• Welcome to BGO! We know you will have questions as you become familiar with the software. Please take a moment to read our New BGO User Guide which will give you a great start. If you have questions, post them in the Feedback and Tech Support Forum, or feel free to message any available Staff Member.

Need Quick Assistance On Malware Removal

Nobody

Super Bowl MVP
Joined
Apr 1, 2011
Messages
9,474
Reaction score
0
Points
0
Location
Virginia Beach, VA
Military Branch
Army
My system got hijacked by some crap called Scour.com redirect. As a result, I can not perform any searches, and I cannot visit any sites not on my favorites. The thing that pisses me off, is I got this from a program I used years ago that was once legitimate (obviously not anymore).

I know there is info on this page....

http://deletemalware.blogspot.com/2011/07/how-to-remove-scour-uninstall-guide.html I just can't access what it says, so I don't know what to do to remove it. I also can't do anything to remove it that needs me to be online to do so, because I cannot do anything until it's gone.

If it helps, I am running Firefox on Windows 7. I have gone to program uninstall, and nothing is listed in the last week (this happened today), and it's something that needs to be changed through the registry I am assuming, but I don't know what to look for in regedit.

Ad Aware and Spybot are both not picking this up on a full scan, so they aren't helping at all.

If anyone could copy and paste the info needed from the page I provided, it would be greatly appreciated.
 
Do a google search for "malwarebytes". Find it and download it. Install it and run it. Pretty sure it will solve your problems. It's free too and a good tool to have around.
 
Do a google search for "malwarebytes". Find it and download it. Install it and run it. Pretty sure it will solve your problems. It's free too and a good tool to have around.
I would if I could. What happens if I do a Google search, is it redirects me to an ad site for this malware I'm trying to get rid of. Even if I manually type a site in, the entire URL, it redirects me. I can only access what is on my favorites list.
 
What is this malicious program, that we need to be warned about ?
It's called Invoice Expert. My sister needed to use it to print up some invoices. I had used it for a while and never had a problem, but deleted it 2 years ago when I didn't need it anymore. Today when I went online and installed it, it came with this malware attached. And that was after passing through all of the pre-download filters and scans I had set up. It's the only change that's been made to my registry in over a week.

And out of curiosity, am I the only one here who received a bunch of weird visitor messages that make no sense? Go look at the messages on my public profile and see what I'm talking about.

I swear, it's like I'm in a bad movie, and nobody seems to see or experience any of this crap but me. I'm about ready to just throw my computer away and say screw it.
 
Do you have any kind of back-up for the system? Malware Bytes is a good choice, it saved me one time. Once I had a similar problem and couldn't access anything Had to call an outfit I think was called Computer Geeks, they came right away but of course that cost some $$. That one was so bad they couldn't do anything but re-install Windows. Now I use an external hard drive and back up everything.
Best of luck,
B.
 
If everything else fails, as long as you keep a complete backup of everything on a flash drive, along with your installation CD for your O.S. Then you're guaranteed it won't cost you anything to restore :)
 
good advice from Fear...be aware there's malware and then there's malware you'll never know is there cuz it controls your system (ask the Iranians.... :) ...). there are tools (which are extensible) like ClamAV and Yara that can be used for malware analysis/discovery. some folks I know simply restore the OS once every 6 mos or so.

usual advice
- be aggressive on keeping all versions and patches up to date
- be careful what you click!
- don't enable services you don't need
- don't develop a false sense of security from these various tools
 
Last edited by a moderator:
Just delete the visitor messages. Those are just the result of spammers who are trying a new route to post links since we're all over the other methods they are trying. I've blocked newcomers ability to post visitor messages at all, so it shouldn't happen again.
 
This is just a suggestion but it might save some of you guys. I have a USB key that I keep a number of useful utilities on. A lot of them are stuff I use for work but several are for disaster recovery. I keep things like Malwarebytes, Stinger, Spybot and a few others on there so that I have them handy in case something gets to my machine.

I use it more on customer sites than here at home but it has come in handy here more than once as well.
 
This is just a suggestion but it might save some of you guys. I have a USB key that I keep a number of useful utilities on. A lot of them are stuff I use for work but several are for disaster recovery. I keep things like Malwarebytes, Stinger, Spybot and a few others on there so that I have them handy in case something gets to my machine.

I use it more on customer sites than here at home but it has come in handy here more than once as well.


excellent advice! first thing a forensic investigator has to do is keep pristine (i.e., trusted) binary images. if you want to go the full distance on this...the binaries should be statically compiled as well.
 
This is just a suggestion but it might save some of you guys. I have a USB key that I keep a number of useful utilities on. A lot of them are stuff I use for work but several are for disaster recovery. I keep things like Malwarebytes, Stinger, Spybot and a few others on there so that I have them handy in case something gets to my machine.

I use it more on customer sites than here at home but it has come in handy here more than once as well.
That's great advice Neo. I will definitely be doing that.
 

Users Who Are Viewing This Thread (Total: 1, Members: 0, Guests: 1)

Help Users
As we enjoy today's conversations, let's remember our dear friends 'Docsandy', Sandy Zier-Teitler, and 'Posse Lover', Michael Huffman, who would dearly love to be here with us today! We love and miss you guys ❤

You haven't joined any rooms.

    You haven't joined any rooms.
    Top