Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

google ridirect virus

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » General Discussion Donate to DU
 
12string Donating Member (443 posts) Send PM | Profile | Ignore Wed May-11-11 01:54 AM
Original message
google ridirect virus
has anyone here had to deal with this?Any info would be ap0preciated.Thanks,12(Ted)
Printer Friendly | Permalink |  | Top
TheWraith Donating Member (1000+ posts) Send PM | Profile | Ignore Wed May-11-11 01:56 AM
Response to Original message
1. If you're referring to what I think you are, yes.
Search results being redirected to spam advertising pages? Unfortunately, as far as I'm aware the only "cure" once a machine is infected is to completely reinstall windows, then do a complete virus scan of the hard drive to find and destroy the backup copies.
Printer Friendly | Permalink |  | Top
 
Electric Monk Donating Member (1000+ posts) Send PM | Profile | Ignore Wed May-11-11 02:25 AM
Response to Reply #1
3. bing? nt
nt
Printer Friendly | Permalink |  | Top
 
Ichingcarpenter Donating Member (1000+ posts) Send PM | Profile | Ignore Wed May-11-11 02:11 AM
Response to Original message
2. I found this and more info at this site.
I had almost the exact same problem today and none of my anti-spyware programs (SpyBot, AdAware, MalwareBytes, Housecall) could fix it. Fortunately, I found the solution on another board. As a little bit of background, viruses sometimes will alter your "hosts" file, which is basically a file that controls the redirecting for your browsers (specifically, this file makes it faster for your computer to convert URLs into the relevant IP addresses by having a shortcut list of IP addresses instead of having to look them up when you type in the URL).

Anyway, enough background, here's what you need to do to fix:

(1) Click START > RUN > and type in "C:\windows\system32\drivers\etc\hosts"
(2) When prompted, open the HOSTS file in either Notepad or Wordpad
(3) Delete all the lines of IP addresses in the text document except for "127.0.0.1 localhost".

If you find several lines of IP numbers other than localhost in your hosts file, then this is almost definitely your problem and will be fixed right away. If not, then this probably isn't the issue, but it's worth a look.


http://www.google.co.jp/support/forum/p/Web+Search/thre...

Seems to be a nasty malware, I didn't know about it.
Printer Friendly | Permalink |  | Top
 
DainBramaged Donating Member (1000+ posts) Send PM | Profile | Ignore Wed May-11-11 02:37 AM
Response to Original message
4. GO HERE (it's a large download 109MB and FREE FREE FREE)
Edited on Wed May-11-11 03:05 AM by DainBramaged
http://majorgeeks.com/Kaspersky_Free_Cleaner_d4515.html

it is the ONLY scanner that kills this piece of shit rootkit that I have found, JUST used it successfully on my beautiful Daughter's boyfriend's laptop. AND I did a thread on this (Virus Total) that was largely ignored.

http://upload.democraticunderground.com/discuss/duboard...


Kaspersky Virus Removal Tool is a utility designed to remove all types of threats from computers. Kaspersky Virus Removal Tool uses the effective detection algorithms realized in Kaspersky Anti-Virus and AVZ.

Kaspersky Virus Removal Tool does not provide resident protection for your computer. After disinfecting a computer, you are supposed to remove the tool and install a full version of antivirus software.

Advantages:


Simplified interface.

Can be installed to an infected computer (Safe Mode supported).

Composite scan and disinfection system: signature detection and heuristic analyzer.

Gathering system information and interactive creation of scripts for disinfection.

General functions:


Automatic and manual removal of virus, Trojans and worms.

Automatic and manual removal of Spyware and Adware modules.

Automatic and manual removal of all types of rootkits.

Known issues:


System memory scan is unavailable in x64 versions of Windows XP / Vista / 7 due to specific features of application system drivers.

Impossible to rename application folder if User Account Control is enabled in Windows Vista settings and application Self-Defence disabled.

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool / (direct download)



(And click the MY COMPUTER box too)
Printer Friendly | Permalink |  | Top
 
DainBramaged Donating Member (1000+ posts) Send PM | Profile | Ignore Wed May-11-11 02:45 PM
Response to Original message
5. Never mind
Edited on Wed May-11-11 02:46 PM by DainBramaged
I have a feeling I am not welcome by the OP. Guess he's on his own, goodnight...
Printer Friendly | Permalink |  | Top
 
12string Donating Member (443 posts) Send PM | Profile | Ignore Wed May-11-11 11:39 PM
Response to Reply #5
6. welcome
I very much appreciate the info and will try it and let you know the outcome.I haven't had my PC on much since getting this damned virus,usually just when trying to battle it which so far has been unsuccessful and am trying not to spend more money on promises that don't seem to work.It is a very invasive bug that caused me to spend ten minutes and two attempts just to get this reply to you.Once again,thank you very much for your reply.Ted Harris,AKA 12string.
Printer Friendly | Permalink |  | Top
 
RamboLiberal Donating Member (1000+ posts) Send PM | Profile | Ignore Wed May-11-11 11:45 PM
Response to Original message
7. MalwareBytes & Combofix
Edited on Thu May-12-11 12:02 AM by RamboLiberal
My 2 go to products & I have done this for numerous PCs with malware including redirect malware.

Both are free. Make sure to get Combofix from Bleepingcomputer website. Also a good help forum there. And they can recommend any other malware & rootkit removal tools you might need.

Also Kaspersky TDSSKiller for rootkits.

Check out this discussion on Google Redirect on BleepingComputer. http://www.bleepingcomputer.com/forums/topic395104.html...

And DU has a computer help forum.

BTW it was Combofix that fixed the Google redirect on a coworker's PC. TDSSKiller may work as well. If you get rid of it I'd followup with MalwareBytes.
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Thu Oct 30th 2014, 12:04 PM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » General Discussion Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC