Virus infection [modified]
-
My brother-in-law just called me. He's got a "problem" with IE. Starting today every time he opens IE the following things happen: Windows Firewall turns off, IE looks different than it did (slightly different icons, etc), any web page he goes to (even www.google.com) throws a popup message saying the site is blocked and redirects him to an antivirus download page and asks him to pay $80 for the download. It sounds to me like he's either got a virus or his IE has been replaced by something else. We were finally able to get Firefox downloaded and installed and Firefox works fine. Now I've got him downloading AVG and he's gonna run it on the system. He's got some other antivirus stuff installed (from Verizon) and it doesn't find anything (no real surprise there). Ultimately he wants to use IE instead of Firefox. Has anybody ever heard of this kind of virus? Got any suggestions on how to remove it and repair IE? UPDATE: It appears to have stemmed from a chain letter downloaded from MySpace. He's been warned of the dangers of MySpace before (by me). Now it's bit him in the rear. UPDATE 2: He's got AVG doing a full system scan. No word on if anything has been found. It's late and I'm not staying up to find out. 'Night all.
Don't blame me. I voted for Chuck Norris.
modified on Tuesday, March 3, 2009 11:02 PM
-
My brother-in-law just called me. He's got a "problem" with IE. Starting today every time he opens IE the following things happen: Windows Firewall turns off, IE looks different than it did (slightly different icons, etc), any web page he goes to (even www.google.com) throws a popup message saying the site is blocked and redirects him to an antivirus download page and asks him to pay $80 for the download. It sounds to me like he's either got a virus or his IE has been replaced by something else. We were finally able to get Firefox downloaded and installed and Firefox works fine. Now I've got him downloading AVG and he's gonna run it on the system. He's got some other antivirus stuff installed (from Verizon) and it doesn't find anything (no real surprise there). Ultimately he wants to use IE instead of Firefox. Has anybody ever heard of this kind of virus? Got any suggestions on how to remove it and repair IE? UPDATE: It appears to have stemmed from a chain letter downloaded from MySpace. He's been warned of the dangers of MySpace before (by me). Now it's bit him in the rear. UPDATE 2: He's got AVG doing a full system scan. No word on if anything has been found. It's late and I'm not staying up to find out. 'Night all.
Don't blame me. I voted for Chuck Norris.
modified on Tuesday, March 3, 2009 11:02 PM
This sort of "virus" is caused by clicking on popups that offer to scan your computer for free. They're written by people who sell dodgy AV products that are likely more malware of some sort. While AV products might not detect them as true viruses, spyware/adware removal tools might. Try a couple of the free ones and see what happens. Even easier might be to try using Restore and recover the last recovery point; that should restore function without having to reinstall the damaged software.
"A Journey of a Thousand Rest Stops Begins with a Single Movement"
-
My brother-in-law just called me. He's got a "problem" with IE. Starting today every time he opens IE the following things happen: Windows Firewall turns off, IE looks different than it did (slightly different icons, etc), any web page he goes to (even www.google.com) throws a popup message saying the site is blocked and redirects him to an antivirus download page and asks him to pay $80 for the download. It sounds to me like he's either got a virus or his IE has been replaced by something else. We were finally able to get Firefox downloaded and installed and Firefox works fine. Now I've got him downloading AVG and he's gonna run it on the system. He's got some other antivirus stuff installed (from Verizon) and it doesn't find anything (no real surprise there). Ultimately he wants to use IE instead of Firefox. Has anybody ever heard of this kind of virus? Got any suggestions on how to remove it and repair IE? UPDATE: It appears to have stemmed from a chain letter downloaded from MySpace. He's been warned of the dangers of MySpace before (by me). Now it's bit him in the rear. UPDATE 2: He's got AVG doing a full system scan. No word on if anything has been found. It's late and I'm not staying up to find out. 'Night all.
Don't blame me. I voted for Chuck Norris.
modified on Tuesday, March 3, 2009 11:02 PM
FyreWyrm wrote:
Has anybody ever heard of this kind of virus?
A virus that makes you want IE over FF ? I think that's called insanity.
Christian Graus Driven to the arms of OSX by Vista.
-
This sort of "virus" is caused by clicking on popups that offer to scan your computer for free. They're written by people who sell dodgy AV products that are likely more malware of some sort. While AV products might not detect them as true viruses, spyware/adware removal tools might. Try a couple of the free ones and see what happens. Even easier might be to try using Restore and recover the last recovery point; that should restore function without having to reinstall the damaged software.
"A Journey of a Thousand Rest Stops Begins with a Single Movement"
None of his current spyware stuff detected it either. He figured it out though. His mother in law goes to MySpace quite a bit. She downloaded a message from MySpace that contained the virus. Some of her friends have called her reporting the exact same thing and it all traces back to that message. If AVG doesn't find it, then I don't know how he'll fix it short of reinstalling the OS.
Don't blame me. I voted for Chuck Norris.
-
My brother-in-law just called me. He's got a "problem" with IE. Starting today every time he opens IE the following things happen: Windows Firewall turns off, IE looks different than it did (slightly different icons, etc), any web page he goes to (even www.google.com) throws a popup message saying the site is blocked and redirects him to an antivirus download page and asks him to pay $80 for the download. It sounds to me like he's either got a virus or his IE has been replaced by something else. We were finally able to get Firefox downloaded and installed and Firefox works fine. Now I've got him downloading AVG and he's gonna run it on the system. He's got some other antivirus stuff installed (from Verizon) and it doesn't find anything (no real surprise there). Ultimately he wants to use IE instead of Firefox. Has anybody ever heard of this kind of virus? Got any suggestions on how to remove it and repair IE? UPDATE: It appears to have stemmed from a chain letter downloaded from MySpace. He's been warned of the dangers of MySpace before (by me). Now it's bit him in the rear. UPDATE 2: He's got AVG doing a full system scan. No word on if anything has been found. It's late and I'm not staying up to find out. 'Night all.
Don't blame me. I voted for Chuck Norris.
modified on Tuesday, March 3, 2009 11:02 PM
Sounds like a browser hijack... Try booting to safe mode, and running things like "spybot search and destroy". Brute Force Uninstaller also works well for some specific threats. Hijackthis is a good tool, but not for novices...
Knowledge is knowing that the tomato is a fruit. Wisdom is not putting it in fruit salad!! Booger Mobile - Camp Quality esCarpade 2010
-
FyreWyrm wrote:
Has anybody ever heard of this kind of virus?
A virus that makes you want IE over FF ? I think that's called insanity.
Christian Graus Driven to the arms of OSX by Vista.
:) Yeah, I can't really explain why he prefers IE other than he's not the only one that uses the computer and the two other users really get quite upset (Hulk-like upset) if anything changes on the computer. It's very scary.
Don't blame me. I voted for Chuck Norris.
-
Sounds like a browser hijack... Try booting to safe mode, and running things like "spybot search and destroy". Brute Force Uninstaller also works well for some specific threats. Hijackthis is a good tool, but not for novices...
Knowledge is knowing that the tomato is a fruit. Wisdom is not putting it in fruit salad!! Booger Mobile - Camp Quality esCarpade 2010
-
I almost suggested Hijackthis, but it's too advanced for him. He's figured out that whatever it is came from a message on MySpace that his mother in law downloaded.
Don't blame me. I voted for Chuck Norris.
FyreWyrm wrote:
I voted for Chuck Norris.
But Chuck Norris never runs. :confused:
-
None of his current spyware stuff detected it either. He figured it out though. His mother in law goes to MySpace quite a bit. She downloaded a message from MySpace that contained the virus. Some of her friends have called her reporting the exact same thing and it all traces back to that message. If AVG doesn't find it, then I don't know how he'll fix it short of reinstalling the OS.
Don't blame me. I voted for Chuck Norris.
I'd really consider using Restore, then, if there's a restore point available that won't cost him anything recent that's important. I've used it a couple of times and it works like a charm. Much nicer than reinstalling everything! :-D
"A Journey of a Thousand Rest Stops Begins with a Single Movement"
-
FyreWyrm wrote:
Has anybody ever heard of this kind of virus?
A virus that makes you want IE over FF ? I think that's called insanity.
Christian Graus Driven to the arms of OSX by Vista.
Syphilis can do that, I've heard.
"A Journey of a Thousand Rest Stops Begins with a Single Movement"
-
:) Yeah, I can't really explain why he prefers IE other than he's not the only one that uses the computer and the two other users really get quite upset (Hulk-like upset) if anything changes on the computer. It's very scary.
Don't blame me. I voted for Chuck Norris.
FyreWyrm wrote:
if anything changes on the computer
Not unusual though, the wife is the same, if I change office I get 6 months of irritated, exasperated sighs until she gets used to it again - we use 2003 for that reason.
Never underestimate the power of human stupidity RAH
-
FyreWyrm wrote:
I voted for Chuck Norris.
But Chuck Norris never runs. :confused:
-
My brother-in-law just called me. He's got a "problem" with IE. Starting today every time he opens IE the following things happen: Windows Firewall turns off, IE looks different than it did (slightly different icons, etc), any web page he goes to (even www.google.com) throws a popup message saying the site is blocked and redirects him to an antivirus download page and asks him to pay $80 for the download. It sounds to me like he's either got a virus or his IE has been replaced by something else. We were finally able to get Firefox downloaded and installed and Firefox works fine. Now I've got him downloading AVG and he's gonna run it on the system. He's got some other antivirus stuff installed (from Verizon) and it doesn't find anything (no real surprise there). Ultimately he wants to use IE instead of Firefox. Has anybody ever heard of this kind of virus? Got any suggestions on how to remove it and repair IE? UPDATE: It appears to have stemmed from a chain letter downloaded from MySpace. He's been warned of the dangers of MySpace before (by me). Now it's bit him in the rear. UPDATE 2: He's got AVG doing a full system scan. No word on if anything has been found. It's late and I'm not staying up to find out. 'Night all.
Don't blame me. I voted for Chuck Norris.
modified on Tuesday, March 3, 2009 11:02 PM
this is caused by the a variation of the smitFraud hijack [^] use the program found here[^] to get rid of it. Read the directions - some antivirus programs might flag one of the programs as infected, but they are clean. over the past few years, I've had to get rid of this type of hijack on several of the company computers. The worst one was one that not only redirected you to the "buy our software" site, but also played rap clips and audio ads X| after you have run this, you should also run "ad-aware" [^] and "spybot search & destroy" [^] to remove anything else that may have been downloaded after the initial infection.
Steve _________________ I C(++) therefore I am
-
this is caused by the a variation of the smitFraud hijack [^] use the program found here[^] to get rid of it. Read the directions - some antivirus programs might flag one of the programs as infected, but they are clean. over the past few years, I've had to get rid of this type of hijack on several of the company computers. The worst one was one that not only redirected you to the "buy our software" site, but also played rap clips and audio ads X| after you have run this, you should also run "ad-aware" [^] and "spybot search & destroy" [^] to remove anything else that may have been downloaded after the initial infection.
Steve _________________ I C(++) therefore I am
-
My brother-in-law just called me. He's got a "problem" with IE. Starting today every time he opens IE the following things happen: Windows Firewall turns off, IE looks different than it did (slightly different icons, etc), any web page he goes to (even www.google.com) throws a popup message saying the site is blocked and redirects him to an antivirus download page and asks him to pay $80 for the download. It sounds to me like he's either got a virus or his IE has been replaced by something else. We were finally able to get Firefox downloaded and installed and Firefox works fine. Now I've got him downloading AVG and he's gonna run it on the system. He's got some other antivirus stuff installed (from Verizon) and it doesn't find anything (no real surprise there). Ultimately he wants to use IE instead of Firefox. Has anybody ever heard of this kind of virus? Got any suggestions on how to remove it and repair IE? UPDATE: It appears to have stemmed from a chain letter downloaded from MySpace. He's been warned of the dangers of MySpace before (by me). Now it's bit him in the rear. UPDATE 2: He's got AVG doing a full system scan. No word on if anything has been found. It's late and I'm not staying up to find out. 'Night all.
Don't blame me. I voted for Chuck Norris.
modified on Tuesday, March 3, 2009 11:02 PM
-
this is caused by the a variation of the smitFraud hijack [^] use the program found here[^] to get rid of it. Read the directions - some antivirus programs might flag one of the programs as infected, but they are clean. over the past few years, I've had to get rid of this type of hijack on several of the company computers. The worst one was one that not only redirected you to the "buy our software" site, but also played rap clips and audio ads X| after you have run this, you should also run "ad-aware" [^] and "spybot search & destroy" [^] to remove anything else that may have been downloaded after the initial infection.
Steve _________________ I C(++) therefore I am
Yeah, I have smitFraudFix in my toolkit of anti-spyware stuff... It's very good.
Knowledge is knowing that the tomato is a fruit. Wisdom is not putting it in fruit salad!! Booger Mobile - Camp Quality esCarpade 2010
-
My brother-in-law just called me. He's got a "problem" with IE. Starting today every time he opens IE the following things happen: Windows Firewall turns off, IE looks different than it did (slightly different icons, etc), any web page he goes to (even www.google.com) throws a popup message saying the site is blocked and redirects him to an antivirus download page and asks him to pay $80 for the download. It sounds to me like he's either got a virus or his IE has been replaced by something else. We were finally able to get Firefox downloaded and installed and Firefox works fine. Now I've got him downloading AVG and he's gonna run it on the system. He's got some other antivirus stuff installed (from Verizon) and it doesn't find anything (no real surprise there). Ultimately he wants to use IE instead of Firefox. Has anybody ever heard of this kind of virus? Got any suggestions on how to remove it and repair IE? UPDATE: It appears to have stemmed from a chain letter downloaded from MySpace. He's been warned of the dangers of MySpace before (by me). Now it's bit him in the rear. UPDATE 2: He's got AVG doing a full system scan. No word on if anything has been found. It's late and I'm not staying up to find out. 'Night all.
Don't blame me. I voted for Chuck Norris.
modified on Tuesday, March 3, 2009 11:02 PM
AVG is good, I would also recommend SpywareBlaster and Spybot - they have caught most things on my machines and have been reliable at cleaning them up anything that did get through.
Continuous effort - not strength or intelligence - is the key to unlocking our potential.(Winston Churchill)
-
FyreWyrm wrote:
if anything changes on the computer
Not unusual though, the wife is the same, if I change office I get 6 months of irritated, exasperated sighs until she gets used to it again - we use 2003 for that reason.
Never underestimate the power of human stupidity RAH
Mycroft Holmes wrote:
we use 2003 for that reason.
My dad still uses office 97 for that reason :laugh:
Simon
-
I'd really consider using Restore, then, if there's a restore point available that won't cost him anything recent that's important. I've used it a couple of times and it works like a charm. Much nicer than reinstalling everything! :-D
"A Journey of a Thousand Rest Stops Begins with a Single Movement"
Hmm, every time I've tried system restore it's either had no effect whatsoever or it's crashed part way through! I just take backups and deal with things in a more manual way.
-
My brother-in-law just called me. He's got a "problem" with IE. Starting today every time he opens IE the following things happen: Windows Firewall turns off, IE looks different than it did (slightly different icons, etc), any web page he goes to (even www.google.com) throws a popup message saying the site is blocked and redirects him to an antivirus download page and asks him to pay $80 for the download. It sounds to me like he's either got a virus or his IE has been replaced by something else. We were finally able to get Firefox downloaded and installed and Firefox works fine. Now I've got him downloading AVG and he's gonna run it on the system. He's got some other antivirus stuff installed (from Verizon) and it doesn't find anything (no real surprise there). Ultimately he wants to use IE instead of Firefox. Has anybody ever heard of this kind of virus? Got any suggestions on how to remove it and repair IE? UPDATE: It appears to have stemmed from a chain letter downloaded from MySpace. He's been warned of the dangers of MySpace before (by me). Now it's bit him in the rear. UPDATE 2: He's got AVG doing a full system scan. No word on if anything has been found. It's late and I'm not staying up to find out. 'Night all.
Don't blame me. I voted for Chuck Norris.
modified on Tuesday, March 3, 2009 11:02 PM
FyreWyrm wrote:
ltimately he wants to use IE instead of Firefox
Thats something you wouldn't hear everyday.:confused: