Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all,
Vanilla are planning an update to the site on April 24th (next Wednesday). It is a major PHP8 update which is expected to boost performance across the site. The site will be down from 7pm and it is expected to take about an hour to complete. We appreciate your patience during the update.
Thanks all.

Box Roc malware virus

  • 27-01-2015 10:23pm
    #1
    cocaholic
    Registered Users Posts: 144 ✭✭


    My laptop has been infected for the past month with various viruses. While i have got rid of some, ive noticed trojans coming from a folder called program files (*86) and a folder in called box rock ( i obviously didnt install it etc). It wont allow me to delete this folder cos its "open in another program" (i dont have it open anywhere else. I had to delete chrome a few weeks ago cos the browser got hijacked, accidently deleted firefox there trying to delete the other delete file, so im now left with no browser either.

    My internet browers got hijacked by webssearches. An add-on extension that is not verified by Zhang Ling called IETabPage Class, wont allow me to delete or disable the extension.


    1) how can i get rid of this virus once and for all?
    2) how can i get an internet browser back?

    I would be EXTREMELY grateful for any help.


Comments

  • #2
    jsa112
    Registered Users Posts: 840 ✭✭✭jsa112


    can you do the steps in the sticky thread ?


  • #3
    dbit
    Closed Accounts Posts: 1,322 ✭✭✭dbit


    Easiest way would be to remove disk from lappy , ghost it just in case , then plug that disk into another pc with up to date virus tools or scanning and thus scan the drive as secondary device , the advantage to this is that the virus is not live in kernel and its ability to combat AV technology is greatly reduced . Then once files are removed quarantined or cleaned up pop back into lappy. I would recommend such third party apps at that stage as ccleaner, Hijack this , malwarebytes and spybot search and destroy . Some of the "other" third party apps can receive payments from add houses to omit they're platform so a paid for solution usually trumps.


  • #4
    cocaholic
    Registered Users Posts: 144 ✭✭cocaholic


    Someone looked wt it and got rid of the viruses (i hope). However, chrome still has webbsearches hacking site come up as a default browser (ive removed it and clicked on google as default but still comes up). Zhang ling ietab crap is still an extension for the web and doesnt give me the option thedelete/disable it.. What can i do about that?


  • #5
    jsa112
    Registered Users Posts: 840 ✭✭✭jsa112


    run adwcleaner

    http://www.bleepingcomputer.com/download/adwcleaner/


  • #6
    dbit
    Closed Accounts Posts: 1,322 ✭✭✭dbit


    cocaholic wrote: »
    Someone looked wt it and got rid of the viruses (i hope). However, chrome still has webbsearches hacking site come up as a default browser (ive removed it and clicked on google as default but still comes up). Zhang ling ietab crap is still an extension for the web and doesnt give me the option thedelete/disable it.. What can i do about that?

    Sounds like remnant api or key hook is being re-instated in reg at boot look to runonce areas and startup areas in reg . Ccleaner and malware bytes should identify it for you and give you the means to find its files and directory paths .


  • Advertisement
Advertisement