Solution: How to stop utarget.ru virus.

Status
Not open for further replies.
Aug 17, 2018
7
0
10
I was actually very worried when this virus started redirecting me to it's page so I started to look for guides to fix it, but, it just straight up closed the browser if you entered 90% of the guides sites.

It turns out. the solution isn't as hectic one might think (at least, it wasn't for me). As I was scrolling down the task manager trying to find any unrecognizable software or app, I came across one named "jwpen.exe.", this app used to open multiple svchost applications (the name didn't come up, it was just blank with the setting sign beside it) and latch the virus on it, the moment I deleted the app, all the services of svchost closed down and the redirecting etc. stopped.

Updated solution: Well, deleting "jwpen.exe" didn't stop it, although, it did somehow shut down the blank "svchost" I think it was like a split-up virus and jwpen was just a dummy. When I restarted my PC after the Full Scan, the blank processes were still there, using up to about 50% of my CPU. Anyhow, I found a fix. [First step: Boot into safe mode.] Open task manager and if you see two blank processes, go to it's file location and if it directs you to svchost.exe in the SysWOW64 folder then delete it (you will have to set the ownership and permission to you, the administrator) because the real svchost.exe belongs in the System32 folder, this is the virus masking itself. Delete rundll32.exe and it's .mui file from there too.

*Note: First, I can't guarantee the same thing will work for you. Second, just in case, do a full scan of your PC with whatever software you have after deleting this app (if it was really the one causing it). *New* Third, nothing will happen to your PC if you delete the masked svchost, it is made to make you think it's the real thing. *New* Fourth, download HitmanPro Alert for perfect start-up diagnosis.
 
Solution
You should perform a full scan with your anti-virus and anti-malware apps, via Safe Mode, to ensure you got all vestiges of the infestation. I recommend Malwarebytes for this.

https://www.malwarebytes.com/mwb-download/

COLGeek

Cybernaut
Moderator
You should perform a full scan with your anti-virus and anti-malware apps, via Safe Mode, to ensure you got all vestiges of the infestation. I recommend Malwarebytes for this.

https://www.malwarebytes.com/mwb-download/
 
Solution
Status
Not open for further replies.