Go Back   Hardware Canucks > SOFTWARE > O/S's, Drivers & General Software

    
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old April 3, 2009, 05:38 AM
Nodscene's Avatar
Allstar
 
Join Date: Dec 2007
Location: Toronto
Posts: 960
Default New virus redirector 209.85.171.79

Just wondering if anyone else has come across this yet. I have a clients computer that get's redirected when clicking on a google link. Usually only happens every 3rd or 4th time. Doesn't seem all that harmful right now (although it doesn't let you run regedit), but it's hidden so well that nothing is picking it up right now. So far I've used....

Superantispyware
Combofix (and other like it)
Windows Live One Care
Malwarebytes
Hijackthis

Programs like combofix will not even run, even in safe mode. All antispyware/virus programs will not download their virus definitions (either it can't establish connection or will outright crash.), so I've had to download them from another computer to usb stick and then install the definitions that way. Not one program has picked up anything. I hope this doesn't become prevalent as there doesn't seem to be any solutions right now.

I'm basically stuck reformatting and reinstalling their computer. Not too good for the clients as that usually involves a few hours at least.

So for those who have clients in a business establishment you might want to tell them to be extra carefull!
__________________

Create something idiot proof and they will make a better idiot.
_____________________________________

Intel Q6600 - Gigabyte EP35-DS4 - OCZ Reaper 4gig PC2-6400 - XFX 8800GT 512Mb Alpha Dog - AuzenTech X-Fi Prelude - Alesis M1Active MK2 - Corsair HX-620 - Silverstone Temjin TJ05B-X - Scythe Katana 2 - WD Raptor 150Gb - Seagate 7200.11 750Gb x2 - Samsung SH-S203N
Reply With Quote
  #2 (permalink)  
Old April 3, 2009, 07:01 AM
sswilson's Avatar
Moderator
F@H
 
Join Date: Dec 2006
Location: Moncton NB
Posts: 14,535

My System Specs

Default

Where are they being redirected to?
__________________
MSI Z87I Gaming AC / i5 4670K / 2X 4G Gskill 1866 DDR3 / XFX XTR 750 / EVGA GTX 680 SC+ 2GB / Intel DC S3700 200G / random 160G Sata HDD
Inwin 904 / Swiftech MCP655-b / Alphacool NexXxos XT45 120 Rad / 2X Scythe GT AP-15 / EK Supreme HF / Dell UltraSharp U2412M

Asrock AM1H-ITX / AM1 Athlon 5350 / 2X4G Gskill PC3-14900 / Intel 6235 Wi-Fi / 90W Targus Power Brick / 320G Seagate Momentus / Mini-Box M350 / 1X 22" Dell IPS / 1X 22" HP
Reply With Quote
  #3 (permalink)  
Old April 3, 2009, 08:10 AM
"Quote This..."
F@H
 
Join Date: Nov 2007
Location: Hell
Posts: 3,831
Default

That's not a virus, that's malware/spyware. Try the f-secure online scan tool.

F-Secure Support pages: F-Secure Online Virus Scanner

That gets all the stuff others miss.
Reply With Quote
  #4 (permalink)  
Old April 3, 2009, 08:14 AM
Nodscene's Avatar
Allstar
 
Join Date: Dec 2007
Location: Toronto
Posts: 960
Default

I know it's technically not a virus but it's just easier referring to it like that :)

Yeah, I might try F-Secure. Nothing to lose at this point.

It's being redirected to random sites. It almost feels like it's a test run before the big one drops.
__________________

Create something idiot proof and they will make a better idiot.
_____________________________________

Intel Q6600 - Gigabyte EP35-DS4 - OCZ Reaper 4gig PC2-6400 - XFX 8800GT 512Mb Alpha Dog - AuzenTech X-Fi Prelude - Alesis M1Active MK2 - Corsair HX-620 - Silverstone Temjin TJ05B-X - Scythe Katana 2 - WD Raptor 150Gb - Seagate 7200.11 750Gb x2 - Samsung SH-S203N
Reply With Quote
  #5 (permalink)  
Old April 3, 2009, 08:19 AM
"Quote This..."
F@H
 
Join Date: Nov 2007
Location: Hell
Posts: 3,831
Default

Antivurus will never have an andidote for spyware like that. Gotta look to the adaware and search and destroy apps. That scan tool does both, very handy. I also like to boot into linux via cd and look around in windows, you can find the hidden stuff and delete it.
Reply With Quote
  #6 (permalink)  
Old April 3, 2009, 08:54 AM
enaberif's Avatar
Hall Of Fame
 
Join Date: Dec 2006
Location: Calgahree, AB
Posts: 10,605
Default

Quote:
Originally Posted by Nodscene View Post
I know it's technically not a virus but it's just easier referring to it like that :)

Yeah, I might try F-Secure. Nothing to lose at this point.

It's being redirected to random sites. It almost feels like it's a test run before the big one drops.
Referring to something that its not is bad practice if you commonly work on peoples computers.

Either install MalwareBytes or Super Antispyware and it'll fix it.
Reply With Quote
  #7 (permalink)  
Old April 3, 2009, 09:40 AM
gingerbee's Avatar
Hall Of Fame
F@H
 
Join Date: Jan 2009
Location: Orillia, Ontario
Posts: 6,828

My System Specs

Default

spybot yes has always work for me
__________________
Fav quote "One should strive to achieve; not sit in bitter regret." Ronin Harris
Reply With Quote
  #8 (permalink)  
Old April 3, 2009, 09:44 AM
enaberif's Avatar
Hall Of Fame
 
Join Date: Dec 2006
Location: Calgahree, AB
Posts: 10,605
Default

Quote:
Originally Posted by gingerbee View Post
spybot yes has always work for me
Spybot and Ad Aware are gone of the days of the dodo since Malwarebytes and Super Antispyware have come out.

Both of those do a better job than Spybot ever could.
Reply With Quote
  #9 (permalink)  
Old April 3, 2009, 09:54 AM
element291's Avatar
Allstar
 
Join Date: Jan 2009
Location: Barrie, Ontario
Posts: 674
Default

Quote:
Originally Posted by enaberif View Post
Spybot and Ad Aware are gone of the days of the dodo since Malwarebytes and Super Antispyware have come out.

Both of those do a better job than Spybot ever could.

I'd say Malwarebytes would do the trick as well.

Hehe yesterday at work, I got a popup saying that my computer may have serious virus's and i need to download their spyware tool... then it took me to one of those fake pages.

I found it quite funny that our citrix network has spyware/adware on it.
__________________

| ASUS P8Z68-VPRO | Intel i5 2500K | 8Gb Patriot Viper Xtreme | 2x 60gb OCZ Solid 3 SSD | EVGA GTX260 Core216 |




Reply With Quote
  #10 (permalink)  
Old April 3, 2009, 12:21 PM
Nodscene's Avatar
Allstar
 
Join Date: Dec 2007
Location: Toronto
Posts: 960
Default

Quote:
Originally Posted by enaberif View Post
Referring to something that its not is bad practice if you commonly work on peoples computers.

Either install MalwareBytes or Super Antispyware and it'll fix it.
Speaking of bad practice, if you would have read the original post you would have seen that I've already tried those and came up with nothing. Or did you just come on this thread to complain?

So anyways, even F-Secure came up blank. Looks like I'll have to image another comp put it on the infected computer.
__________________

Create something idiot proof and they will make a better idiot.
_____________________________________

Intel Q6600 - Gigabyte EP35-DS4 - OCZ Reaper 4gig PC2-6400 - XFX 8800GT 512Mb Alpha Dog - AuzenTech X-Fi Prelude - Alesis M1Active MK2 - Corsair HX-620 - Silverstone Temjin TJ05B-X - Scythe Katana 2 - WD Raptor 150Gb - Seagate 7200.11 750Gb x2 - Samsung SH-S203N
Reply With Quote
Reply


Thread Tools
Display Modes

Similar Threads
Thread Thread Starter Forum Replies Last Post
Anti-Virus - Do you run one? Which? zlojack O/S's, Drivers & General Software 111 February 22, 2010 09:34 PM
conficker virus cmac79 Off Topic 21 March 31, 2009 02:59 PM
Which Anti-virus do you use Forge O/S's, Drivers & General Software 78 August 22, 2008 05:39 PM
Virus problem...Help Kilauea O/S's, Drivers & General Software 21 August 22, 2008 08:21 AM
Top 10 Virus Alerts Supergrover O/S's, Drivers & General Software 4 July 3, 2008 10:35 AM