messed up browser?!

[mobius101]

Hi, my browser is (Firefox 11) searching only locally I can't get anything else plus the browser is in my local language which is quite annoying so ...how can I change that?
I know its a virus but my KIS Pure is not of much help, to think of how much I've paid for it!
I have formatted W7 but the problem is getting worse.Please help!

 

[wanchoo]

Your message is not very clear. From what little I understand you think you are infected with a virus. Have you run an A-V for virus check? Which A-V is installed on your computer?

If Firefox is not working properly install either Chrome or Opera and see if they work properly.

It seems you have clean reinstalled W 7 after reformatting but you are still facing problems. Please confirm.

All in all please be more explicit and fill up your complete system specs as best as you can.

 

[elstupido]

KIS pure is an A/V, if im not mistaken. I believe sandboxie would have saved him. Sandboxie is your friend

 

[mobius101]

Actually I was trying to write as short message I could, which proved wrong...I'll correct that.I have fresh installed W7 ultimate which is by now updated and KIS PURE 2.0 antivirus and firefox 11.
A month ago a friend visited me and showed me a picture of his fish tank on a local fish tank forum immediately My browser converted on my local language instead of my normal English setting that I usually use.Practically its a non English version of Firefox. I've formatted W7 and I didn't have any problems until couple of days ago when my system crashed (BSOD) and Firefox started to act up again in the same manner.
I did all the scans possible but my Anitivir. program finds nothing(!) and the strange thing is that I've tried to set my network to HOME GROUP yet it stays PUBLIC and when I succeed in that then, I'm in some sort of JOINED home group and My network is named NETWORK 2.
Could it be that someone, somehow, has hacked in to my computer or something?
I did malwarebytes scan and this is what it found:

 

[wanchoo]

Try a good Rootkit Removing Software also. You may choose one from the list at 5 Best Free Rootkit Removers || Free Software.

Also please uninstall FireFox and adopt either Chrome or Opera as suggested earlier.

 

[mobius101]

Are they compatible with KIS PURE 2.0?
BTW my Spyboot finished scanning and this is what it found:




Note that the OpaServ I found in previous installations and Spyboot can't erase it.How should I proceed?

 

[wanchoo]

Normally free Rootkit Removal Tools are compatible with the Anti-Virus in use. However if you want to be over-sure then before running the Rootkit Removal Software disconnect your computer from the Net and then turn off KIS PURE for the duration that the Rootkit Removal Tool is running.

Normally running of the Rootkit Removal Tool is not required on a continuous or daily basis.

 

[mobius101]

I will but in the mean time can you tell me how to remove OpaServ thingy?

 

[wanchoo]

You can download the OpaServ Removal Tool from W32.Opaserv.Worm Removal Tool | Symantec to remove it.

Hope that you succeed.

 

[mobius101]

Thanks for your fast answers You are most kind.I will do all this and soon inform you here.

 

[mobius101]

Sorry to bother you again but Symantec didn't even detect it also other rootkit didn't detect anything should I try with another format?

 

[Borg 386]

Try using Windows Defender Offline to see what it comes up with. This is a bootable AV disk. Burn it, insert it & restart the PC, let it scan.

What is Windows Defender Offline?

Another option:

Norton Power Eraser

Norton Power Eraser | Free Tool |Easily remove scamware that traditional virus scanning can

Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully. If you accidently remove a legitimate program, you can run Norton Power Eraser to review past repair sessions and undo them.

 

[wanchoo]

Please try what Borg 386 has suggested. If Opaserv Removal Tool did not even detect it then it is perhaps not there. Which Rootkit Removal Software out of the five did you run?

If you are going to reinstall W 7 then do it after deleting and recreating the concerned partitions (System Reserved and C). I only hope that your computer is not infected with a BIOS or a hardware virus because the virus seems to be coming back after a clean install.

 

[mobius101]

I've used so far KIS Pure 2.0 and all those litle product they have clrav, digita cure virutkiller...all of them

Stinger, Nortons NPE, FixOpsrv basically all you suggested and the only programs that found anything are malwarebytes and Spyboot S&D which screenshots are here.All is erased except OpSvr which is detected only by Spyboot.
Now please tell me more about those BIOS and Hardware viruses?
How do I check for those?

 

[Borg 386]

Run Windows Offline Defender, this is a scanner that will run at boot up and may reveal some hidden items.

One rootkit scanner that wasn't listed in the list was Kasperskys TDSSKiller.

Anti-rootkit utility TDSSKiller

Before doing a clean install, you might want to consider using something like DBan to wipe the entire drive, as some viruses are known to survive a re-install.

About DBAN | Darik's Boot And Nuke

If it comes back after that, consider this possibility:

Are you introducing files back to the system that haven't been scanned? If you backed up your personal files while your PC was infected, there's a good chance you may have transferred the virus to the backup medium, hence the reason it keeps showing up once you re-introduce the files to the clean system. Also, your FD may be infected which loads the virus when you plug it into your PC.

VirusTotal will scan files up to 32MB with several AV's. Consider scanning some of your saved files there:

https://www.virustotal.com/

 

[wanchoo]

Catching BIOS and Hardware Viruses is very rare but not impossible. If you want I can show you a few sites to learn about them but you can find all about them yourself by googling.

Here are two sites for BIOS and Hardware Viruses to begin with:

BIOS - https://www.google.co.in/#hl=en&out....,cf.osb&fp=ac9673ed47436efb&biw=1024&bih=672

Hardware - https://www.google.co.in/#hl=en&gs_....,cf.osb&fp=ac9673ed47436efb&biw=1024&bih=672

 

[mobius101]

I will do all those scan but in the mean time how can I make my browser work normally again?
If I Google a name, for example, a footballer I get only local (my country's) news sites, which are really not much informative, or it redirects me to some local servers...
Can I do that with Firefox is there options that can change that?

 

[wanchoo]

You mean that you are unable to access the sites you want even with IE/Chrome/Opera.

 

[mobius101]

All same with chrome so I suspect same would happened with opera and yesterday my keyboard stooped working.

 

[Borg 386]

It sounds like you have a browser re-direct, see this thread, Post #5, and follow the directions

http://www.sevenforums.com/system-s...d-dns-cache-poisoning-attack.html#post1656931

Have you ran Windows Offline Defender yet?