Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infiltration alert


  • Please log in to reply
4 replies to this topic

#1 jambowolf

jambowolf

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 24 February 2011 - 06:38 AM

Can anyone help? Turned on laptop today and have all these pop ups saying I have been infected and do I want to upgrade to a virusware and the only internet page that it displays is rodyshop.com. How do I repair infected files etc if I cannot open anything. I even go into safe mode with networking and I cant open internet there either. Can anyone help?

BC AdBot (Login to Remove)

 


#2 Fennippee

Fennippee

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:45 AM

Posted 25 February 2011 - 09:44 PM

Your computer is infected with a hijacker. The website that you are being redirected to, rodyshop.com, is a malicious site that supports Antimalware Go, which is fake antivirus software. So, it is very important that you do not pay for the software that the alerts recommend. Your system is not being infiltrated, and there are almost certainly no threats present aside from the rodyshop.com hijacker. Don't panic.

If you can't get online, even in Safe Mode, then you must have made your post while using a different, uninfected computer, right? Please remember that I am not one of this forum's 'experts,' but since no one has stepped in and I know about this malware, there is something that you should try. (Incidentally, why on earth has no one responded before me?)

If you have access to some other computer that can get online, use it to download two programs, both of which are free: MalwareBytes Anti-Malware, and Spybot Search & Destroy. Put them on a usb drive/dongle, and then load them onto the infected computer (while in Safe Mode). Run both programs and then take the actions that they recommend. Be patient, because running both MBAM and S&D can take several hours. You should be able to do a full scan and remove any threats found while in Safe Mode.

Finally, this is important -- run scans on the usb drive when you're done, BEFORE you use it again with any other computer, to be sure that there aren't any viruses stowing away on the drive. It's unlikely, but it's possible.

There is no absolute guarantee that these two programs will find and remove your hijacker, but there is a good chance that they will. If they can't, well, then hopefully one of the forum experts will have gotten back to you by then.

#3 jambowolf

jambowolf
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 26 February 2011 - 04:20 AM

Thanks for getting back to me on my problem. What I have done is went into safe mode and reset my laptop to an earlier date and all seems to be working again. Is this ok to do or should I still downlowad malware & spybot etc? As I say all seems to be in working order again but unsure if I still have viruses lurking in the background. Jambowolf

#4 Fennippee

Fennippee

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:45 AM

Posted 28 February 2011 - 03:06 PM

If you restored your computer using a restore point set before the hijacker infected the system, then it sounds like you should be okay. Usually, that kind of malware does not want to go unnoticed, so it would most likely be popping up and interfering if it were still there -- but occasionally, these things are programmed to monitor your behavior, and sit dormant until they think you are most likely to buy into the hijacker's scam or are most vulnerable. In other words, it sounds like the computer is clean, but without scanning it, there are no guarantees.

I strongly recommend downloading and using the software anyway. If you don't already use antivirus and antispyware software on your computer, you should. MBAM and S&D are free and effective. Make sure you keep them updated, so that they can catch the newest threats. Malware infections are the kind of thing where an ounce of prevention is worth a pound of cure, and if your computer was infected with a hijacker, whatever preventative measures you have in place are not enough. Since you're using Windows, you should also take into consideration the security tools that are built into the OS and are already at your disposal. For general Windows virus prevention advice, check out this article from Microsoft Safety & Security: http://www.microsoft.com/security/pc-security/protect-pc.aspx

Best of luck!

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:45 PM

Posted 28 February 2011 - 03:33 PM

Hello even if you have stopped that one you should runa scan for review. As asked above what is your Antivirus?

Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users