Many people have experienced the same virus. This website (GoingOnEarth.com) supposedly drops trojens and malware into your PC but with modern anti viruses they'll just remove them. Fortunately, goingonearth.com has been taken down because the owner was Onwa Limited; owned by a computer criminal. I had the same virus but now it is completely removed. Thanks to 1UP for his try, it did not remove the virus completely.
If you ever get this same virus, don't get alarmed. It doesn't do any damage but just annoy you with its redirecting. It affects Google Chrome, Internet Explorer, Mozilla Firefox, and sometimes even Opera. If you search how to remove it, it'll redirect you to a microsoft website. Maybe you're browsing in another browser trying to remove this virus. I'll show you how to remove it.
First thing to try is TDSSKiller by Kaspersky
How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?
If that doesn't work, try these methods:
Reboot your computer, use F8 to get in "Safe Mode with networking" and remove these files:
Use NoScript to block Neudesicmediagroup.com from Google.com [ If it shows up. Otherwise you may have to either wait or keep cleaning until it appears. ]
Also block turn.com.
Go to your Network and Sharing Center and change the DNS to Google's Service.
After that, Check if your Network is set to Private. Not Public.
Use CCleaner to clean out your Registry then clean your computer using it's main function.
Check your Browser and type in goingonearth and see if it changes into an Anagram. If it keeps doing so then try any other method
If all is clean update everything!
If all else fails, do what I did. use ComboFix. ComboFix is only to be used if requested to do so. Only use this if everything fails and not for anything else. Even this can harm your computer's speed and stability.
Here's the download for ComboFix: Combofix - Free software downloads and software reviews - CNET Downloads
If this doesn't work either, then idk.
Try CCleaner from Piriform to temporarily fix this virus.
If you ever get this same virus, don't get alarmed. It doesn't do any damage but just annoy you with its redirecting. It affects Google Chrome, Internet Explorer, Mozilla Firefox, and sometimes even Opera. If you search how to remove it, it'll redirect you to a microsoft website. Maybe you're browsing in another browser trying to remove this virus. I'll show you how to remove it.
First thing to try is TDSSKiller by Kaspersky
How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?
If that doesn't work, try these methods:
Reboot your computer, use F8 to get in "Safe Mode with networking" and remove these files:
Code:
c:\documents and settings\All Users\Application Data\mazuki.dll
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\[username]\Application Data\.#
c:\windows\system\BCBSMP35.BPL
c:\windows\system32\sstray.exe
c:\windows\XSxSAlso block turn.com.
Go to your Network and Sharing Center and change the DNS to Google's Service.
After that, Check if your Network is set to Private. Not Public.
Use CCleaner to clean out your Registry then clean your computer using it's main function.
Check your Browser and type in goingonearth and see if it changes into an Anagram. If it keeps doing so then try any other method
If all is clean update everything!
If all else fails, do what I did. use ComboFix. ComboFix is only to be used if requested to do so. Only use this if everything fails and not for anything else. Even this can harm your computer's speed and stability.
Here's the download for ComboFix: Combofix - Free software downloads and software reviews - CNET Downloads
If this doesn't work either, then idk.
Try CCleaner from Piriform to temporarily fix this virus.
Last edited: