I'll post this again for folks who are unable to run their antivirus/anti-malware software or think the machine is clean only to find more, well, trash and being redirected to who knows where.
There are several forums that are devoted to taking care of these exploits. One of the better ones is bleeping computer, another is techguy.org .
Most of these sites will have you download and run `hijackthis' from Trend Micro: http://us.trendmicro.com/us/search/?q=hijackthis and post the log created for examination. Often, the malware on your machine will prevent you from running this or other antivirus/anti-malware programs. To prevent this, rename the hijackthis program to `chickenscratch' (for example) and download it to your desktop, install/run/save the log to your desktop (might have to do this in Safe Mode).
Here is an example of a hijackthis log (same nasty nameserver that apparently found its way to BYC via Openx?) created by someone with a similar problem:
http://forums.techguy.org/virus-oth...1-search-engine-redirecting-ntdevice-exe.html (observe that the `client' did not follow through with the entire process - not a good idea - take the time to complete the process).
Here is a description of the program Combofix, that is often used for cleanup - with an extensive list of other forums that can be of help in stripping the machine of, ah, `trash':
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Follow directions given to a `T' and, good luck! (after your machine is `washed' create a restore point immediately and backup your system/registry on removable media - microsoft backup or backup and restore - depending on the version of win you're running).
This `flavor' of `trash' is nasty customer that has `wormed' its way into companies as big as Oracle.
There are several forums that are devoted to taking care of these exploits. One of the better ones is bleeping computer, another is techguy.org .
Most of these sites will have you download and run `hijackthis' from Trend Micro: http://us.trendmicro.com/us/search/?q=hijackthis and post the log created for examination. Often, the malware on your machine will prevent you from running this or other antivirus/anti-malware programs. To prevent this, rename the hijackthis program to `chickenscratch' (for example) and download it to your desktop, install/run/save the log to your desktop (might have to do this in Safe Mode).
Here is an example of a hijackthis log (same nasty nameserver that apparently found its way to BYC via Openx?) created by someone with a similar problem:
http://forums.techguy.org/virus-oth...1-search-engine-redirecting-ntdevice-exe.html (observe that the `client' did not follow through with the entire process - not a good idea - take the time to complete the process).
Here is a description of the program Combofix, that is often used for cleanup - with an extensive list of other forums that can be of help in stripping the machine of, ah, `trash':
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Follow directions given to a `T' and, good luck! (after your machine is `washed' create a restore point immediately and backup your system/registry on removable media - microsoft backup or backup and restore - depending on the version of win you're running).
This `flavor' of `trash' is nasty customer that has `wormed' its way into companies as big as Oracle.
Last edited:
