Need help with a Virus/Spyware/something

[Skibabinz]

Okay so randomly this morning I get this install prompt from Windows 7, which wouldn't allow me to do anything but click yes, otherwise it would repeatedly pop up. I should have probably turned off my pc immediately, however when you're half asleep...yea. Anywho, I've ran Adaware, Malwarebytes, and Avast with full scans, and only Malwarebytes got a hit on something, and I removed it.

The problem is, I still can't use my search engines fully. For example, I go to search something in Google, it shows the results of my search, I click one and am redirected to some other website which Malwarebytes immediately blocks. Before this, all I had was AVG free, but now I got all the ones I mentioned in addition to that. Other than the situation with the search engine, I have discovered that I can use the option to open it in another tab after searching, and I can also just type the address I want to access in the address bar without any issue.

So, any ideas as to what it could be?

 

[Patriot]

Okay so randomly this morning I get this install prompt from Windows 7, which wouldn't allow me to do anything but click yes, otherwise it would repeatedly pop up. I should have probably turned off my pc immediately, however when you're half asleep...yea. Anywho, I've ran Adaware, Malwarebytes, and Avast with full scans, and only Malwarebytes got a hit on something, and I removed it.

The problem is, I still can't use my search engines fully. For example, I go to search something in Google, it shows the results of my search, I click one and am redirected to some other website which Malwarebytes immediately blocks. Before this, all I had was AVG free, but now I got all the ones I mentioned in addition to that. Other than the situation with the search engine, I have discovered that I can use the option to open it in another tab after searching, and I can also just type the address I want to access in the address bar without any issue.

So, any ideas as to what it could be?

You might check your hosts file. There could be a bad/malicious DNS entry in it.




C:\WINDOWS\system32\drivers\etc\hosts


Mine looks like this:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#	127.0.0.1       localhost
#	::1             localhost

You could also check your browser to ensure you are not set up with a proxy (that you didn't set up).

 

[Atown]

also check your internet settings via control panel to see if your being pushed through a proxy server

 

[Skibabinz]

I checked both, and they're both fine. I do however have to say that I had malware bytes detect something while I was checking CNN.com (I check 3-4 different news sites regularly), and after hitting no about 4 times, I got spammed with errors that repeated to the point that my pc restarted itself. Before the restart, most of my icons from my desktop were deleted and it removed most of my items from my Start menu and wouldn't allow me to access my protection software from Start -> Programs, as well as deleted my access from there to my computer, control panel, etc.

I restarted in safe mode, and managed to get into my programs and currently have Avast and Malwarebytes running. I had ad-aware running as well, but it keeps saying its finished after only about 5-10 minutes. I seriously wish I knew what this was, I've already attempted to set my pc back to about 1 am today, before this stuff started, but it seems this is just happening as it did earlier today.

 

[ewoksrule]

make sure to go to Internet Options > advanced and choose Reset

 

[ewoksrule]

for the icon issue you need to run unhide.exe from bleepingcomputers

 

[Tek7]

If it's feasible, I'd recommend backing up any important files and formatting your PC, then installing your OS and any other commonly used programs and games.

But if your hard drive looks anything like mine, a wipe and reload involves several hours of re-installs after, so it's a last resort.

Unfortunately, other than Malwarebytes Anti-malware, I don't know what tools are considered "the best" for cleaning malware off PCs these days.

 

[Skibabinz]

So a bit of an update, I purchased Bitdefender and with its ability to restart in its own sort of mini protective OS that allows it to scan in its own version of safe mode, I kicked the virus. I got all my files unhidden, however now I can't seem to be able to change my desktop background from the solid black picture the virus changed it to. I attempt to change it, and it only changes my taskbar. I'm using windows 7 by the way >.>

Any tips?