Wednesday, July 06, 2016

Chasing out Yoursites123


I am constantly at odds with a virus that hijacks my browsers. It goes by the name "Yoursites123".

A few months back I had cleaned it out of Chrome and it worked just fine - until last week. Now the browser keeps hanging, forcing me to re-boot and employ that peculiar Chrome-special shortcut to get back all my tabs.

For a change, I switched back to Explorer and found that the earlier clean-up exercise had no impact on browsers other than Chrome. So when I got down, once again, to the step-by-step process for removing Yoursites123, a bigger problem surfaced - there were other bugs lurking in the dark corners.

Like the soot-balls in a Miyazaki movie, these turned up when I cast the following spell on the command-line:


The appearance of strange IP addresses below "localhost" is supposed to indicate that my PC has been hacked. And these three three fellows certainly look strange and suspicious.

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com

What are these bugs doings in my machine? How do I get rid of them?

So far, all the online help available points you to some fancy sofware, which may again contain other new viruses. How do I figure the difference between online frauds and the do-gooders?

----------------------------------------------------------
LINKS

* Command Line reference - https://technet.microsoft.com/en-us/library/bb490890.aspx
* Removing Sougou - http://easyviruskilling.com/how-can-i-remove-123-sogou-com-virus-123-sogou-com-removal-guide/
* Removing down.baidu2016.com -- http://greatis.com/blog/how-to-remove-malware/remove-down-baidu2016-com.htm
* http://www.fixingvirus.com/remove-www-czzsyzgm-comwww-czzsyzxl-com-threat-and-protect-your-os/

No comments: