Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    Joined
    Mar 2002
    Location
    Sarasota, FL
    Age
    53
    Posts
    2,496

    Win7 computer with searching.com virus ?

    Well, I'm back and this time it's my son's Win7 computer (old brother's computer not in sig) with what seems to be the search.com virus. Just keeps coming up in google chrome instead of google page. Turns on a bunch of other spam stuff (ninja..., opti...., can't remember rest...). Do I try the same stuff in this old thread:
    http://forums.pcper.com/showthread.p...idox-b-rootkit

    ...or just follow this one:
    http://malwaretips.com/blogs/remove-...ing-com-virus/

    Actually, they seem to be similar threads, but whatever...

    Also, MS Security Essentials can't update as it times out before DLing stuff; Malwarebytes and SuperAntispyware are fine and still work, but don't get rid of the virus. I've been able to clean my son's computer fine up until now. Any quick shortcuts to get rid of this besides replacing the computer would be appreciated also. Thank you.

    SkaarjMaster

  2. #2
    sttubs is offline Always learning something
    Joined
    Feb 2004
    Location
    Rock Falls, IL
    Age
    52
    Posts
    988

    Re: Win7 computer with searching.com virus ?

    I have had good luck using Avast free. It has a boot time scan option that runs the antivirus before the system actually boots so the virus hasn't loaded to mask itself. I also run Malwarebytes.
    AMD 8350 w/Xigmatek Dark Knight Night Hawk Ed - Asus M5A99FX PRO R2.0 w/4x4gb GSkill Ripjaws 1600 CL7 - Samsung 850 Evo 500gb - WD Black 5Tb - Gigabyte 980 Ti Xtreme Gaming OC Ed - Win 10 Pro 64bit - Lite-On iHES108 - White Corsair 500r w/Corsair AX860i 860W - ASUS VG248QE 144Hz

    Heat: http://www.heatware.com/eval.php?id=55337
    Ebay: http://myworld.ebay.com/sttubs/

  3. #3
    Joined
    Mar 2002
    Location
    Sarasota, FL
    Age
    53
    Posts
    2,496

    Re: Win7 computer with searching.com virus ?

    tried all that stuff I did on that other computer from the old thread and it may have worked, but not sure yet.

    Ever heard of PEV.exe in the windows subdirectory? Not sure whether I should delete this or not. It was only discovered by HitManPro as a suspicious trace detected. I'm guessing I should just go ahead and delete it in safe mode.

    During this whole process, search protect kept coming back (esp. if turning on google chrome) and a few .tmp files were deleted that were bad. I had one other question though, why did TDSSKiller detect a suspicious object, medium risk as physical drive:\device\harddisk0\DR0 ? I'll let you know if this worked when we dare turn on the computer again...lol....have time to mess with it that is. Thank you.
    Last edited by SkaarjMaster; 06-01-2015 at 05:41 PM. Reason: adding more details
    Skaarj-laptop:Asus G750JW-NH71,Win8.1,Corei7-4700HQ,12GB DDR3 RAM,Nvidia GTX 765M 2GB,Realtek HD,TSST CDDVDW SN-208DN,WDC 750GB HD...
    SkaarjMasterDuo:WinXPSP3, Core2Duo E8600(Gigabyte GA-EP45-UD3P),Noctua NH-C12P,4GB Corsair XMS2 TWIN2X4096-8500C5 RAM,Nvidia EVGA GTX-750Ti 1GB,SB Audigy2 6.1,Klipsch 5.1 sats,Dayton sub,Pioneer VSX-819H-K rec,,Enermax 850W PSU,Lian-Li PC-71B full tower,Pioneer DVR-216D,BenQ DW1655,Asus E818A3T,2-1TB WD HDs.....
    Dragonslayer (at Mom's house now): WinXPSP3, P4 3.2GHz(Asus P4P800-Deluxe),Thermalright SLK-947U,3GB Corsair XMS PC3200 RAM,ATI Radeon 9800Pro 256MB,VGA Silencer,SB Audigy2 5.1,Seasonic 500W PSU,Silverstone FT01-B mid tower,LG DVD burner,Asus E616P3..
    Dragon1: (off for now, will not boot) Win98SE, AthlonXP 1900+(Soyo SY-K7V Dragon+),Thermalright AX-7, 512MB Crucial 2.5 DDR PC2100 SDRAM MSI GeF4Ti4400,SB AudigyGamer,Enermax 431W PSU...

  4. #4
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    59
    Posts
    7,289

    Re: Win7 computer with searching.com virus ?

    Pev.exe is part of combofix. I have since added mbar.exe, a rootkit detector by Malwarebytes to my procedure. Combofix then adwcleaner and then mbar, all in safe mode with networking. Also, you might check whether search protect is listed in programs and features.

    However, first, if you're clicking a shortcut that starts Chrome, you should look at the command line in the shortcut to see if anything's been appended to the end of the line.

  5. #5
    Joined
    Mar 2002
    Location
    Sarasota, FL
    Age
    53
    Posts
    2,496

    Re: Win7 computer with searching.com virus ?

    I did MBAR also. I did safe mode without networking; should I go back and do it with networking? Also, having trouble running error-checking on the HD....maybe that was just in safe mode though.

  6. #6
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    59
    Posts
    7,289

    Re: Win7 computer with searching.com virus ?

    The difference would be not having the Internet for updating the various software.

    Did you check the command line for the Chrome shortcut?

  7. #7
    Joined
    Mar 2002
    Location
    Sarasota, FL
    Age
    53
    Posts
    2,496

    Re: Win7 computer with searching.com virus ?

    Software was updated as much as needed beforehand, so probably a non-issue; I'll just make sure and use "...with networking" next time. All the links to google have nothing extra at end of command line and his computer has been running smoothly all day. Thank you again!

  8. #8
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    59
    Posts
    7,289

    Re: Win7 computer with searching.com virus ?


  9. #9
    Joined
    Mar 2002
    Location
    Sarasota, FL
    Age
    53
    Posts
    2,496

    Re: Win7 computer with searching.com virus ?

    Back again, this time he has the safesurf.net issue in Chrome. Now if we hit home in Chrome, then we can continue but it is still a problem. Tried everything from before and still there. There is something called SpyHunter (not to be confused with old video game) that detected some stuff and even safesurf, but then they said I had to pay for it for removal. Anything else that might work to get rid of safesurf.net? Thank you.
    Skaarj-laptop:Asus G750JW-NH71,Win8.1,Corei7-4700HQ,12GB DDR3 RAM,Nvidia GTX 765M 2GB,Realtek HD,TSST CDDVDW SN-208DN,WDC 750GB HD...
    SkaarjMasterDuo:WinXPSP3, Core2Duo E8600(Gigabyte GA-EP45-UD3P),Noctua NH-C12P,4GB Corsair XMS2 TWIN2X4096-8500C5 RAM,Nvidia EVGA GTX-750Ti 1GB,SB Audigy2 6.1,Klipsch 5.1 sats,Dayton sub,Pioneer VSX-819H-K rec,,Enermax 850W PSU,Lian-Li PC-71B full tower,Pioneer DVR-216D,BenQ DW1655,Asus E818A3T,2-1TB WD HDs.....
    Dragonslayer (at Mom's house now): WinXPSP3, P4 3.2GHz(Asus P4P800-Deluxe),Thermalright SLK-947U,3GB Corsair XMS PC3200 RAM,ATI Radeon 9800Pro 256MB,VGA Silencer,SB Audigy2 5.1,Seasonic 500W PSU,Silverstone FT01-B mid tower,LG DVD burner,Asus E616P3..
    Dragon1: (off for now, will not boot) Win98SE, AthlonXP 1900+(Soyo SY-K7V Dragon+),Thermalright AX-7, 512MB Crucial 2.5 DDR PC2100 SDRAM MSI GeF4Ti4400,SB AudigyGamer,Enermax 431W PSU...

  10. #10
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    59
    Posts
    7,289

    Re: Win7 computer with searching.com virus ?

    Try HitmanPro. Do it in Safe Mode w/ Networking.

  11. #11
    Joined
    Mar 2002
    Location
    Sarasota, FL
    Age
    53
    Posts
    2,496

    Re: Win7 computer with searching.com virus ?

    Did that earlier (0 threats found) in safe mode, also regedit search and c: drive search brought up nothing. Also, did the Avast browser search thing and nothing. Tried resetting Chrome also. Here are the things I've tried so far:
    RKill
    MBAM
    SASW
    MBAR
    AdwCleaner
    MS Essentials
    ShortCutCleaner
    HitManPro
    AvastBrowser search
    Regedit search
    C: drive search
    JRT

    All this was done in SafeMode w/networking. Not that bad of a thing, but it would be nice to get rid of it. Thank you.
    Last edited by SkaarjMaster; 08-15-2016 at 04:02 PM.
    Skaarj-laptop:Asus G750JW-NH71,Win8.1,Corei7-4700HQ,12GB DDR3 RAM,Nvidia GTX 765M 2GB,Realtek HD,TSST CDDVDW SN-208DN,WDC 750GB HD...
    SkaarjMasterDuo:WinXPSP3, Core2Duo E8600(Gigabyte GA-EP45-UD3P),Noctua NH-C12P,4GB Corsair XMS2 TWIN2X4096-8500C5 RAM,Nvidia EVGA GTX-750Ti 1GB,SB Audigy2 6.1,Klipsch 5.1 sats,Dayton sub,Pioneer VSX-819H-K rec,,Enermax 850W PSU,Lian-Li PC-71B full tower,Pioneer DVR-216D,BenQ DW1655,Asus E818A3T,2-1TB WD HDs.....
    Dragonslayer (at Mom's house now): WinXPSP3, P4 3.2GHz(Asus P4P800-Deluxe),Thermalright SLK-947U,3GB Corsair XMS PC3200 RAM,ATI Radeon 9800Pro 256MB,VGA Silencer,SB Audigy2 5.1,Seasonic 500W PSU,Silverstone FT01-B mid tower,LG DVD burner,Asus E616P3..
    Dragon1: (off for now, will not boot) Win98SE, AthlonXP 1900+(Soyo SY-K7V Dragon+),Thermalright AX-7, 512MB Crucial 2.5 DDR PC2100 SDRAM MSI GeF4Ti4400,SB AudigyGamer,Enermax 431W PSU...

  12. #12
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    59
    Posts
    7,289

    Re: Win7 computer with searching.com virus ?

    If you're starting Chrome from a shortcut (most likely are), inspect the command line in properties to see if this has been appended to the end of the command line. Very common issue.

  13. #13
    Joined
    Mar 2002
    Location
    Sarasota, FL
    Age
    53
    Posts
    2,496

    Re: Win7 computer with searching.com virus ?

    Yep, checked that too.
    Skaarj-laptop:Asus G750JW-NH71,Win8.1,Corei7-4700HQ,12GB DDR3 RAM,Nvidia GTX 765M 2GB,Realtek HD,TSST CDDVDW SN-208DN,WDC 750GB HD...
    SkaarjMasterDuo:WinXPSP3, Core2Duo E8600(Gigabyte GA-EP45-UD3P),Noctua NH-C12P,4GB Corsair XMS2 TWIN2X4096-8500C5 RAM,Nvidia EVGA GTX-750Ti 1GB,SB Audigy2 6.1,Klipsch 5.1 sats,Dayton sub,Pioneer VSX-819H-K rec,,Enermax 850W PSU,Lian-Li PC-71B full tower,Pioneer DVR-216D,BenQ DW1655,Asus E818A3T,2-1TB WD HDs.....
    Dragonslayer (at Mom's house now): WinXPSP3, P4 3.2GHz(Asus P4P800-Deluxe),Thermalright SLK-947U,3GB Corsair XMS PC3200 RAM,ATI Radeon 9800Pro 256MB,VGA Silencer,SB Audigy2 5.1,Seasonic 500W PSU,Silverstone FT01-B mid tower,LG DVD burner,Asus E616P3..
    Dragon1: (off for now, will not boot) Win98SE, AthlonXP 1900+(Soyo SY-K7V Dragon+),Thermalright AX-7, 512MB Crucial 2.5 DDR PC2100 SDRAM MSI GeF4Ti4400,SB AudigyGamer,Enermax 431W PSU...

  14. #14
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    59
    Posts
    7,289

    Re: Win7 computer with searching.com virus ?

    I'm drawing a blank on the name of the next one, will have to look for it tomorrow when I get to work.

  15. #15
    Joined
    Mar 2002
    Location
    Sarasota, FL
    Age
    53
    Posts
    2,496

    Re: Win7 computer with searching.com virus ?

    He turned on his computer for first time since earlier this week and at first AdwCleaner came up saying it removed something, google chrome and no strange page, it went directly to home page. Got back in 5 min later and strange web page came up, DOH, we thought it fixed itself, no such luck. Anyway, I tried everything from before except TDSSKiller and Tweaknow Reg Cleaner. I guess I'll try those in combo with other stuff and see what happens. Also, saw something called Zemana AntiMalware, should I try that too? Thank you.
    Skaarj-laptop:Asus G750JW-NH71,Win8.1,Corei7-4700HQ,12GB DDR3 RAM,Nvidia GTX 765M 2GB,Realtek HD,TSST CDDVDW SN-208DN,WDC 750GB HD...
    SkaarjMasterDuo:WinXPSP3, Core2Duo E8600(Gigabyte GA-EP45-UD3P),Noctua NH-C12P,4GB Corsair XMS2 TWIN2X4096-8500C5 RAM,Nvidia EVGA GTX-750Ti 1GB,SB Audigy2 6.1,Klipsch 5.1 sats,Dayton sub,Pioneer VSX-819H-K rec,,Enermax 850W PSU,Lian-Li PC-71B full tower,Pioneer DVR-216D,BenQ DW1655,Asus E818A3T,2-1TB WD HDs.....
    Dragonslayer (at Mom's house now): WinXPSP3, P4 3.2GHz(Asus P4P800-Deluxe),Thermalright SLK-947U,3GB Corsair XMS PC3200 RAM,ATI Radeon 9800Pro 256MB,VGA Silencer,SB Audigy2 5.1,Seasonic 500W PSU,Silverstone FT01-B mid tower,LG DVD burner,Asus E616P3..
    Dragon1: (off for now, will not boot) Win98SE, AthlonXP 1900+(Soyo SY-K7V Dragon+),Thermalright AX-7, 512MB Crucial 2.5 DDR PC2100 SDRAM MSI GeF4Ti4400,SB AudigyGamer,Enermax 431W PSU...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •