Sunday, February 3, 2013

Know How: Remove Search.fbdownloader Virus (Search.fbdownloader.com) and Its Toolbar

Search.fbdownloader.com is not a page that offers a useful and genuine search engine, instead a tracing engine. Here’s the screenshot of it:


It is quite clean but lame of its design, yet sufficient enough not to raise suspicions. However it is pretty intent on tracing your information by replacing your homepage and opening a new tab on its own whenever you click open a link.


How Dangerous to be with Search.fbdownloader.com?



Most users didn’t know how dangerous a browser hijacker can be as fbdownloader.com didn’t show up that frequently and did not stir up the surfing experience basically at the very beginning. Some thought that they could manage the issue once they uninstall and reinstall the browser if they cannot stand that problem any longer. To your surprise, fbdownloader.com cannot be that easily removed as imagined, and Tee Support agents 24/7 online warn that the situation can even be worse than what it looks like.
Once Search.fbdownloader.com gets inside the system, it falsifies registry values and compromises security defense, thus fbdownloader tunnel stays open, serving like a backdoor to transmit information it has stolen to its maker. Of course a tunnel can be a handy tool for additional malware that aims to propagate. In that case, the longer you have it, the more viruses you’ll get, the more files and the like will be filled. Here’s the worst scenario you may get:


  1. Your main browser window may load various unknown sites with advertisements;
  2. PC performance is getting slower due to bunches of files, processes and registries that are dropped;
  3. Browser crashes occur;
  4. Tasks freeze up sometimes;
  5. Auto connects to the internet is made;
  6. Certain websites are blocked, especially those provides security utility downloads;
  7. No access to related search results;
  8. Task Manager (Taskmgr.exe) won't launch because another program is using the file;
  9. Security-related softwares seem to work improperly;
  10. Regedit Registry Editor and CMD are disabled;
  11. Desktop shortcuts/icons may be gone, files and folders keep reappearing.

Timely Removal Is In Need!



Search.fbdownloader.com contains tracing cookies that are instated to trace down information. The longer you live with it, the more information you may blab out or type in on the target computer, the more likely your information will be reported to the hacker behind it.

Noteworthily, a hacker manages to take over the privilege if time allows. Up to that point, you may encounter error messages and inability to access some programs due to administration issue. Follow the steps to quickly get out of the browser swap. Right before that, take a look at the video below for reference to prevent any missing implementation by yourself, as getting into the kernel part to kill related  files and registries may be dangerous and result in none-access to Windows again should there be any slight mistake. If you are not a computer savvy and do not want to take that risk, you are welcome to start a live chat here for real-time help.


 

Steps Show How to Remove Search.fbdownloader Virus (Search.fbdownloader.com)

1. Disable any suspicious startup items.
For Windows XP:

step: Click Start menu -> click Run -> type: msconfig in the search bar -> open System Configuration Utility -> Disable all possible startup items.



2. Remove add-ons:

Internet Explorer:
1) Go to Tools -> ‘Manage Add-ons’;
2) Choose ‘Search Providers’ -> choose ‘Bing’ search engine or ‘Google’ search engine and make it default;
3) Select ‘Search Results’ and click ‘Remove’ to remove it;
4) Go to ‘Tools’ -> ‘Internet Options’; select ‘General tab’ and click website, e.g. Google.com. Click OK to save changes.

Google Chrome
1) Click on ‘Customize and control’ Google Chrome icon, select ‘Settings’;
2) Choose ‘Basic Options’;
3) Change Google Chrome’s homepage to google.com or any other and click the ‘Manage Search Engines…’ button;
4) Select ‘Google’ from the list and make it your default search engine;
5) Select ‘Search Result’ from the list to remove it by clicking the ‘X’ mark.    

Mozilla Firefox
1) Click on the magnifier’s icon and select ‘Manage Search Engine…’;
2) Choose ‘Search Results’ from the list and click ‘Remove’ and OK to save changes;
3) Go to ‘Tools’ -> “Options”. Reset the startup homepage or change it to google.com under ‘General tab;  


3. Disable proxy

  1. Click on Tools on the menu bar
  2. select Internet options
  3. go to Connections tab
  4. select LAN settings at the bottom of the dialog
  5. under the Proxy sever, untick 'use a proxy server for your LAN (These settings will not apply to dial-up or VPN connections).'
  6. Click OK 

4. Show hidden files  
step: a) open Control Panel from Start menu and search for Folder Options;

 

b) under View tab to tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK;

 




c) click on the “Start” menu and then click on the “Search programs and files” box, Search for and delete these file:

C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

5. Open Windows Task Manager and close all running processes.
step: Use CTRL+ALT+DEL combination to open Task Manager  

Please stop all the following processes.
random.exe

6. Delete all related files and registry values in your local hard disk C.
step: Hold down the Windows key on your keyboard and press the "R" button. Type in "regedit" and hit "Enter" to gain access to the Registry Editor.


                         

Registry:

HKLM\SOFTWARE\Search.fbdownloader
HKLM\SOFTWARE\Media Access Startup
HKLM\SOFTWARE
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{numbers}
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{numbers}

No comments:

Post a Comment