Calling Computer Tech Savy individuals

[rkser]

HELP!!!! My Google Search Engine is directing me to different sites. None of the Anti Virus programs I have tried work against this

Upon reading up on it, I understand it is a root kit virus, called by TDSS among other names, it has hijacked both, my IE and Moxilla browsers and when I double click on any of the websites listed which come up, on the search, it redirects to nonsense websites. IT HAS TAKEN OVER.

So far, I have tried Spybot, Malwarebytes, CCleaner, AOL Computer check up and counting among others, with no success.

Any and all help is appreciated.

Thanks and regards

 

[MichaelB]

Google redirect virus. A real PITA. Try tdsskiller Anti-rootkit utility TDSSKiller

 

[target2019]

Reboot to Safe Mode, and look for the hosts file in C:\Windows\System32 folder.
Open it with notepad and check to see that all lines are commented out with a "#" character.

Close the file and add a .bak extension so that Windows does not use the file, and reboot. It could be the TDSS thing, but also check for this problem.

 

[rkser]

Thanks guys,

I have tried the Kaspersky tdsskiller.exe 2 times with no success,
I am not able to follow the steps in the second suggestion above and a good possibility I will mess it up even more if I try.
I find out the TDSS has infected thousands of computers world wide and a lot of people are in distress due to this darn thing. It does have me at my wits end.

Thanks though

 

[MichaelB]

Sorry about that. The google redirect is a nasty SOB. It took me a couple of days. Persevere. Try combofix ComboFix | freeware

 

[target2019]

www.2-viruses.com/how-to-fix-google-results-hijacker-google-redirect-virus-problem

That link has specifics on how to fix various redirect problems.

Reboot to safe mode and food the instructions.

 

[easysurfer]

Heres some step-by-step instructions with TDSS killer:

How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller

Hope this helps.

 

[donheff]

If it is bad enough you might have to reformat the drive and start from scratch. But how many people create a system disk or image? It always irritates me that no one includes an OS disk with new PCs anymore.

 

[travelover]

I had a similar problem and ended up downloading some pretty potent software. I've forgotten the details, but it did work but caused a whole host of other issues with my computer that I've had to fix over many, many hours. I wish I had a simple solution, but all I can do is caution you to be careful.


http://www.early-retirement.org/forums/f27/anybody-dealt-with-the-redirect-virus-60283.html

 

[MBAustin]

If you don't have good backups of your data and copies of programs to reinstall, you may want to take it to a professional for "eradication". It will probably cost $100-$200. But be warned - some of these viruses are so nasty that the only practical way to eradicate is to reformat the disk and start over, so please discuss this with the professional as they may be able to backup your documents/photos/etc. first. Good luck!

 

[easysurfer]

Found another option to try to fix:

Remove Google redirect virus

 

[easysurfer]

If it is bad enough you might have to reformat the drive and start from scratch. But how many people create a system disk or image? It always irritates me that no one includes an OS disk with new PCs anymore.

After being burned a few times in the past (PC won't boot, system file corrupted, for example) I do use some freebie hard drive imaging software to make my own image of a clean system that I can get back to just in case.

Some manufacturers (such as Dell) place an image of the original system on a recovery partition. So after moving important data externally, one my be able to recover from this partition.

 

[target2019]

Have to repeat that it is unlikely a standard user will get rid of everything in one pass. It usually takes me at least a few hours to identify, mitigate, remove, etc. I have had almost 100% success removing simple and complicated Malware. But it is probably the most confounding thing I do. Very hard to describe how I wrangle these beasts.

 

[ratto]

Not sure how the OP's computer got infected at the fist place. Generally, it's safer to login as a non-privileged user account for daily use, instead of admin. So if there's any damage done, deliberately or inadvertently, the impact scope will be localized instead of vital system files (assuming no lousy OS kernel code here). Fortunately, M$ hasn't patented this common sense practice yet. We will see if Apple will make the claim or not.

For some malware infections, they can be remedied by logging as admin to remove the infected account and its associated files, then recreating it from scratch. This approach won't work if the system files have already been compromised.

 

[someguy]

You could also try doing a system restore. Boot to safe mode and Start, Accessories, System Tools, System Restore. Pick the most recent date that you know 100% for sure is prior to the infection.

Otherwise, you may be best to take it to a pro. Rootkits are particularly nasty and hard to get rid of.

 

[ERD50]

After being burned a few times in the past (PC won't boot, system file corrupted, for example) I do use some freebie hard drive imaging software to make my own image of a clean system that I can get back to just in case.

I'm amazed at how many people don't do that. It's one of the things I really liked about the Mac - that was a very simple thing to do (and not just do it, but actually boot from the clone to verify it, w/o having to actually re-install).

Some manufacturers (such as Dell) place an image of the original system on a recovery partition. So after moving important data externally, one my be able to recover from this partition.

Have to repeat that it is unlikely a standard user will get rid of everything in one pass. It usually takes me at least a few hours to identify, mitigate, remove, etc. I have had almost 100% success removing simple and complicated Malware. But it is probably the most confounding thing I do. Very hard to describe how I wrangle these beasts.

target2019 - is reformatting the infected partition, and then recovering from the recovery partition (if installed) a solution, or does the malware embed itself beyond that?

Another good tool for these issues is to have linux installed on a USB thumb drive. You can boot from that and look around, w/o any Windows malware issues. You might even decide to switch to Linux after that.

-ERD50

 

[rkser]

I am finding it very frustrating to keep running one anti viral program after another with no success whatsoever. I will take a sanity break tonight and will get back to it tomorrow evening. Keep the suggestions coming, hopefully one will work

The darn Google redirect virus #@#@^&%

Thanks a lot for helping me out guys

 

[target2019]

target2019 - is reformatting the infected partition, and then recovering from the recovery partition (if installed) a solution, or does the malware embed itself beyond that?

I don't know what the total count of viruses/Malware is, or what all possibilities may be, but I suspect anything is possible. For instance, a boot sector virus would still remain after your scenario.

WRT using Linux boot, that might be something beyond the average user.

 

[target2019]

I am finding it very frustrating to keep running one anti viral program after another with no success whatsoever. I will take a sanity break tonight and will get back to it tomorrow evening. Keep the suggestions coming, hopefully one will work

The darn Google redirect virus #@#@^&%

Thanks a lot for helping me out guys

Has any trusted anti virus solution given you positive results? Or are you diagnosing this from symptoms?

Are you able to boot to safe mode with networking?

What about system restore? Are you familiar with that?

 

[MichaelB]

Has any trusted anti virus solution given you positive results? Or are you diagnosing this from symptoms?

The problem is the major antivirus programs, like Norton, Trend Micro, don't do anything to the google redirect virus. You can have great antivirus protection and still get infected. It appears to evolve, so the solution for one computer does not always work for others. Google support function has many threads on this covering different tools. My suggestion is to read through the threads there looking for solutions. Here is a link http://productforums.google.com/forum/m/#!search/Redirect$20virus

 

[target2019]

The problem is the major antivirus programs, like Norton, Trend Micro, don't do anything to the google redirect virus. You can have great antivirus protection and still get infected. It appears to evolve, so the solution for one computer does not always work for others. Google support function has many threads on this covering different tools. My suggestion is to read through the threads there looking for solutions. Here is a link http://productforums.google.com/forum/m/#!search/Redirect$20virus

Careful. Some of the links may not be safe. I found one that says:

Hey everyone, here is a link to get the Google Redirect Virus Removal tool. It worked for me, hope it works for everyone else.

Sure, I'll click that...

 

[MichaelB]

Careful. Some of the links may not be safe. I found one that says:

Hey everyone, here is a link to get the Google Redirect Virus Removal tool. It worked for me, hope it works for everyone else.

Sure, I'll click that...

Not all anonymous links in a public forum are safe? Perish the thought.

Seriously, it's pretty easy to separate the wheat from the chaff in those posts. It is a public forum, however, and has the usual mix of real experts, well-meaning doofi, and bored anti-social adolescents. Caveat emptor.

 

[travelover]

...........well-meaning doofi......... bored anti-social adolescents........

Thanks. You've given me some great potential new screen names.

 

[rkser]

Thanks Target2019, Michael and other good souls trying to help,

So far I have tried these and counting -

- System Restore is not letting me go back enough days to avoid this,

- Malware Bytes - Free - This is the resident antimalware on my Laptop, and has been run numerous times

- Aol Computer Checkup - Which was the resident, I removed this C#*p

- McAffey - Free benefit to paying AOL members- I had removed this useless piece ..... before this attack happened, but I found out it is still there somewhere in the guts of my computer as per Combofix

- TDSkiller from Kaspersky downloaded from multiple sites and ran multiple times - The automatic version. I have yet to do the manual version where I have to send my computer info to Kapersky Lab for detection

- Combofix - 2 times

- SpeedyPC Pro - Ran it but did not buy it (They were sly and not upfront about the price to remove, till the end)

-SuperAntispyware - Same as SpeedyPC pro, the sly way of hiding the cost till the very end

- SZsetupAV from Stopzilla - ran it with no success

- Emsisoft Anti Malware - No success




_______________________________________________________

The Results so far -

The Windows Firewall in now ON, which was not ON (Unable to show) before I started with these.
The Windows Automatic Update has been ON at all times


______________________________________

Now I am running the Manual Removal of the TDS Killer from Kaspersky

Any recommendations ?? Which antiviral program to buy, as I am not sure which one is the all powerful, which one would cover most of these nuisance viruses



Wish me some luck, thanks again for the help

 

[Lsbcal]

Sorry to hear of your travails rkser.

Any idea how you got this thing on your machine? I'm hoping to avoid any such encounter.