Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Old 08-29-2012, 08:38 AM   #21
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,708
Quote:
Originally Posted by MichaelB
The problem is the major antivirus programs, like Norton, Trend Micro, don't do anything to the google redirect virus. You can have great antivirus protection and still get infected. It appears to evolve, so the solution for one computer does not always work for others. Google support function has many threads on this covering different tools. My suggestion is to read through the threads there looking for solutions. Here is a link http://productforums.google.com/forum/m/#!search/Redirect$20virus
Careful. Some of the links may not be safe. I found one that says:

Hey everyone, here is a link to get the Google Redirect Virus Removal tool. It worked for me, hope it works for everyone else.

Sure, I'll click that...
__________________

__________________
target2019 is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 08-29-2012, 08:58 AM   #22
Moderator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Rocky Inlets
Posts: 24,463
Quote:
Originally Posted by target2019 View Post
Careful. Some of the links may not be safe. I found one that says:

Hey everyone, here is a link to get the Google Redirect Virus Removal tool. It worked for me, hope it works for everyone else.

Sure, I'll click that...
Not all anonymous links in a public forum are safe? Perish the thought.

Seriously, it's pretty easy to separate the wheat from the chaff in those posts. It is a public forum, however, and has the usual mix of real experts, well-meaning doofi, and bored anti-social adolescents. Caveat emptor.
__________________

__________________
MichaelB is online now   Reply With Quote
Old 08-29-2012, 09:47 AM   #23
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,894
Quote:
Originally Posted by MichaelB View Post
...........well-meaning doofi......... bored anti-social adolescents........
Thanks. You've given me some great potential new screen names.
__________________
Yes, I have achieved work / life balance.
travelover is online now   Reply With Quote
Old 08-29-2012, 09:57 AM   #24
Recycles dryer sheets
 
Join Date: Oct 2007
Posts: 123
Thanks Target2019, Michael and other good souls trying to help,

So far I have tried these and counting -

- System Restore is not letting me go back enough days to avoid this,

- Malware Bytes - Free - This is the resident antimalware on my Laptop, and has been run numerous times

- Aol Computer Checkup - Which was the resident, I removed this C#*p

- McAffey - Free benefit to paying AOL members- I had removed this useless piece ..... before this attack happened, but I found out it is still there somewhere in the guts of my computer as per Combofix

- TDSkiller from Kaspersky downloaded from multiple sites and ran multiple times - The automatic version. I have yet to do the manual version where I have to send my computer info to Kapersky Lab for detection

- Combofix - 2 times

- SpeedyPC Pro - Ran it but did not buy it (They were sly and not upfront about the price to remove, till the end)

-SuperAntispyware - Same as SpeedyPC pro, the sly way of hiding the cost till the very end

- SZsetupAV from Stopzilla - ran it with no success

- Emsisoft Anti Malware - No success




__________________________________________________ _____

The Results so far -

The Windows Firewall in now ON, which was not ON (Unable to show) before I started with these.
The Windows Automatic Update has been ON at all times


______________________________________

Now I am running the Manual Removal of the TDS Killer from Kaspersky

Any recommendations ?? Which antiviral program to buy, as I am not sure which one is the all powerful, which one would cover most of these nuisance viruses



Wish me some luck, thanks again for the help
__________________
rkser is offline   Reply With Quote
Old 08-29-2012, 07:13 PM   #25
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Lsbcal's Avatar
 
Join Date: May 2006
Location: west coast, hi there!
Posts: 5,686
Sorry to hear of your travails rkser.

Any idea how you got this thing on your machine? I'm hoping to avoid any such encounter.
__________________
Lsbcal is offline   Reply With Quote
Old 08-29-2012, 07:41 PM   #26
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,890
rkser,

Have you tried resetting your internet explorer browser? Maybe that will work?

http://www.ehow.com/info_10004342_in...-ad-pages.html

Of course, any add-ins you'll have to reinstall, but it may stop the redirect.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is offline   Reply With Quote
Old 08-29-2012, 09:01 PM   #27
Thinks s/he gets paid by the post
 
Join Date: May 2006
Location: Largo
Posts: 1,945
I had the virus about a year ago and found the solution by following a thread on some techie chat board. I think the solution involved ComboFix. I had to delete or type some things into my registry that was a little scary but I figured nothing ventured, nothing gained. I immediately purchased a 3 year Carbonite subscription after that.
__________________
Buckeye is offline   Reply With Quote
Old 08-29-2012, 09:47 PM   #28
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,708
Quote:
Originally Posted by Lsbcal View Post
Sorry to hear of your travails rkser.

Any idea how you got this thing on your machine? I'm hoping to avoid any such encounter.
Even though it is commonly called Google Redirect Virus, that is really a misnomer. The symptom is a redirect of search, but what delivered the problem was a virus or malware package. This link shows that.

The link I posted a few messages back is what has worked for me. Briefly, reboot to safe mode, install a/v software and malwarebytes. Empty caches. Scan with both. Revert the hosts file. Reboot to normal mode. Scan again. Check browser addins, and turn off suspicious.

In the situations I've encountered the redirect, it was delivered by a fake pc scanner package. Something will popup while you're working, and look believable. So the user clicks ok, I want to fix this, and you've given permission for the download. Your a/v may stop all or part of this from happening. In some cases I've just had to clean up the result, meaning remove browser addin, revert the hosts file, etc.
__________________
target2019 is offline   Reply With Quote
Old 08-29-2012, 11:35 PM   #29
Recycles dryer sheets
 
Join Date: Oct 2007
Posts: 123
Replying to some of the above posts -

Any idea how you got this thing on your machine? I'm hoping to avoid any such encounter. ??

-- No idea

-----------------------------------------------------

Have you tried resetting your internet explorer browser? Maybe that will work??

I have done that, although I mostly have been using Mozilla

--------------------------------------------------------------

I immediately purchased a 3 year Carbonite subscription after that.

- I have Carbonite, but just the thought of restoring a zillion files is not appealing, but if these attempts do not succeed I may end up doing that after a OS reinstall

--------------------------------------------------------------

I have sent in the scanned data of my laptop to 1)Bleeping Computer and 2)Smartest Computing . I am hoping some one on these two forums may be able to help.

Thanks for the support guys
__________________
rkser is offline   Reply With Quote
Old 08-30-2012, 06:22 AM   #30
Moderator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Rocky Inlets
Posts: 24,463
OS reinstall is a hassle. Hope one of those websites can help you gid rid of the pest. Good luck and keep us posted.
__________________
MichaelB is online now   Reply With Quote
Old 08-30-2012, 07:51 AM   #31
Thinks s/he gets paid by the post
 
Join Date: Jul 2012
Location: Mississippi
Posts: 1,878
You're reaching the point where you might have to reinstall for the sake of time. This is why if you take it to a PC shop, they will nuke it and reinstall. You can't pay $100/hr for some one to search for days trying to remove a virus.

I spend half my time removing this sort of crap from PCs. Without being able to see the specifics on your PC it's hard to give specific guidance. Malware bytes is excellent combofix is like a last resort before reinstall but both usually work.

Try another browser like chrome to see if it only is IE, it may be affecting jus IE.

Check for proxy settings, sometimes the redirectors turn on a proxy to do this. Check under internet options>connections tab>LAN settings>uncheck the box to use a proxy server, if checked.

It may have damaged your IP stack, you can reset by following this link using the netsh command.

How to reset Internet Protocol (TCP/IP)

There are way to setup your PC that make it fairly easy to reinstall but they don't come that way out of the box with wintendoze.
__________________
rbmrtn is online now   Reply With Quote
Old 08-30-2012, 08:10 AM   #32
Thinks s/he gets paid by the post
 
Join Date: Nov 2009
Posts: 3,869
I did not see anyone mention Spybot Search and Destroy. It is free and I have used it for years to remove bad stuff from my system and from my friends' systems.

Spybot - Search & Destroy from Safer Networking
__________________
Retired in late 2008 at age 45. Cashed in company stock, bought a lot of shares in a big bond fund and am living nicely off its dividends. IRA, SS, and a pension await me at age 60 and later. No kids, no debts.

"I want my money working for me instead of me working for my money!"
scrabbler1 is online now   Reply With Quote
Old 08-30-2012, 09:29 AM   #33
Thinks s/he gets paid by the post
 
Join Date: May 2006
Location: Largo
Posts: 1,945
Now that I see the name in one of your posts, the directions I followed were from the Bleeping Computer website/discussion board.

I followed the advice they had given someone else and it worked for me. I had spent many hours and was ready to give up but stumbled onto the solution. The directions had the warning "you can really mess up your computer if you do this wrong" but I took a deep breath, followed the instructions, and it worked.

As OP has mentioned, none of the AV software completed the job. I ran a ton of them.
__________________
Buckeye is offline   Reply With Quote
Old 08-30-2012, 10:28 AM   #34
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,890
For me, ususally a clean system lasts about 1 to 2 years. Sometimes it's time for a reinstall. Not a reinstall from scratch as I keep drive images of my system that I consider as clean. (Images kept on an external drive). For example, no need to reinstall from scratch and the apply Service Pack 2 again when I already have an image of Service Pack 2 already there. I remember about a year or so ago and I this keylogger on my system. For the life of me, I couldn't get rid of that. After trying for days, I had to just roll up my sleeves and do a restore from a clean image.


The most important stuff really is the data and not the OS.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is offline   Reply With Quote
Old 08-30-2012, 11:48 AM   #35
Recycles dryer sheets
 
Join Date: Sep 2007
Location: Portland/North Port
Posts: 182
Quote:
Originally Posted by rkser View Post
Thanks Target2019, Michael and other good souls trying to help,

So far I have tried these and counting -

....
I did not see you mention Microsoft security tools

Read this blog

Understanding Microsoft Anti-Malware Software 2012 ~ Security Garden

I suggest you try Microsoft SafetyScanner - I have good luck with this tool.

Microsoft Safety Scanner - Antivirus | Remove Spyware, Malware, Viruses Free
__________________
neihn is online now   Reply With Quote
Old 08-30-2012, 02:42 PM   #36
Recycles dryer sheets
 
Join Date: Oct 2007
Posts: 123
Try another browser like chrome
Check for proxy settings
IP stack, you can reset

- All the above done - Problem remains
---------------------------------------------------

Spybot Search and Destroy

- I have tried Spybot - With no success
---------------------------------------------------

I am going to try Microsoft Security now

Thanks for you help
__________________
rkser is offline   Reply With Quote
Old 08-30-2012, 05:29 PM   #37
Confused about dryer sheets
 
Join Date: Aug 2012
Posts: 2
Quote:
Originally Posted by neihn View Post
Thank you for referring rkser to my blog post, neihn. Seeing the link is what brought me here.

Quote:
Originally Posted by rkser View Post
So far I have tried these and counting -

- System Restore is not letting me go back enough days to avoid this,
- Malware Bytes
- Aol Computer Checkup
- McAffey
- TDSkiller
- Combofix - 2 times
- SpeedyPC Pro
-SuperAntispyware
- SZsetupAV from Stopzilla
- Emsisoft Anti Malware
Hi, rkser. I edited the quote of your post just to show the programs you've run to date. I suspect that the reason you have not yet been successful is because you don't know what to look for to remove, most particularly with ComboFix which should not be run without guidance.

I must also advise you not to start making changes to TDSSKiller as doing so can result in creating nothing more than a doorstop of your computer.

Although I am already a retiree, this does not appear to be the proper venue for analyzing logs. If you would like assistance, I would be happy to help at one of the forums where I handle malware removal.

I suggest that you register at either LandzDown.com or Sysnative.com and follow the log-posting instructions.
__________________
Microsoft MVP - Consumer Security
Corrine is offline   Reply With Quote
Old 08-30-2012, 09:45 PM   #38
Recycles dryer sheets
 
Join Date: Oct 2007
Posts: 123
I suggest you try Microsoft SafetyScanner - I have good luck with this tool.

- After downloading the MS Security Essentials, it will not start when I double clicked on the Icon.

- Thanks Corrine for your reply, probably you are right , now that the correction procedures are getting more involved and complicated, I will take this discussion trying to get a FIX , to more technical resources.

I began posting on Bleeping Computer, Smartest Computing and some others.
Thanks for your offer and suggestion to get problem to the your above mentioned forums.

Thanks everybody who contributed to this thread and I will post back the result either way. I am taking this discussion elsewhere, best regards
__________________
rkser is offline   Reply With Quote
Old 08-30-2012, 09:54 PM   #39
Confused about dryer sheets
 
Join Date: Aug 2012
Posts: 2
A bit of advice -- its best to just post at one site. You should be in good hands at Bleeping Computer.
__________________
Microsoft MVP - Consumer Security
Corrine is offline   Reply With Quote
Old 08-31-2012, 08:13 AM   #40
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,708
Once gave advice to someone, and they decided to go for paid online advice elsewhere. They installed a lot of crap remotely. Some of it was malware.

Recommendation to follow one line of advice is a good one. This thread has many answers, but applying things in a methodical way is difficult.
__________________

__________________
target2019 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


 

 
All times are GMT -6. The time now is 02:03 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.