Tech Support Forum - View Single Post

mikey287 · 07-02-2009, 10:34 PM

Hey guys,

Normally I'm in the position to be offering malware/virus advice to people, I have a lot of tools at my disposal and at least an intermediate knowledge of how to get rid of this stuff...but this one has me stumped...

Source: Uncharacteristically took a chance on downloading a program from a BitTorrent site (Microsoft Frontpage).

What the problem is: Google redirection upon normal clicking on links in Internet Explorer. When right-clicking and trying to open a new window on such links, IE crashes. Regular ads on each site are replaced with Vimax ads or Clicksor sponsored ads for "spam free e-mail." Firefox (not my normal browser) runs slower, succumbed by the same ads. Slower browsing.

What I've tried: Everything really. After I notice an attack, I immediately go to Search and look for all files created or modified in that time frame and delete them. Ones that can't be deleted I use a tool called Unlocker which allows you to delete these files by "unhooking" them from their host program (i.e. a .TMP file from iexplore.exe). Hijack This looks pretty clean. MalWare Anti-Bytes came up pretty much empty-handed. ATFCleaner wiped all Windows Temp/Internet Temp files. Went to the heavier artillery, Dr. Web CureIt found 11 issues and promptly deleted them and prompted a restart -- still not solved. Now I have GMER log, it seems there's some issues there, but I'm not entirely sure how to fix them. I can post that log upon request (which I think it will ultimately boil down to)...I think ComboFix is an option I need, but I think the CFScript file needs to be specific per case (maybe?) so I steered clear of that.

I need some expert help here please. Thanks a lot!

07-02-2009, 10:34 PM	#1 (permalink)
mikey287 Registered User Join Date: Jul 2009 Posts: 1 OS: XP	Clicksor/Vimax malware Hey guys, Normally I'm in the position to be offering malware/virus advice to people, I have a lot of tools at my disposal and at least an intermediate knowledge of how to get rid of this stuff...but this one has me stumped... Source: Uncharacteristically took a chance on downloading a program from a BitTorrent site (Microsoft Frontpage). What the problem is: Google redirection upon normal clicking on links in Internet Explorer. When right-clicking and trying to open a new window on such links, IE crashes. Regular ads on each site are replaced with Vimax ads or Clicksor sponsored ads for "spam free e-mail." Firefox (not my normal browser) runs slower, succumbed by the same ads. Slower browsing. What I've tried: Everything really. After I notice an attack, I immediately go to Search and look for all files created or modified in that time frame and delete them. Ones that can't be deleted I use a tool called Unlocker which allows you to delete these files by "unhooking" them from their host program (i.e. a .TMP file from iexplore.exe). Hijack This looks pretty clean. MalWare Anti-Bytes came up pretty much empty-handed. ATFCleaner wiped all Windows Temp/Internet Temp files. Went to the heavier artillery, Dr. Web CureIt found 11 issues and promptly deleted them and prompted a restart -- still not solved. Now I have GMER log, it seems there's some issues there, but I'm not entirely sure how to fix them. I can post that log upon request (which I think it will ultimately boil down to)...I think ComboFix is an option I need, but I think the CFScript file needs to be specific per case (maybe?) so I steered clear of that. I need some expert help here please. Thanks a lot!