Google redirect virus
- Thread starter csu601054
- Start date
- Status
Uninstall your AVG Antivirus
Then run the removal tool
Here is the 32Bit version (most users): http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Here is the 64Bit version: http://www.avg.com/filedir/util/avg_arv_sup_____.dir/avgremoverx64.exe
Run Startup Control Panel and remove any not required startups: (should be most!)
Install Avira free AntiVirus (make sure that you only have one AntiVirus installed though)
Have a look at:
UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
Then run the removal tool
Here is the 32Bit version (most users): http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Here is the 64Bit version: http://www.avg.com/filedir/util/avg_arv_sup_____.dir/avgremoverx64.exe
Run Startup Control Panel and remove any not required startups: (should be most!)
Install Avira free AntiVirus (make sure that you only have one AntiVirus installed though)
Have a look at:
UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
Thanks so much!Thanks for the feedback, but you are not done yet
Re-open HJT and this time just do a Scan.
Locate the following and place a tick next to each one:
Next, go to Control Panel > Programs Add or Remove and uninstall MostFun If found.
Restart, and go to Safe Mode
Safe Mode is accessed by repeatively pressing F8 function key just before Windows Startup. Then select Safe Mode. Log into an Administrator account (this may be your account)
Now, using Windows Explorer, navigate to C:\Program Files\MostFun\ .... and delete this folder.
You might also do a search for this file:
c:\softarea51\MostFun-MostFun.exe <--- if found, delete what I've bolded
Also locate: C:\Program Files\Vongo and delete the bolded folder there as well.
Next locate C:\WINDOWS\system32\msziptools.dll and delete the bolded file stated
Restart normally back to Normal Mode
------------------
Once back in Normal Mode, please do the following:
Download Combofix
Lots of info on its use h e r e
Direct download h e r e
Locate the downloaded Combofix. Double click on it to run, answering any prompts along the way
Note: during Combofix scan (lasting up to 10mins) your Desktop and clock may reset (all normal)
ComboFix will also restart your computer (eventually) and then (eventually) create a log
Save this log file to be attached to a new reply
Restart back to Normal mode, and attach the Combofix log
Also do another scan with HJT (scan and log file) and attach this to a new reply as well
Re-open HJT and this time just do a Scan.
Locate the following and place a tick next to each one:
Select Fix to the above, then close HJT
Next, go to Control Panel > Programs Add or Remove and uninstall MostFun If found.
Restart, and go to Safe Mode
Safe Mode is accessed by repeatively pressing F8 function key just before Windows Startup. Then select Safe Mode. Log into an Administrator account (this may be your account)
Now, using Windows Explorer, navigate to C:\Program Files\MostFun\ .... and delete this folder.
You might also do a search for this file:
c:\softarea51\MostFun-MostFun.exe <--- if found, delete what I've bolded
Also locate: C:\Program Files\Vongo and delete the bolded folder there as well.
Next locate C:\WINDOWS\system32\msziptools.dll and delete the bolded file stated
Restart normally back to Normal Mode
------------------
Once back in Normal Mode, please do the following:
Download Combofix
Lots of info on its use h e r e
Direct download h e r e
Locate the downloaded Combofix. Double click on it to run, answering any prompts along the way
Note: during Combofix scan (lasting up to 10mins) your Desktop and clock may reset (all normal)
ComboFix will also restart your computer (eventually) and then (eventually) create a log
Save this log file to be attached to a new reply
Restart back to Normal mode, and attach the Combofix log
Also do another scan with HJT (scan and log file) and attach this to a new reply as well
- Status
