Posted on 12/09/2010 12:00:17 PM PST by ncfool
Has anybody had a recent problem with Browser hijacking on their computer. Since Saturday when I got infected with a program called Think Point which makes itself look like Microsoft Defender my computer has had all kinds of problems. No matter which Malware program you try and clean it with it still shows back up. We have tried all the major fixes. I am not sure how I got it but it can't be cleaned. There are many sites talking about it.
Now every time I try and do a search using Google, Yahoo, Chrome. You can see where its sending you to for instances a site brawsing-check.com and some others. like plxlestatservlce.com . I don't know if my computer has been attacked becuase of my hitting good sites like Freerepublic.com but it seems weird that I can't get rid of this.
Any help is appreciated.
If you have a router reset it and turn it off, clean the computer with malwarebytes, and then turn the router back on. Some viruses redirect back to a site that reinfects the computer by resetting the router itself.
Here’s instruction on how to remove it:
http://remove-malware.net/how-to-remove-thinkpoint-rogue-anti-spyware/
My boy got that one. It’s very convincing and it really does look like a message from Microsoft. I would have clicked on it myself if I hadn’t been too busy to get involved with what looked like a legit update.
There doesn’t seem to be any way to clean it. I had to basically just strip the drive and reinstall everything with my son’s restore disks. It was very upsetting. We tried initially to defeat it by just resetting the computer back a couple of updates ago, but it came back; I’m afraid that an entire system restore is in order.
My question is, why can’t we find the people who do this and field-dress them on Pay-per-view?
My boy got that one. It’s very convincing and it really does look like a message from Microsoft. I would have clicked on it myself if I hadn’t been too busy to get involved with what looked like a legit update.
There doesn’t seem to be any way to clean it. I had to basically just strip the drive and reinstall everything with my son’s restore disks. It was very upsetting. We tried initially to defeat it by just resetting the computer back a couple of updates ago, but it came back; I’m afraid that an entire system restore is in order.
My question is, why can’t we find the people who do this and field-dress them on Pay-per-view?
We also blew out IE8 and reinstalled it. my IT guy has spent about 5 hours trying to find it.
I'd recommend an OS reinstall to really be sure you are cleaned up.
malwarebytes and then www.avast.com
this one is partuclarly nasty
Google “Hitman Pro” and try it. It seems to find things that Malwarebytes can’t.
Bummer. Try to boot the PC into safe mode and then run your anti-virus and/or malware removal software from there. “Anti-malwarebytes” and “Spybot Search and Destroy” are two good free removal programs - if your PC is preventing you from downloading and installing them - go to another PC, download those and install to a jump drive, and then use that jump drive to run the programs on the infected computer. Hope this helps some...
I don’t know this specific virus but the gist of them are the same. I suspect that they are “rootkit” viruses that essentially “approve” their existence and become invisible to the major virus scanning programs once they are installed.
The most malicious of them will actually kill your virus scanning software (unable to launch it) and lock down folder options (such as not permitted you to see hidden files) but you can boot with a new user profile (or as admin) and circumvent the viral infected files.
There are people who think they have solutions to clean they viruses off computers. The exact files to edit and delete vary by virus.
Ultimately, I’d say that the safest thing to do is a fresh OS install on a new drive and then transfer data files to the new computer (but even then you have to be careful not to import the virus to your new drive in the files you grab).
You can completely wipe your harddrive and reinstall, but if the virus has reset your router to redirect to a site that infects your computer you will get reinfected. I wiped a computer 2x before I figured it out. You have a router?
http://www.technibble.com/rkill-repair-tool-of-the-week/
run that, then use anti-malware stuff should get it.
How can you check to see an update is legitimate?
Never had Think Point. Have had SystemTool2011, however. A suggestion. Enter SafeMode with Internet & download SuperAntiSpyware free version. Run SuperAntiSpyware in SafeMode. Good luck.
Generally, it’s a real chore to get rid of one of these rootkits. It takes me anywhere from 2 hours to 4 days of hard work. No one antispyware / antimalware / antivirus will do the trick, generally it takes a combination of several of these, repeatedly run.
Sounds like a bug I picked up following news stories one day and that search lead to a “militia” website here in TX. After a few moments on that site I realized there was nothing there that I was interested in and started to move away.
Something shut down my computer and when it restarted I had a nasty bug that my virus program thought was a Trojan but could not remove. It disabled and each time I removed the offending program it would re-install itself when the web was again connected to the computer.
It may have attached itself to the winsock. Never determined that for sure.
Finally I contacted one of the company’s IT guys and described the problem. Told him I had used everything in my tool box and got nowhere. He suggested before I reloaded the system to try “Schmidtt Fraud Fix”. It is a command line tool, very fast but takes a little reading to figure how to execute. That did the trick. Ran the program and never had another occurance.
This is the only time I used that tool, but it is free and certainly did the job.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.