0

Folks,

Today, the Google home page was taken over by a fake Flash update. Although the cursor was in the search field and a search string could be typed and searched for, this malware seemed to have converted the entire page into a button for itself. Clicking anywhere on the page, including the search field, opened a new tab with a larger version of the fake Flash message.

Odd bits of advertising began appearing on the search results page and elsewhere, all seemingly related to this fake Flash update alert.

At one point, I was saddled with a Keybar (or some such) toolbar for IE, which I removed without any improvement in the problem.

I also downloaded July's Malicious Software Removal Tool from Microsoft updates, but that, too, had no effect.

Can anyone tell me how to identify this nuisance among the programs visible in the controll panel and remove it that way? Any other way?

The only solutions I've found involve the installation of malware removal software, which itself seems a little sketchy to me.

Thanks,
Lee Hassig

2
Contributors
1
Reply
16
Views
4 Years
Discussion Span
Last Post by gerbil
0

Hello, Lee.
This will involve more than hoping to find fake programs to delete in your control panel applet. To clear this infection you will have to download a couple of removal tools, but I will only give you safe, verified ones to use. Just so we can see what is going on, would you please....
==Download OTL from http://oldtimer.geekstogo.com/OTL.exe to your Desktop.

  • Double click on the icon to start the application.
  • Press Scan All Users, Minimal Output, Standard Registry ALL, check both LOP and Purity boxes; if your s is a 64-bit system then check that box; leave other sections as they are.
  • Under the Custom Scan box paste this in:

netsvcs
%SYSTEMDRIVE%*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
CREATERESTOREPOINT

  • Press Run Scan.
    The scan will take maybe 5 minutes; 2 notepads will present [saved to the place from where you ran OTL.exe] - please post both.

Edited by gerbil

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.