The Geomoks virus keeps up the adverse trend of duping computer users into allowing notifications for dodgy websites. This hoax is currently gaining momentum as it might allow cybercrooks to gain elevated privileges in one’s system, harvest sensitive online information, and execute arbitrary malicious code in the background. The annoying popups on geomoks.com are the tip of the iceberg, so go ahead and learn what’s down below.
What is the Geomoks virus?
Geomoks.com is dangerous to visit as it instantly displays a popup prompting you to enable its notifications. If you click the Close icon or the Block button, the website generates the same popup immediately. Should you fall for the trick and click Allow, you do enable the notifications. Technically, this entails drive-by installation of adware whose properties have yet to be explored. The adware may be more than just an annoying advertising program. It might have features of spyware and other malicious characteristics.
The threat actors who masterminded the Geomoks.com campaign are smart enough to predict that most people visiting the site are about to leave it. Otherwise, it is rather straightforward displaying another popup reading as follows:
To start streaming your video
The crooks behind the adware are well aware that few users are going to be enthusiastic about such invitations. They rather expect the user is going to have no room for clicks as the popups overlap the greater portion of the website. Any click on any of the two popups triggers the malware installation process.
The above scenario is an example observed in the trial visit to geomoks.com. To avoid the need for Geomoks virus removal, please refrain from visiting that page. Otherwise, apply proper precaution: do not click any popups it shows and secure your device with a trusted antivirus.
Again, the infection chain laid down above is an example. It might vary depending on website adjustments, your browser configuration, and your location. In particular, the website determines the region you are in according to your IP. Therefore, it displays the language version customized for your area. The website’s URL might also assume a different shape, such as 72.geomoks.com/?h=975175019_852ec73c1fd_98_*. The tail part is an example of ID it assigns as per malvertising sub-campaign.
Many users are well aware of the annoying website. They see it any time they launch their default browser or open a new tab. The adware thus acts as a classic hijacker for a browser. It hacks its settings so that geomoks.com becomes the default destination for a new tab and / or other browser set-ups like the start page and preferred search engine.
Meanwhile, the website itself prompts its visitors to download and install the adware. As we can see, there are two malicious installation packages associated with the website in question. To get rid of geomoks.com redirects and to remove Geomoks adware as dropped from the website in question, please follow the removal guide below.
Geomoks.com popup automatic removal
The extermination of Geomoks.com redirect can be efficiently accomplished with reliable security software. Sticking to the automatic cleanup technique ensures that all components of the infection get thoroughly wiped out from your system.
1. Download recommended security utility and get your PC checked for malicious objects by selecting the Start Computer Scan option
2. The scan will come up with a list of detected items. Click Fix Threats to get the popup removed from your system. Completing this phase of the cleanup process is most likely to lead to complete eradication of the infection. However, it might be a good idea to consider ascertaining the popup is gone for good.
Remove Geomoks.com popup using Control Panel
- Open Control Panel. On Windows XP / Windows 8, go to Add or Remove Programs. If your OS is Windows Vista / Windows 7 / Windows 10, choose Uninstall a program
- Look down the list and locate an app that appears fishy. Click the Uninstall/Change (Change/Remove) option to get the intruder removed if spotted
Geomoks.com popup removal by resetting the affected browser
Please take into consideration that as effective as it is, the procedure of restoring browser defaults will lead to the loss of personalized settings such as saved passwords, bookmarks, browsing history, cookies, etc. In case you are not certain this outcome is suitable despite its obvious efficiency, it’s advised to follow the automatic removal method described in one of the previous sections of this tutorial.
Reset Google Chrome
- Click on the Chrome menu icon and select Settings
- Locate the Advanced option under Settings and click on it to expand the menu. Then, pick the Reset button at the bottom
- When a new screen appears, hit Reset once again
- Chrome will now display a confirmation dialog box listing the types of data that will be lost if you proceed. Read the message carefully and, if you’re sure, click Reset
Reset Mozilla Firefox
- Click on Help menu and select Troubleshooting Information from the drop-down list, or type about:support in the URL field
- On the Troubleshooting Information screen, click Refresh Firefox option and confirm the procedure on another dialog
Reset Internet Explorer
- In IE, go to Tools and select Internet Options from the list
- Hit the Advanced tab and click on the Reset option
- IE will now display Reset Internet Explorer Settings box, where you should put a checkmark next to Delete personal settings option and click Reset at the bottom
Verify whether Geomoks.com popup has been completely removed
For certainty’s sake, it’s advised to repeatedly run a scan with the automatic security software in order to make sure no harmful remnants of this redirect are left inside Windows Registry and other operating system locations.