• Some kind of 'webswitch' virus on my computer.
    8 replies, posted
Pardons for having to keep this brief, but on my family's profile on our Windows 8.1 computer, there seems to be some kind of virus. When they boot up IE, the home page is not google anymore, but a 'webswitch.' I've tried all the basic shit to remove it, from Norton's scan (I'm seriously wondering why norton's didn't catch this) to trying to find the program itself on my computer; it's really fucking well hidden. No sign of it anywhere. I've googled help but it's all the same shit, 'DOWNLOAD SPY HUNTER AND PAY FOR THEM TO REMOVE IT.' I'd really not have to waste money to fix this.. I mean I already pay Norton's and apparently they can't fix it either. Also, when I boot up the computer on their account, it looks like some thing is installing for a moment before dispersing.
Malwarebytes scan. [img]http://rp.braxnet.org/scr/2015-05-03_13-40-21.png[/img] Check this path also, for url's.
Alright, will do, I'll report back with the results. [editline]3rd May 2015[/editline] I did the scan, it removed seven objects but did not remove the webswitch or help the situation at all, it seems. Any other ideas? [editline]3rd May 2015[/editline] Holy shit this thing is hidden too fucking well I can't remove it to save my life [editline]3rd May 2015[/editline] HOLY SHIT It seems to have changed it's name to See Hub for a moment before going back to webswitch. The only fucking program that discovered webswitch on my computer was fucking spy hunter, but when I clicked 'remove threats' it promptly asks for money So is that it? I have to pay $30 to fix this shit? The other option so far of course is to toss the computer out the window and get a new one, but it goes without saying fuck that
MBam probably removed it, log into the account and change the homepage to a different website, MBam wont change the homepage in IE.
MBam has been iffy lately for me, it has missed many viruses and related issues. I now use things like ComboFix, SuperAntiSpyware, etcetera.
[QUOTE=FordLord;47653158]ComboFix[/QUOTE] i would never recommend this to anyone, unless their computer is in extremely bad condition already
As quickly as it came, it vanished. Maybe one of the anti-virus programs worked after all. In any case, I'll update this thread if it ever comes back.
You really want to do a full scan - not just leave it alone. Doubt you completely got rid of it. My best advice is to make a thread on Malwarebytes forums - the guys over there are damn wizards. My advice is to download and run the following RogueKiller TDSSKiller Junkware Removal Tool AdwCleaner Rkill then there's combofix, but as mentioned above that's only for serious cases. It can completely wipe everything including your Sys32 - leading to your shit getting nuked. I've used it around four times with no consequences tho. Follow up with some MBAM scans aswell
Rule of thumb for removing shit from customers machines; MBAM MBAR SS&D EEK ADW And as allways the last resort as said by plenty is combofix. Run a few scans and nuke IE via Internet Options in the CP. Check for any stupid short cut hijacks. Eg "iexplore.exe www.somestupid-fakesearch.com" Use AutoRuns from SysInternals and disable anything that is sketchy. Flush the DNS cache, winsock reset..... It goes on for ever. I spend 6 days a week removing crap like this from bussines' machines.
Sorry, you need to Log In to post a reply to this thread.