anything. I have searched everywhere for the origin of this little B****R,and even ran a program to clean up System Registry,with no luck.

Any of you Knowledgeable Computer Guys seen anything like this,or have any answers?

It's gone at the moment,but like all Pests always come back,just when you think it's gone.

I thought better of Posting a screen shot.

[radster2212]

Hi there see if you can boot your laptop in safe mode then restore your laptop from like a week ago. If not login as an admin or different login and run anti virus or spy wear Apps.

Rad

[MAJIC]

Hi there see if you can boot your laptop in safe mode then restore your laptop from like a week ago. If not login as an admin or different login and run anti virus or spy wear Apps.

Rad

Thanks Radster,I have already run Antivus programs,but nothing was found,I will save the "Restore"to a previous date as the last option.

Many thanks.

[Richard-BKK]

Just a stupid question, do you run Linux if so which distribution. Also which antivirus software are you using???

For any virus that you can obtain from a website, you need to be login as admin/root or entered your sudo password at the moment something was going to get installed...

I have the feeling that you run MS Windows, as Linux doesn't have a System Registry....

I run Linux and in the 10 years that I use it I never had a virus problem, I not even have an anti-virus program

Edited July 17, 2012 by Richard-BKK

[aarn]

Your antivirus might already have been corrupted by the critter!

Rule of thumb is that antivirus programs are up to 99.99% effective (if updated regularly), but not all programs are effective against the same viruses

Using windows, I have had such (self-inflicted) problems. I downloaded 'spybot' then 'adaware'

(free anti-virus programs, spybot used to be smaller) and somehow disinfected the machine (after some hours of mucking around, because a virus will tend to slow down your machine). Good luck, AA

[craigt3365]

Your antivirus might already have been corrupted by the critter!

Rule of thumb is that antivirus programs are up to 99.99% effective (if updated regularly), but not all programs are effective against the same viruses

Using windows, I have had such (self-inflicted) problems. I downloaded 'spybot' then 'adaware'

(free anti-virus programs, spybot used to be smaller) and somehow disinfected the machine (after some hours of mucking around, because a virus will tend to slow down your machine). Good luck, AA

Right on. I use to use Bitdefender. It didn't catch a virus, so I had to uninstall it and use malwarebytes in safe mode. It worked! What a pain.....

[Tywais]

Is the OP using Linux or Windows? If the latter then I will move this topic to the appropriate forum.

[lazygourmet]

Just a stupid question, do you run Linux if so which distribution. Also which antivirus software are you using???

For any virus that you can obtain from a website, you need to be login as admin/root or entered your sudo password at the moment something was going to get installed...

I have the feeling that you run MS Windows, as Linux doesn't have a System Registry....

I run Linux and in the 10 years that I use it I never had a virus problem, I not even have an anti-virus program

Ditto...

On Linux, I just use W.O.T. as a Chromium add on .

When they signal me that the site I want to visit might be at risk, I just don't open it!

[MichaelJohn]

Most anti-virus programs won't find/detect/delete spyware like this. The best free anti-spyware (used just for cleaning) is Spybot Search and Destroy or Malwarebytes.

[Richard-BKK]

If the OP is really running Linux, catching a virus from browsing the internet is completely impossible. I would only be possible if he was prompted to give his sudo password to install a package...

The only common infection of a Linux desktop computer is by media contact (CD-rom, USB-stick, floppy-diskette, email attachement) and even with this infections you need to give your sudo password or be logged in as Root...

Anyway you can easily find the problem, run as root "chkrootkit" without " (you maybe have to install this package).

Edited July 18, 2012 by Richard-BKK

[Richard-BKK]

Most anti-virus programs won't find/detect/delete spyware like this. The best free anti-spyware (used just for cleaning) is Spybot Search and Destroy or Malwarebytes.

Spybot Search and Destroy or Malwarebytes are not available for Linux (it would be completely useless)

[Richard-BKK]

Most anti-virus software available for Linux do nothing more then detect MS Windows viruses, so it's only useful if you share files with - and forward emails - to MS Windows computers (and if you're a nice guy so you not want them to get infected).

You can download and Install for free;

Bitdefender - http://download.bitdefender.com/repos/

Avast - http://www.avast.com/linux-home-edition

And probably a few more....

[GruF]

It's browser problem, clean your cache, cookies and history, then run ccleaner, malwarebytes, winaso and any antivirus. then install

another browser and see if you get the same problem.

[MAJIC]

Just a stupid question, do you run Linux if so which distribution. Also which antivirus software are you using???

For any virus that you can obtain from a website, you need to be login as admin/root or entered your sudo password at the moment something was going to get installed...

I have the feeling that you run MS Windows, as Linux doesn't have a System Registry....

I run Linux and in the 10 years that I use it I never had a virus problem, I not even have an anti-virus program

No I don't use Linux,my OS is Windows Vista home edition,and MS Essentials Anti Virus.

Thanks for your reply

[MAJIC]

Is the OP using Linux or Windows? If the latter then I will move this topic to the appropriate forum.

Windows Vista home Edition,Tywais.Thanks

[MAJIC]

Most anti-virus software available for Linux do nothing more then detect MS Windows viruses, so it's only useful if you share files with - and forward emails - to MS Windows computers (and if you're a nice guy so you not want them to get infected).

You can download and Install for free;

Bitdefender - http://download.bitdefender.com/repos/

Avast - http://www.avast.com...ux-home-edition

And probably a few more....

I'm going to download both,will update if anything is found.

Thanks very much.

[Tywais]

Is the OP using Linux or Windows? If the latter then I will move this topic to the appropriate forum.

Windows Vista home Edition,Tywais.Thanks

In that case will move this topic up a level.

[MAJIC]

It's browser problem, clean your cache, cookies and history, then run ccleaner, malwarebytes, winaso and any antivirus. then install

another browser and see if you get the same problem.

Have already used ccleaner,and also used the system registry cleaner that comes with it.will try using another browser if the problem persists,and pops up again.

Thanks for the advice.

[Bender]

If its a new virus most of the anti virus/malware will be for now completely useless till its not catalogued in their database definition.

What you can do its try to restaure your system to a previous point. Dont worry most of your latest document will be saved, only the new software will be deleted.

Or try these few tips:

Start windows in safe mode, go to the folder User/"your account "/AppData/Local/Temp , empty this folder manually. As most of the time its where the virus hide. The extension of the file should be .exe.

And also in safe mode run ccleaner/msconfig, check for the "start up program", and looks at the progs that looks suspicious and delete it. Because once its running == its locked, so you canot delete it.

Edited July 18, 2012 by Bender

[TehBen]

It is inadvisable to run registry cleaner programs until you have removed the virus or if you know what you are doing, some can damage your system irreparably.

Boot in safe mode by pressing (most commonly) F8 as soon as the computer starts booting up. From there run a full virus scan. Malwarebytes Anti-Malware is very good, but you will need to download and update this before starting the laptop in safe mode.

If nothing is detecting the adware/virus then register with a specialist website such as www.geekstogo.com and follow their advice (they are very good at sorting things out for you).

http://www.geekstogo.com/forum/topic/2852-malware-and-spyware-cleaning-guide/

[Pib]

Most anti-virus programs won't find/detect/delete spyware like this. The best free anti-spyware (used just for cleaning) is Spybot Search and Destroy or Malwarebytes.

Spybot Search and Destroy or Malwarebytes are not available for Linux (it would be completely useless)

Norton 360 works great to defend/eliminate cookies of low to high threat nature which can cause bothersome stuff appearing on your screen. Does all of this in the background and/or during user initiated scans.

[craigt3365]

Great recommendations guys!!!!

[Jiu-Jitsu]

Sounds as if you are going to have more crap on the system than ever before if you take all of this advice.

Especially if you have multiple antivirus running at the same time.

A good HOSTS file will help to prevent that kind of rubbish without the need for all of that software.

[Bender]

Sometime, recent virus have used important official software to pass trought all your antivirus and infect your computer:

Some browser like firefox have huge security issue with plug-in from java 6. As you might have some virus in the java cache. You can disable this plug-in or better you should go to the "program manager" completely delete/unsintall the software java 6. And after install the new java 7. Its more reliable.

And also another tips. Older Adobe version have also huge security hole. And as you use it all time for video/flash you might get your pb from there. You should go to their website and upgrade to the latest version of adobe.

Edited July 19, 2012 by Bender

[jaysun]

my suggestion, format your computer, if you have been rooted, there's almost no way to clean it out reliably

use Chrome + install the ScriptNo and Adblock extensions. Just Chrome by itself will make drive-by malware almost impossible, but using those 2 extensions you will be protected wherever you go.

install MSE (free)

if you understand how to do fine-controll of a firewall, then also install Comodo Firewall (free) and turn it on advanced so you can accept/reject specific app requests for the internet

[tw25rw]

I have had this a few times. A nuisance rather than a threat.

Sounds like you have installed something that was accompanied by adware. Go through your installed apps and sort them by installed date. There will be something there that you installed and can get rid of. Then reboot. Sorry I can't remember the names of these, but they were fairly obvious at the time.