How do I get rid of this Virus? Part 2

March 8, 2011 at 14:14:30
Specs: Windows XP

This is what I get when I try to use a search field from my browser or web page.

Any ideas on how to get rid of it?

I have run Avast, Superantispyware, RUbotted, Malewarebytes' Anti-Maleware, and Regserve.
None of them have spotted this virus. They all say my system is clean.

See More: How do I get rid of this Virus? Part 2

March 8, 2011 at 14:21:27
Virus issues should have been posted on the Security and Virus forum here. Perhaps a moderator will move the thread.

Where and when are you seeing this message?

Report •

March 8, 2011 at 14:34:37
Did you look at the hosts file? You'll have to enable "show hidden files & folders" & disable "hide protected operating system files". Once you've done that, go to C:\windows\system32\drivers\etc & open the hosts file with notepad. Here's how it should look:

# Copyright (c) 1993-1999 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# # source server
# # x client host localhost

Report •

March 8, 2011 at 14:38:36
BTW, all spyware & virus scans should be run from Safe mode. One other thing to check is your LAN setting. Go to Start > Control Panel (classic view) > Internet Options > Connections tab, then click on the LAN settings button. Make sure "Use a proxy server...." is unchecked

Report •

Related Solutions

March 8, 2011 at 15:00:52
Just a tiny clarification/addition to mickliq's excellent replies; the hosts file has no extension, and is identified as Type: File

Report •

March 9, 2011 at 14:50:00
"BTW, all spyware & virus scans should be run from Safe mode. "

Generally true, but not always. Some cleaners, MalwareBytes' Antimalware especially, require being run in regular Windows mode so it can detect the malware in action.

Report •

Ask Question