I am not infront of my pc right now, but last night got hit with something nasty, i was able to clean about 90% of it up myself and got rid of everything i could find, but i noticed one thing that has peaked my curiosity.. when i goto my web browser (firefox, ie) and do a search, i notice on the bottom, when it displays the page it is accessing, it shows analitic-checks.google.com, even if i am on yahoo... it seems to want to filter my results or something... i tried searching for this, but cannot find it.. i ran spybot S&D, found some little junk and fixed it, but still is happening... any suggestions or ever heard of this?
thanks
Full Version: Quick Question
Suggest A Fix PC Support Forums > Security > Malicious Code: Viruses, Trojans, Spyware and Browser HiJacking
Welcome to SAF, allnyguy.
Download SilentRunners.VBS to the desktop and run it there. Wait for the prompt that the scan has finished, otherwise the log it generates will be incomplete. Post the log in your reply. It will show what's running on your computer and may provide a clue as to what's happening.
Download SilentRunners.VBS to the desktop and run it there. Wait for the prompt that the scan has finished, otherwise the log it generates will be incomplete. Post the log in your reply. It will show what's running on your computer and may provide a clue as to what's happening.
QUOTE(allnyguy @ Aug 21 2008, 05:45 AM) 
I am not infront of my pc right now, but last night got hit with something nasty, i was able to clean about 90% of it up myself and got rid of everything i could find, but i noticed one thing that has peaked my curiosity.. when i goto my web browser (firefox, ie) and do a search, i notice on the bottom, when it displays the page it is accessing, it shows analitic-checks.google.com, even if i am on yahoo... it seems to want to filter my results or something... i tried searching for this, but cannot find it.. i ran spybot S&D, found some little junk and fixed it, but still is happening... any suggestions or ever heard of this?
thanks
I am having the same exact problem. Though with mine whenever I follow a link out of google, it redirects me to some junk page. Have you had any luck yet?
QUOTE(whopis @ Aug 22 2008, 02:52 PM)
I am having the same exact problem. Though with mine whenever I follow a link out of google, it redirects me to some junk page. Have you had any luck yet?
I'm having the same exact problems. I was able to get rid of the junk page redirects using fixwareout, but I'm still getting the "analitic-checks" messages and I'm not able to access spyware sites like AVG. Anyone have a fix for this? Thanks!
ileventh and whopis y'all need to start seperate topics. it's much too complicated to do more than one problem per thread.
QUOTE(allnyguy @ Aug 21 2008, 05:45 AM)
I am not infront of my pc right now, but last night got hit with something nasty, i was able to clean about 90% of it up myself and got rid of everything i could find, but i noticed one thing that has peaked my curiosity.. when i goto my web browser (firefox, ie) and do a search, i notice on the bottom, when it displays the page it is accessing, it shows analitic-checks.google.com, even if i am on yahoo... it seems to want to filter my results or something... i tried searching for this, but cannot find it.. i ran spybot S&D, found some little junk and fixed it, but still is happening... any suggestions or ever heard of this?
thanks
I just found a post by someone who was able to fix the problem by using Dr. Web Antivirus Cureit. Trying that now, will let you know what happens.
Here's the post:
http://www.spywarewarrior.com/viewtopic.php?p=186498
Hello
I had this problem and cured it with MalwareBytes' Anti-Malware. Unfortunately this trojan will not let you access the MalwareBytes' page to download it. You will need to download the program from another computer and then transfer it via USB or some such to the infected machine.
The next trick is that after you get Anti-Malware installed you have to update the database in the program, but the trojan won't let you. So under the update tab, choose the update mirror of MalwareSupport.com. That downloaded a new set of database entries which found the malware and was able to remove it. (I tried before I updated, seeing that the update I was using was just from about a month ago and it did not work.)
Among the files it deleted were tdssadw.dll, tdssl.dll tdssserf.dll (several others) all in c:\windows\system32. If you have these files then this is probably the fix for you.
Once the machine was basically working again, I was able to update my Spybot Search and Destroy database and then it found some ancillary bogus things. Now I think I am clean. Hope this helps
-Doug
I had this problem and cured it with MalwareBytes' Anti-Malware. Unfortunately this trojan will not let you access the MalwareBytes' page to download it. You will need to download the program from another computer and then transfer it via USB or some such to the infected machine.
The next trick is that after you get Anti-Malware installed you have to update the database in the program, but the trojan won't let you. So under the update tab, choose the update mirror of MalwareSupport.com. That downloaded a new set of database entries which found the malware and was able to remove it. (I tried before I updated, seeing that the update I was using was just from about a month ago and it did not work.)
Among the files it deleted were tdssadw.dll, tdssl.dll tdssserf.dll (several others) all in c:\windows\system32. If you have these files then this is probably the fix for you.
Once the machine was basically working again, I was able to update my Spybot Search and Destroy database and then it found some ancillary bogus things. Now I think I am clean. Hope this helps
-Doug
QUOTE(dcogan @ Aug 24 2008, 12:53 AM)
Hello
I had this problem and cured it with MalwareBytes' Anti-Malware. Unfortunately this trojan will not let you access the MalwareBytes' page to download it. You will need to download the program from another computer and then transfer it via USB or some such to the infected machine.
The next trick is that after you get Anti-Malware installed you have to update the database in the program, but the trojan won't let you. So under the update tab, choose the update mirror of MalwareSupport.com. That downloaded a new set of database entries which found the malware and was able to remove it. (I tried before I updated, seeing that the update I was using was just from about a month ago and it did not work.)
Among the files it deleted were tdssadw.dll, tdssl.dll tdssserf.dll (several others) all in c:\windows\system32. If you have these files then this is probably the fix for you.
Once the machine was basically working again, I was able to update my Spybot Search and Destroy database and then it found some ancillary bogus things. Now I think I am clean. Hope this helps
-Doug
Yes, Dr. Web Antivirus Cureit removed those same files on my system, and a bunch of others as well, and now it looks like I am golden. All problems have disappeared and my system is performing great. The problem is not returning with a reboot. (Let's hope it stays that way!) I also went into c:\windows\system32 and c:\windows\system32\drivers and manually removed a few other suspicious looking recent files in safe mode.
Curiously, I had used MalwareBytes' Anti-Malware earlier today, and it did not solve the problem. I'm guessing that it was because of the lack of ability to update the program. Anyway, all is clean here now.
Doug THANKS!!! Got rid of this nasty HiJack using MalwareBytes' Anti-Malware.
I was amazed to see the program update work using your advise, great stuff!
again Many Thanks!
I was amazed to see the program update work using your advise, great stuff!
again Many Thanks!
hello guys,
just registert to tell you that it woked for me also!
had the same trojan and erros then the guys above me - but the trojan even did not let me access this forums page.
i just found it over google and tried cached websites and then opened it from
another pc
i will add some keywords for others to find this page faster then i did
pagead2.googlesyndication.com virus
strange script in sourcecode
www.beeresult.com (thats the page the affiliate links should be loaded in my sourcecode)
thanks for your support !!!
best regards
Priest
just registert to tell you that it woked for me also!
had the same trojan and erros then the guys above me - but the trojan even did not let me access this forums page.
i just found it over google and tried cached websites and then opened it from
another pc
i will add some keywords for others to find this page faster then i did
pagead2.googlesyndication.com virus
strange script in sourcecode
www.beeresult.com (thats the page the affiliate links should be loaded in my sourcecode)
thanks for your support !!!
best regards
Priest
Had to register also to say that Dr. Web Cureit worked for me too. Although Antvirus XP 2008 didn't actually load onto the computer, whatever it was that made my computer want to download it was really screwing things up. Had the same symptoms as above (bad browser / search engine results, the "analitic-checks.google.com" stuff, it even killed my printer). Something else this virus/malware did was that it did not let me download programs, especially new browsers (netscape or firefox). The link would be gone from the website. Real crazy stuff.
Ran the Cureit program and after about 2 hours (that's how long it took to run), I rebooted and everything was good to go. In fact, as soon as the desktop loaded, the printer turned on and printed out the couple of documents that were stuck in the spool.
I want to thank you guys for pointing us in the right direction.
Take care.
Ran the Cureit program and after about 2 hours (that's how long it took to run), I rebooted and everything was good to go. In fact, as soon as the desktop loaded, the printer turned on and printed out the couple of documents that were stuck in the spool.
I want to thank you guys for pointing us in the right direction.
Take care.
Thanks folks--worked for me too. I didn't even have to do the manual update. FWIW, I did have to use another computer to get to this forum...the infection wouldn't let me access this URL.
QUOTE(dcogan @ Aug 24 2008, 12:53 AM)
Hello
I had this problem and cured it with MalwareBytes' Anti-Malware.
-Doug
Thanks Doug. I had the exact problem as the OP and Anti-Malware took care of it!
Hey everyone.
Earlier I said I was rid of the virus. Well, I went ahead and ran Malwarebytes because I noticed a redirect when I did a search on my Disk Defragmenter not working. One of the links I clicked on took me to an ad site. In a panic, I ran Malwarebytes and it identified 40-something different adware hits and 4 trojans. Don't know how I picked these up but I'm suspecting I had it all along.
Malwarebytes took care of it and NOW I seem to be trouble-free......for now.
Might want to try the two-prong approach, if you haven't already.
Hope mine was an isolated case.
Earlier I said I was rid of the virus. Well, I went ahead and ran Malwarebytes because I noticed a redirect when I did a search on my Disk Defragmenter not working. One of the links I clicked on took me to an ad site. In a panic, I ran Malwarebytes and it identified 40-something different adware hits and 4 trojans. Don't know how I picked these up but I'm suspecting I had it all along.
Malwarebytes took care of it and NOW I seem to be trouble-free......for now.
Might want to try the two-prong approach, if you haven't already.
Hope mine was an isolated case.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.