RunningMan
Inactive
Did I say nasty? Whoa...
I have removed other minor redirect viruses, but this one was much worse. Never saw it before and it was bear to get rid of. Whenever I did a Google or Yahoo search it would redirect and "back" did not work at all.
I used Hitmanpro and found some trojans. Grr... but still there. Then used Kaspersky RootKit TDSS removal. Found Pharsic.C (or something). Great, but no help. Then I got Malewarebytes and found Aureleon (various). Still not it. My problem is male ego, as I kept clicking to see if it worked on a search engine and kept downloading more. They didn't.
Safe mode and used Microsoft Removal Tool Full Scan (overnight not connected). MRG.gen. Then got Microsoft Security Essentials and got rid of it.
STILL NOT GONE. Same trojans came back! Could not even search for a good geek or tech forum...kept redirecting. Why it mostly went to Norton products I don't know.
Finally went straight to www.techspot.com. Tried everything in their rundown to a product called RogueKiller. No charge, easy to run. Did the full scan and found a trojan called "ZERO ACCESS" which actually loaded from my DRO partition everytime I started up, which loaded other trojans. I did not say that it actually turned off my firewall, I believe by loading a fake firewall to override it.
So I went through the products one after the other while in network disconnect.
RogueKiller
CC Cleaner (used to clear locked cookies)
MalwareBytes
Kaspersky TDSS Killer
Microsoft Security Essentials
HitmanPro 3.6 (the onluy one I actually had to purchase) - had to hook in to get to the cloud
Cleared the various trojans one by one. Took hours with required reboots.
Gone. Finally. Or at least until the daughter uses the computer again....
What I don't understand is why each product surfaced a different virus.
AMEND TO ADD DETAILS:
1. I had to go to a previous restore point to limit number of trojans. The ZERO ACCESS virus still loaded from the DRO partition onto the restored registry.
2. After I got rid of all (see above), the firewall still would not work, so I had to go to Microsoft and find Windows XP Service Pack 3 (SP3) and found the tech version and downloaded, hoping that it would not destroy my machine. I didn't. It did replace old files and replace missing/broken ones without interference to the many upgrades since the first SP3 download.
3. Then I could use Microsoft fixit to repair the firewall.
Long way back and I don't want to have to do that often.
I have removed other minor redirect viruses, but this one was much worse. Never saw it before and it was bear to get rid of. Whenever I did a Google or Yahoo search it would redirect and "back" did not work at all.
I used Hitmanpro and found some trojans. Grr... but still there. Then used Kaspersky RootKit TDSS removal. Found Pharsic.C (or something). Great, but no help. Then I got Malewarebytes and found Aureleon (various). Still not it. My problem is male ego, as I kept clicking to see if it worked on a search engine and kept downloading more. They didn't.
Safe mode and used Microsoft Removal Tool Full Scan (overnight not connected). MRG.gen. Then got Microsoft Security Essentials and got rid of it.
STILL NOT GONE. Same trojans came back! Could not even search for a good geek or tech forum...kept redirecting. Why it mostly went to Norton products I don't know.
Finally went straight to www.techspot.com. Tried everything in their rundown to a product called RogueKiller. No charge, easy to run. Did the full scan and found a trojan called "ZERO ACCESS" which actually loaded from my DRO partition everytime I started up, which loaded other trojans. I did not say that it actually turned off my firewall, I believe by loading a fake firewall to override it.
So I went through the products one after the other while in network disconnect.
RogueKiller
CC Cleaner (used to clear locked cookies)
MalwareBytes
Kaspersky TDSS Killer
Microsoft Security Essentials
HitmanPro 3.6 (the onluy one I actually had to purchase) - had to hook in to get to the cloud
Cleared the various trojans one by one. Took hours with required reboots.
Gone. Finally. Or at least until the daughter uses the computer again....
What I don't understand is why each product surfaced a different virus.
AMEND TO ADD DETAILS:
1. I had to go to a previous restore point to limit number of trojans. The ZERO ACCESS virus still loaded from the DRO partition onto the restored registry.
2. After I got rid of all (see above), the firewall still would not work, so I had to go to Microsoft and find Windows XP Service Pack 3 (SP3) and found the tech version and downloaded, hoping that it would not destroy my machine. I didn't. It did replace old files and replace missing/broken ones without interference to the many upgrades since the first SP3 download.
3. Then I could use Microsoft fixit to repair the firewall.
Long way back and I don't want to have to do that often.
Last edited: