So after using a choice piece of freeware last night, my machine has been infected with a ridiculously resilient piece of adware/browser injector called Roll Around. I've run multiple virus scans with Malwarebytes, SpyHunter 4 (shelled out 40 bucks for that one rip) and Windows Defender.
Naturally, I started with uninstalling the suspect piece of software in Programs & Features. An initial MWB scan found a few results, yet after quarantining and restarting, the adware remained. The second MWB scan turned up no suspicious files, so I turned to SpyHunter 4 at the recommendation of an article about this particular virus. That scan found upwards of 140 results, many of which were adware/toolbar kits. I quarantined and restarted, yet the virus stayed. A 4-hour Windows Defender scan found nothing suspicious either.
I figured maybe there were some residual plugins or something in my browser, so I followed these instructions to remove them. However I'm still getting injected banners, pop-ups and "hotword" ads everywhere. I really don't know what else to do. Has anyone else experienced this adware? How did you get rid of it?
So after using a choice piece of freeware last night, my machine has been infected with a ridiculously resilient piece of adware/browser injector called Roll Around. I've run multiple virus scans with Malwarebytes, SpyHunter 4 (shelled out 40 bucks for that one rip) and Windows Defender.
Naturally, I started with uninstalling the suspect piece of software in Programs & Features. An initial MWB scan found a few results, yet after quarantining and restarting, the adware remained. The second MWB scan turned up no suspicious files, so I turned to SpyHunter 4 at the recommendation of an article about this particular virus. That scan found upwards of 140 results, many of which were adware/toolbar kits. I quarantined and restarted, yet the virus stayed. A 4-hour Windows Defender scan found nothing suspicious either.
I figured maybe there were some residual plugins or something in my browser, so I followed [url=http://www.virusresearch.org/remove-roll-around-ads-chrome-firefox-ie/]these instructions[/url] to remove them. However I'm still getting injected banners, pop-ups and "hotword" ads everywhere. I really don't know what else to do. Has anyone else experienced this adware? How did you get rid of it?
Hijackthis
If this can't fix it, probably nothing can.
[url=http://sourceforge.net/projects/hjt/]Hijackthis[/url]
If this can't fix it, probably nothing can.
Check extensions maybe if it's just a browser.
Check extensions maybe if it's just a browser.
Dave_adwcleaner is good too
MasterKuniHijackthis
If this can't fix it, probably nothing can.
will check those out soon, thanks
CHERRYCheck extensions maybe if it's just a browser.
there is nothing out of the ordinary in my extensions list, but I deactivated and removed Hola! which I was already suspicious about
[quote=Dave_]adwcleaner is good too[/quote]
[quote=MasterKuni][url=http://sourceforge.net/projects/hjt/]Hijackthis[/url]
If this can't fix it, probably nothing can.[/quote]
will check those out soon, thanks
[quote=CHERRY]Check extensions maybe if it's just a browser.[/quote]
there is nothing out of the ordinary in my extensions list, but I deactivated and removed Hola! which I was already suspicious about
you could try downloading the exe version of zoek and typing in this:
createsrpoint;
QuickScan;
autoclean;
emptyalltemp;
ipconfig /flushdns;b
check scan all users
run the script
reboot
hope it works
you could try downloading the exe version of [url=http://download.bleepingcomputer.com/smeenk/]zoek[/url] and typing in this:
[quote]createsrpoint;
QuickScan;
autoclean;
emptyalltemp;
ipconfig /flushdns;b[/quote]
check scan all users
run the script
reboot
hope it works
Adwcleaner returned a couple files in AppData/Chrome (or something similar) and a registry error. Deleted these, rebooted, and still no change.
HijackThis gave me the following log. Not sure what to make of it. Kind of afraid I might accidentally remove important things, so I haven't deleted any of the not-obviously-clean files.
Adwcleaner returned a couple files in AppData/Chrome (or something similar) and a registry error. Deleted these, rebooted, and still no change.
HijackThis gave me the [url=http://pastebin.com/VqWJTy5V]following log[/url]. Not sure what to make of it. Kind of afraid I might accidentally remove important things, so I haven't deleted any of the not-obviously-clean files.
VetosHijackThis gave me the following log. Not sure what to make of it. Kind of afraid I might accidentally remove important things, so I haven't deleted any of the not-obviously-clean files.
http://www.hijackthis.de
I put it into that log parser and it didn't come up with anything obvious.
[quote=Vetos]HijackThis gave me the [url=http://pastebin.com/VqWJTy5V]following log[/url]. Not sure what to make of it. Kind of afraid I might accidentally remove important things, so I haven't deleted any of the not-obviously-clean files.[/quote]
http://www.hijackthis.de
I put it into that log parser and it didn't come up with anything obvious.
Welp. I uninstalled Chrome and manually deleted as many folders/files associated with it as I could, then used IE to download the installer again. Both browsers seem clean now. Hopefully Chrome doesn't relapse when I resync my account.
Edit: All seems well so far. I don't even know when the malware actually got removed, but thanks for the help regardless, guys.
Welp. I uninstalled Chrome and manually deleted as many folders/files associated with it as I could, then used IE to download the installer again. Both browsers seem clean now. Hopefully Chrome doesn't relapse when I resync my account.
Edit: All seems well so far. I don't even know when the malware actually got removed, but thanks for the help regardless, guys.
My mom once got adware that installed itself through the desktop shortcut using clever launch parameters.
My mom once got adware that installed itself through the desktop shortcut using clever launch parameters.
nevermind it's fucking back????
i'm about to nuke my hard drive
nevermind it's fucking back????
i'm about to nuke my hard drive
do it only if u hav no choice
do it only if u hav no choice
Adwcleaner is for obvious toolbars and such, won't get rid of an actual virus. I'd suggest combofix: http://www.bleepingcomputer.com/download/combofix/
Make sure you're doing all these scans and removals in safe mode. If it still doesn't get removed, putting a rescue disk on a flash drive and running an anti-virus scan is a garunteed way to get rid of any virus but you shouldn't really need to use that if you're able to use your computer normally.
Adwcleaner is for obvious toolbars and such, won't get rid of an actual virus. I'd suggest combofix: http://www.bleepingcomputer.com/download/combofix/
Make sure you're doing all these scans and removals in safe mode. If it still doesn't get removed, putting a rescue disk on a flash drive and running an anti-virus scan is a garunteed way to get rid of any virus but you shouldn't really need to use that if you're able to use your computer normally.