Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Calling Computer Tech Savy individuals
Old 08-27-2012, 04:32 PM   #1
Recycles dryer sheets
 
Join Date: Oct 2007
Posts: 123
Calling Computer Tech Savy individuals

HELP!!!! My Google Search Engine is directing me to different sites. None of the Anti Virus programs I have tried work against this

Upon reading up on it, I understand it is a root kit virus, called by TDSS among other names, it has hijacked both, my IE and Moxilla browsers and when I double click on any of the websites listed which come up, on the search, it redirects to nonsense websites. IT HAS TAKEN OVER.

So far, I have tried Spybot, Malwarebytes, CCleaner, AOL Computer check up and counting among others, with no success.

Any and all help is appreciated.

Thanks and regards
__________________

__________________
rkser is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 08-27-2012, 04:39 PM   #2
Moderator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Rocky Inlets
Posts: 24,463
Google redirect virus. A real PITA. Try tdsskiller Anti-rootkit utility TDSSKiller
__________________

__________________
MichaelB is online now   Reply With Quote
Old 08-27-2012, 05:48 PM   #3
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,708
Reboot to Safe Mode, and look for the hosts file in C:\Windows\System32 folder.
Open it with notepad and check to see that all lines are commented out with a "#" character.

Close the file and add a .bak extension so that Windows does not use the file, and reboot. It could be the TDSS thing, but also check for this problem.
__________________
target2019 is offline   Reply With Quote
Old 08-27-2012, 07:14 PM   #4
Recycles dryer sheets
 
Join Date: Oct 2007
Posts: 123
Thanks guys,

I have tried the Kaspersky tdsskiller.exe 2 times with no success,
I am not able to follow the steps in the second suggestion above and a good possibility I will mess it up even more if I try.
I find out the TDSS has infected thousands of computers world wide and a lot of people are in distress due to this darn thing. It does have me at my wits end.

Thanks though
__________________
rkser is offline   Reply With Quote
Old 08-27-2012, 07:32 PM   #5
Moderator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Rocky Inlets
Posts: 24,463
Sorry about that. The google redirect is a nasty SOB. It took me a couple of days. Persevere. Try combofix ComboFix | freeware
__________________
MichaelB is online now   Reply With Quote
Old 08-27-2012, 08:04 PM   #6
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,708
http://www.2-viruses.com/how-to-fix-...-virus-problem

That link has specifics on how to fix various redirect problems.

Reboot to safe mode and food the instructions.
__________________
target2019 is offline   Reply With Quote
Old 08-27-2012, 08:48 PM   #7
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,890
Heres some step-by-step instructions with TDSS killer:

How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller

Hope this helps.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is offline   Reply With Quote
Old 08-28-2012, 07:20 AM   #8
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
donheff's Avatar
 
Join Date: Feb 2006
Location: Washington, DC
Posts: 8,644
If it is bad enough you might have to reformat the drive and start from scratch. But how many people create a system disk or image? It always irritates me that no one includes an OS disk with new PCs anymore.
__________________
Every man is, or hopes to be, an Idler. -- Samuel Johnson
donheff is offline   Reply With Quote
Old 08-28-2012, 08:27 AM   #9
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,894
I had a similar problem and ended up downloading some pretty potent software. I've forgotten the details, but it did work but caused a whole host of other issues with my computer that I've had to fix over many, many hours. I wish I had a simple solution, but all I can do is caution you to be careful.


Anybody dealt with the redirect virus?
__________________
Yes, I have achieved work / life balance.
travelover is online now   Reply With Quote
Old 08-28-2012, 09:09 AM   #10
Moderator
MBAustin's Avatar
 
Join Date: Jul 2010
Posts: 4,158
If you don't have good backups of your data and copies of programs to reinstall, you may want to take it to a professional for "eradication". It will probably cost $100-$200. But be warned - some of these viruses are so nasty that the only practical way to eradicate is to reformat the disk and start over, so please discuss this with the professional as they may be able to backup your documents/photos/etc. first. Good luck!
__________________
"One of the funny things about the stock market is that every time one person buys, another sells, and both think they are astute." William Feather
----------------------------------
ER'd Oct. 2010 at 53. Life is good.
MBAustin is offline   Reply With Quote
Old 08-28-2012, 09:22 AM   #11
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,890
Found another option to try to fix:

Remove Google redirect virus
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is offline   Reply With Quote
Old 08-28-2012, 09:32 AM   #12
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,890
Quote:
Originally Posted by donheff View Post
If it is bad enough you might have to reformat the drive and start from scratch. But how many people create a system disk or image? It always irritates me that no one includes an OS disk with new PCs anymore.
After being burned a few times in the past (PC won't boot, system file corrupted, for example) I do use some freebie hard drive imaging software to make my own image of a clean system that I can get back to just in case.

Some manufacturers (such as Dell) place an image of the original system on a recovery partition. So after moving important data externally, one my be able to recover from this partition.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is offline   Reply With Quote
Old 08-28-2012, 11:54 AM   #13
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,708
Have to repeat that it is unlikely a standard user will get rid of everything in one pass. It usually takes me at least a few hours to identify, mitigate, remove, etc. I have had almost 100% success removing simple and complicated Malware. But it is probably the most confounding thing I do. Very hard to describe how I wrangle these beasts.
__________________
target2019 is offline   Reply With Quote
Old 08-28-2012, 12:17 PM   #14
Recycles dryer sheets
ratto's Avatar
 
Join Date: Mar 2011
Posts: 225
Not sure how the OP's computer got infected at the fist place. Generally, it's safer to login as a non-privileged user account for daily use, instead of admin. So if there's any damage done, deliberately or inadvertently, the impact scope will be localized instead of vital system files (assuming no lousy OS kernel code here). Fortunately, M$ hasn't patented this common sense practice yet. We will see if Apple will make the claim or not.

For some malware infections, they can be remedied by logging as admin to remove the infected account and its associated files, then recreating it from scratch. This approach won't work if the system files have already been compromised.
__________________
ratto is offline   Reply With Quote
Old 08-28-2012, 12:38 PM   #15
Recycles dryer sheets
 
Join Date: Jun 2012
Posts: 489
You could also try doing a system restore. Boot to safe mode and Start, Accessories, System Tools, System Restore. Pick the most recent date that you know 100% for sure is prior to the infection.

Otherwise, you may be best to take it to a pro. Rootkits are particularly nasty and hard to get rid of.
__________________
someguy is offline   Reply With Quote
Old 08-28-2012, 06:32 PM   #16
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Quote:
Originally Posted by easysurfer View Post
After being burned a few times in the past (PC won't boot, system file corrupted, for example) I do use some freebie hard drive imaging software to make my own image of a clean system that I can get back to just in case.
I'm amazed at how many people don't do that. It's one of the things I really liked about the Mac - that was a very simple thing to do (and not just do it, but actually boot from the clone to verify it, w/o having to actually re-install).

Quote:
Originally Posted by easysurfer View Post
Some manufacturers (such as Dell) place an image of the original system on a recovery partition. So after moving important data externally, one my be able to recover from this partition.
Quote:
Originally Posted by target2019 View Post
Have to repeat that it is unlikely a standard user will get rid of everything in one pass. It usually takes me at least a few hours to identify, mitigate, remove, etc. I have had almost 100% success removing simple and complicated Malware. But it is probably the most confounding thing I do. Very hard to describe how I wrangle these beasts.
target2019 - is reformatting the infected partition, and then recovering from the recovery partition (if installed) a solution, or does the malware embed itself beyond that?

Another good tool for these issues is to have linux installed on a USB thumb drive. You can boot from that and look around, w/o any Windows malware issues. You might even decide to switch to Linux after that.

-ERD50
__________________
ERD50 is offline   Reply With Quote
Old 08-28-2012, 07:33 PM   #17
Recycles dryer sheets
 
Join Date: Oct 2007
Posts: 123
I am finding it very frustrating to keep running one anti viral program after another with no success whatsoever. I will take a sanity break tonight and will get back to it tomorrow evening. Keep the suggestions coming, hopefully one will work

The darn Google redirect virus #@#@^&%

Thanks a lot for helping me out guys
__________________
rkser is offline   Reply With Quote
Old 08-29-2012, 04:31 AM   #18
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,708
Quote:
Originally Posted by ERD50
target2019 - is reformatting the infected partition, and then recovering from the recovery partition (if installed) a solution, or does the malware embed itself beyond that?
I don't know what the total count of viruses/Malware is, or what all possibilities may be, but I suspect anything is possible. For instance, a boot sector virus would still remain after your scenario.

WRT using Linux boot, that might be something beyond the average user.
__________________
target2019 is offline   Reply With Quote
Old 08-29-2012, 04:36 AM   #19
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,708
Quote:
Originally Posted by rkser
I am finding it very frustrating to keep running one anti viral program after another with no success whatsoever. I will take a sanity break tonight and will get back to it tomorrow evening. Keep the suggestions coming, hopefully one will work

The darn Google redirect virus #@#@^&%

Thanks a lot for helping me out guys
Has any trusted anti virus solution given you positive results? Or are you diagnosing this from symptoms?

Are you able to boot to safe mode with networking?

What about system restore? Are you familiar with that?
__________________
target2019 is offline   Reply With Quote
Old 08-29-2012, 06:32 AM   #20
Moderator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Rocky Inlets
Posts: 24,463
Quote:
Originally Posted by target2019 View Post
Has any trusted anti virus solution given you positive results? Or are you diagnosing this from symptoms?
The problem is the major antivirus programs, like Norton, Trend Micro, don't do anything to the google redirect virus. You can have great antivirus protection and still get infected. It appears to evolve, so the solution for one computer does not always work for others. Google support function has many threads on this covering different tools. My suggestion is to read through the threads there looking for solutions. Here is a link http://productforums.google.com/forum/m/#!search/Redirect$20virus
__________________

__________________
MichaelB is online now   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


 

 
All times are GMT -6. The time now is 02:19 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.