Ok so basically i came home one day to find this antivirus 2009 thing on my computer, i removed it by using stopzilla which i purchased, i also deleted it’s files in the program files and stuff.
The virus stopped me from being able to directly access internet sites from google, i had to manually enter the url into my toolbar, but once i removed the virus, i didn’t have to. But now (a day later) it came back, i removed it again, only this time i have the problem regarding websites from google and i have to manually enter the urls again. any help? i have already done a full scan of my computer and removed all viruses.
it also seems that i cannot access the kapersky website or the avg website.
i've scanned it with the virus scanners below (the ones i could access) and i am still having trouble… it seems a site called go.google is redirecting me everytime i do something from google. i can't update any of my anti-viruses as they have all been blocked off.
Related posts:
6 responses so far ↓
1 Michael // Oct 29, 2008
Please follow these instructions and I will help you within 5 minutes. 100% guaranteed! http://home.comcast.net/~mr.frogman/
2 blake k // Oct 29, 2008
YOU HAVE ANTIVIRUS 2009 or a variant of it; it is a rogue Anti-Spyware/Virus
& Here is how to remove it
Try Malware Bytes First much faster to use and update
Malwarebytes Anti Malware http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html FREE EDITION (one of the free AV to Remove Antivirus 2009)
Kaspersky AV 2009 http://usa.kaspersky.com/trials/home-users/anti-virus/ 30 day trial
Watched YouTube video of it removing antivirus 2009 I guarantee it to work (if Malware Bytes Fails)
Also, consider turning off System Restore to evict any copies of bad stuff that might be lurking there.
May not be required (Depending on severity & if severe DO NOT) & Once removed do so!
If Fails to remove do it in safe mode here’s how
1. Log out and reboot your machine.
2. When the machine starts the reboot sequence, press the F8 key repeatedly.
3. Select Safe Mode or Safe Mode with Networking from the resulting menu.
4. When the login screen comes up, log in as Administrator. By default, Administrator has no password.
5. The machine will continue booting, but the Windows desktop will look different.
6. When you’re finished doing what you need to do, log out and reboot back into normal mode.
When finished removing malware schedule a CHECK DISK by going to My Computer Local C Properties Tools and Check Disk Restart Computer let it scan and done!
If you are getting internet pop-up’s try resetting IE7 by going to Settings Options Advanced and click RESET(Sometimes when malware is removed some parts stay behind that still has configured IE7 differently this undo’s everything!
Malware Bytes is from download.com is respected and #1 in downloads and all software is tested for malware daily!
3 Steve B // Oct 29, 2008
Look in Add/Remove Programs in Control Panel. There is usually a remnant there. Also download AVGfree (google it) and scan again after installing and updating.
As a last resort, Google antivirus 2009; there are a lot of resolutions there.
4 steve f // Oct 29, 2008
Either of the following 2 will do the trick for you but give the first one listed a go first…..
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol;pop&cdlPid=10896905
http://www.superantispyware.com
Just make once you’ve downloaded to click for updates before you do a “complete” scan.
5 tempo1 // Oct 29, 2008
Sorry dude, but you have NOT "removed all viruses" in this Smitfraud infection that you are fighting. You likely still have a trojan on your machine that is connecting to the internet and downloading fresh copies of the malware.
Most "all-in-one", general purpose malware solutions such as Stopzilla are not very effective against Smitfraud.
I would try a specialized Smitfraud only removal tool such as SmitfraudFix (free):
http://siri.geekstogo.com/SmitfraudFix.php
Just follow the instructions to the letter.
_______________________________________
Your "New" problem of not being able to access anti-malware vendors websites is another common symptom of Smitfraud. The b@$^@rd$ that code this crap are cleaver…they don't want you getting help at any website so they block them.
They generally do this in one of two ways.
1. Modifiying your Hosts file, OR…
2. Changing your default DNS server (usually issued by your ISP), to their own rogue DNS server located in China or one of the Eastern Europe countries.
As a work-around, to at least allow you to get some help on the Web…
First check your HOSTS file located at:
Vista & XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC
Win 98/ME = C:\WINDOWS
Be sure and check-mark "Show Hidden Files and Folders" and uncheck-mark "Hide Protected Operating System Files" in your Folder Options first.
Open HOSTS with notepad. A 'standard" MS HOSTS file will look like this:
# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
127.0.0.1 localhost
____________________________________________
There should be no entries or IP addresses on the lines below "127.0.0.1 localhost". If there are other entries, with an address other than 127.0.0.1 delete them, close notepad, and answer 'Yes" if prompted.
You should no longer get blocked unless they have switched your DNS server…again as a work-around, try using the DNS server at OpenDNS. It's free and the procedure is here:
http://www.opendns.com/
Best of luck.
6 Koos N // Oct 29, 2008
http://www.2-spyware.com/remove-antivirus-2009.html
http://www.download.com/RogueRemover/3000-8022_4-10634508.html
http://rogueremover.nl.malavida.com/d4236-gratis-downloaden-windows
I use this one. works fine in the background
Leave a Comment