Avatar of Lbello
Lbello
 asked on

100ksearches.com virus

Yesterday I can across a Windows XP with 100kseaches virus. This virus hijacks when you search through Google and redirects the browser to a site not relayed to the search. Has anyone come across this problem and if so is there a solution?  
Windows XPSecurityVulnerabilities

Avatar of undefined
Last Comment
Lbello

8/22/2022 - Mon
John

You need to scan your system for malware. When that is done, open your hosts file (c:\windows\system32\drivers\etc) and see if the redirect is in there. There should be no entries except comments. You need to be a member of administrators to do this. ... Thinkpads_User
ASKER CERTIFIED SOLUTION
serverman2008

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Lbello

ASKER
Here's another problem, it won't allow me to run malwarebytes or any anti-virus software. And will not boot into safe mood.  
John

That is a much bigger issue than maybe we supposed at first. Given your last post, that machine is pretty much toast.

I would say try to restore to a prior period, but it is doubtful that would work.

You probably should back up the data and reinstall the operating system. In the state it is in (no A/V or Safe Mode), it could easily absorb more time in troubleshooting than in re-installing.

... Thinkpads_User
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
serverman2008

Can you try running Rkill:  Here is the download link

http://download.cnet.com/RKill/3000-8022_4-11464676.html

this is known to kill malware/virus processes and then try running other scanners
serverman2008

also you can try downloading on a usb stick from another computer and then run it on the infected pc
Lbello

ASKER
If I create a bootable CD with the latest security essentials virus definattion loaded. will that work?

And which security essentials would you recommend?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
serverman2008

try Running Rkill to see if you can kill the virus process and run malwarebytes or combofix

if that doesnt work:

I would try a more in depth scanner than security essentials

Try making a cd ISO of kaspersky

Its a rescue disk and has worked wonders for me in the past with trojans/malware/viruses

download kaspersky rescue disk 10 here:

http://support.kaspersky.com/faq/?qid=208282173
willcomp

Did you try running TDSSKiller? You have a TDSS rootkit and that is the appropriate tool. If TDSSKiller will not run, try running rkill as recommended above. Use the iExplore version of rkill.
Lbello

ASKER
Sorry for the ignorance, but, how do I run rkill?
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
serverman2008

just download rkill from the link above I posted earlier and click run, it takes care of the rest and runs through a command prompt
Lbello

ASKER
OK to run from CD?
willcomp

Although not the same malware, this removal guide from Bleeping Computer has the instructions you need. Follow the removal instructions through step 17.
http://www.bleepingcomputer.com/virus-removal/remove-system-repair
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Lbello

ASKER
Lastly run Malwarebytes, correct?
willcomp

Yes.
Lbello

ASKER
Thank you. I'll update all tomorrow.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Lbello

ASKER
Well.... I ran Rkil then after-wards I was able to access msconfig and check the services  running at start up. I disable 2 fictitious malware, restarted and I was able to Google search  and access website.

Not sure if this fixed the problem, but I asked the end user to please monitor for any problem.

Through it all I was unable to run Malwarebytes.