• I want to thank all the members that have upgraded your accounts. I truly appreciate your support of the site monetarily. Supporting the site keeps this site up and running as a lot of work daily goes on behind the scenes. Click to Support Signs101 ...

Virus Help- Google Results are redirected

OldPaint

OldPaint

New Member
OldPaint said:
if you can open TASK MANAGER, you can fix it. but THIS NOT FOR THE NOVICE COMPUTER OPERATOR.
you need to get TASK MANAGER OPEN......then go to processes.........in there you will find a ******.EXE file of something that is not loaded by windows or you to the computer. CAUTION:REMOVING other files then the malware.........WILL SCREW UP YOUR COMPUTER....so it best to get a pro to do it...............
Click to expand...
REREAD............THIS NOT FOR THE NOVICE COMPUTER OPERATOR
so it best to get a pro to do it!!!!!!!!!!!!!!
i cleaned mine, np.
 
B

buttons

New Member
OldPaint said:
REREAD............THIS NOT FOR THE NOVICE COMPUTER OPERATOR
so it best to get a pro to do it!!!!!!!!!!!!!!
i cleaned mine, np.
Click to expand...

You need to reread what I typed.

You could go into Task Manager and close EVERY SINGLE process and this won't harm your computer at all. You'd just need to reboot it and everything would be back to normal.:doh:
 
signage

signage

New Member
buttons said:
You need to reread what I typed.

You could go into Task Manager and close EVERY SINGLE process and this won't harm your computer at all. You'd just need to reboot it and everything would be back to normal.:doh:
Click to expand...

OldPaint will tell then that Geedumb (GW) caused it to happen on the reboot:ROFLMAO::ROFLMAO::ROFLMAO:
 
CropMarks

CropMarks

New Member
The only thing I've found that works really well on an infected system is spyware doctor with anti-virus (paid version). It's a great program for removal... but it can make a clean system slow to a crawl. I had a really good scareware virus and that was the only thing I could get to load on the computer in safe mode.... run.... and get rid of the junk.

Now I just keep it turned off... until I suspect something is going on. It was well worth the money I paid.
 
Techman

Techman

New Member
searched it out and found that a total re-install was the only fix.
Click to expand...

Whoever told you this is dead wrong,,,
Personally, I have never used a reformat /install for a software problem. This one included.

Paid for removers are usually the one that infected you in the first place. NEver purchase a paid for remover.

Always consult a local genuine geek if it becomes a problem you cannot handle. Do not listen to uninformed posts on a BB including this one.

I see at least three posts above that are total and complete bullscatology.

The latest re-directors infect the entire machine. You cannot operate control panel. You cannot run anti virus. You cannot run combofix. You cannot access cleaner scanner sites. You cannot operate task manager... The whole goal is to get you to a site to buy their fixer for about $30 bux.

The problem is the problem will come back every time unless you remove the core problem code. So let me post one hint on how to decide when to clean it yourself or listen to some misinformed post on a board verses getting a real geek to help you.

If you do not know what a host file is.. Then you are beyond your ability to fix this problem.

I have an idea.. Make a specific designation in the signature that assures us who has the competence and ability to make certain suggestions concerning computer technical work..
 
choucove

choucove

New Member
Techman said:
If you do not know what a host file is.. Then you are beyond your ability to fix this problem.
Click to expand...

Techman, by your above statements I'm assuming then that you are linking this particular problem to fraudulent entries in the HOST file, at least in part, correct? Yes, it's generally part of a bigger viral/malware attack such as the Smitfraud/Virtumonde variant I described above in the situations that I have seen. In the cases I've seen, the fake AV software also disables all user's ability to perform the execute permission on just about anything. This means that opening the task manager, running a program file, even retrieving an update for your true virus or malware software will fail. Additionally, about half of the time I've noticed that the fake AV virus also enables proxy server options within Internet Explorer making it impossible to open webpages and anything trying to access the internet will not be able to. This is a relatively easy issue to fix compared to the rest, but must be taken care of AFTER the true core of the virus is dealt with or it will just keep being enabled.

As for the browser redirects: Again, I've only seen it on two computers and both had been previously infected with this sort of fake AV virus. I've not personally myself, however, cleaned those two computers and in the ones that I have personally cleaned I've not seen a browser redirect come up from it. Part of this may be that I tend to check within the HOST file anymore to see if there are false entries which I will delete out, and then run the Immunizer function within the Spybot S & D utility for some added safety.

What are your ideas? I'm really curious to learn more from your personal experience with this as well.
 
Techman

Techman

New Member
my ideas?

all of this type of attack started long ago long before smitfraud.

The first maggot ware that hijacked the browsing was LOP.com back in the win 98 days. .. What a piece of work.

It takes a proper cleaner and a competant It tech to remove all traces of this trash. Why? The latest maggot ware infects .exe files, host file, registry and is found with a load of junk in the system 32 folders. Will cause great pain if cleaned wrong.

One day some obscure infected .exe file will be opened and the user will be reinfected.
 
You must log in or register to reply here.
Top