|
|
Calling Computer Tech Savy individuals
08-27-2012, 03:32 PM
|
#1
|
Full time employment: Posting here.
Join Date: Oct 2007
Posts: 621
|
Calling Computer Tech Savy individuals
HELP!!!! My Google Search Engine is directing me to different sites. None of the Anti Virus programs I have tried work against this
Upon reading up on it, I understand it is a root kit virus, called by TDSS among other names, it has hijacked both, my IE and Moxilla browsers and when I double click on any of the websites listed which come up, on the search, it redirects to nonsense websites. IT HAS TAKEN OVER.
So far, I have tried Spybot, Malwarebytes, CCleaner, AOL Computer check up and counting among others, with no success.
Any and all help is appreciated.
Thanks and regards
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
08-27-2012, 03:39 PM
|
#2
|
Administrator
Join Date: Jan 2008
Location: Chicagoland
Posts: 40,725
|
Google redirect virus. A real PITA. Try tdsskiller Anti-rootkit utility TDSSKiller
|
|
|
08-27-2012, 04:48 PM
|
#3
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
Reboot to Safe Mode, and look for the hosts file in C:\Windows\System32 folder.
Open it with notepad and check to see that all lines are commented out with a "#" character.
Close the file and add a .bak extension so that Windows does not use the file, and reboot. It could be the TDSS thing, but also check for this problem.
|
|
|
08-27-2012, 06:14 PM
|
#4
|
Full time employment: Posting here.
Join Date: Oct 2007
Posts: 621
|
Thanks guys,
I have tried the Kaspersky tdsskiller.exe 2 times with no success,
I am not able to follow the steps in the second suggestion above and a good possibility I will mess it up even more if I try.
I find out the TDSS has infected thousands of computers world wide and a lot of people are in distress due to this darn thing. It does have me at my wits end.
Thanks though
|
|
|
08-27-2012, 06:32 PM
|
#5
|
Administrator
Join Date: Jan 2008
Location: Chicagoland
Posts: 40,725
|
Sorry about that. The google redirect is a nasty SOB. It took me a couple of days. Persevere. Try combofix ComboFix | freeware
|
|
|
08-27-2012, 07:04 PM
|
#6
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
http://www.2-viruses.com/how-to-fix-...-virus-problem
That link has specifics on how to fix various redirect problems.
Reboot to safe mode and food the instructions.
|
|
|
08-27-2012, 07:48 PM
|
#7
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,150
|
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
08-28-2012, 06:20 AM
|
#8
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Feb 2006
Location: Washington, DC
Posts: 11,331
|
If it is bad enough you might have to reformat the drive and start from scratch. But how many people create a system disk or image? It always irritates me that no one includes an OS disk with new PCs anymore.
__________________
Idleness is fatal only to the mediocre -- Albert Camus
|
|
|
08-28-2012, 07:27 AM
|
#9
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Mar 2007
Posts: 14,328
|
I had a similar problem and ended up downloading some pretty potent software. I've forgotten the details, but it did work but caused a whole host of other issues with my computer that I've had to fix over many, many hours. I wish I had a simple solution, but all I can do is caution you to be careful.
http://www.early-retirement.org/foru...rus-60283.html
|
|
|
08-28-2012, 08:09 AM
|
#10
|
Moderator
Join Date: Jul 2010
Posts: 7,945
|
If you don't have good backups of your data and copies of programs to reinstall, you may want to take it to a professional for "eradication". It will probably cost $100-$200. But be warned - some of these viruses are so nasty that the only practical way to eradicate is to reformat the disk and start over, so please discuss this with the professional as they may be able to backup your documents/photos/etc. first. Good luck!
__________________
"One of the funny things about the stock market is that every time one person buys, another sells, and both think they are astute." William Feather
----------------------------------
ER'd Oct. 2010 at 53. Life is good.
|
|
|
08-28-2012, 08:22 AM
|
#11
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,150
|
Found another option to try to fix:
Remove Google redirect virus
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
08-28-2012, 08:32 AM
|
#12
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,150
|
Quote:
Originally Posted by donheff
If it is bad enough you might have to reformat the drive and start from scratch. But how many people create a system disk or image? It always irritates me that no one includes an OS disk with new PCs anymore.
|
After being burned a few times in the past (PC won't boot, system file corrupted, for example) I do use some freebie hard drive imaging software to make my own image of a clean system that I can get back to just in case.
Some manufacturers (such as Dell) place an image of the original system on a recovery partition. So after moving important data externally, one my be able to recover from this partition.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
08-28-2012, 10:54 AM
|
#13
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
Have to repeat that it is unlikely a standard user will get rid of everything in one pass. It usually takes me at least a few hours to identify, mitigate, remove, etc. I have had almost 100% success removing simple and complicated Malware. But it is probably the most confounding thing I do. Very hard to describe how I wrangle these beasts.
|
|
|
08-28-2012, 11:17 AM
|
#14
|
Recycles dryer sheets
Join Date: Mar 2011
Posts: 225
|
Not sure how the OP's computer got infected at the fist place. Generally, it's safer to login as a non-privileged user account for daily use, instead of admin. So if there's any damage done, deliberately or inadvertently, the impact scope will be localized instead of vital system files (assuming no lousy OS kernel code here). Fortunately, M$ hasn't patented this common sense practice yet. We will see if Apple will make the claim or not.
For some malware infections, they can be remedied by logging as admin to remove the infected account and its associated files, then recreating it from scratch. This approach won't work if the system files have already been compromised.
|
|
|
08-28-2012, 11:38 AM
|
#15
|
Full time employment: Posting here.
Join Date: Jun 2012
Posts: 691
|
You could also try doing a system restore. Boot to safe mode and Start, Accessories, System Tools, System Restore. Pick the most recent date that you know 100% for sure is prior to the infection.
Otherwise, you may be best to take it to a pro. Rootkits are particularly nasty and hard to get rid of.
|
|
|
08-28-2012, 05:32 PM
|
#16
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Sep 2005
Location: Northern IL
Posts: 26,896
|
Quote:
Originally Posted by easysurfer
After being burned a few times in the past (PC won't boot, system file corrupted, for example) I do use some freebie hard drive imaging software to make my own image of a clean system that I can get back to just in case.
|
I'm amazed at how many people don't do that. It's one of the things I really liked about the Mac - that was a very simple thing to do (and not just do it, but actually boot from the clone to verify it, w/o having to actually re-install).
Quote:
Originally Posted by easysurfer
Some manufacturers (such as Dell) place an image of the original system on a recovery partition. So after moving important data externally, one my be able to recover from this partition.
|
Quote:
Originally Posted by target2019
Have to repeat that it is unlikely a standard user will get rid of everything in one pass. It usually takes me at least a few hours to identify, mitigate, remove, etc. I have had almost 100% success removing simple and complicated Malware. But it is probably the most confounding thing I do. Very hard to describe how I wrangle these beasts.
|
target2019 - is reformatting the infected partition, and then recovering from the recovery partition (if installed) a solution, or does the malware embed itself beyond that?
Another good tool for these issues is to have linux installed on a USB thumb drive. You can boot from that and look around, w/o any Windows malware issues. You might even decide to switch to Linux after that.
-ERD50
|
|
|
08-28-2012, 06:33 PM
|
#17
|
Full time employment: Posting here.
Join Date: Oct 2007
Posts: 621
|
I am finding it very frustrating to keep running one anti viral program after another with no success whatsoever. I will take a sanity break tonight and will get back to it tomorrow evening. Keep the suggestions coming, hopefully one will work
The darn Google redirect virus #@#@^&%
Thanks a lot for helping me out guys
|
|
|
08-29-2012, 03:31 AM
|
#18
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
Quote:
Originally Posted by ERD50
target2019 - is reformatting the infected partition, and then recovering from the recovery partition (if installed) a solution, or does the malware embed itself beyond that?
|
I don't know what the total count of viruses/Malware is, or what all possibilities may be, but I suspect anything is possible. For instance, a boot sector virus would still remain after your scenario.
WRT using Linux boot, that might be something beyond the average user.
|
|
|
08-29-2012, 03:36 AM
|
#19
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
Quote:
Originally Posted by rkser
I am finding it very frustrating to keep running one anti viral program after another with no success whatsoever. I will take a sanity break tonight and will get back to it tomorrow evening. Keep the suggestions coming, hopefully one will work
The darn Google redirect virus #@#@^&%
Thanks a lot for helping me out guys
|
Has any trusted anti virus solution given you positive results? Or are you diagnosing this from symptoms?
Are you able to boot to safe mode with networking?
What about system restore? Are you familiar with that?
|
|
|
08-29-2012, 05:32 AM
|
#20
|
Administrator
Join Date: Jan 2008
Location: Chicagoland
Posts: 40,725
|
Quote:
Originally Posted by target2019
Has any trusted anti virus solution given you positive results? Or are you diagnosing this from symptoms?
|
The problem is the major antivirus programs, like Norton, Trend Micro, don't do anything to the google redirect virus. You can have great antivirus protection and still get infected. It appears to evolve, so the solution for one computer does not always work for others. Google support function has many threads on this covering different tools. My suggestion is to read through the threads there looking for solutions. Here is a link http://productforums.google.com/forum/m/#!search/Redirect$20virus
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|