Google Redirect Virus

October 8, 2011 at 14:52:38
Specs: Windows XP, 2.992 GHz / 1022 MB
I also have the Google redirect virus and was hoping someone could walk me through the disinfecting process since my anti-virus software seems to be useless against it.

I use Firefox for my browser and the machine runs with MS XP.

See More: Google Redirect Virus

Report •

October 8, 2011 at 17:40:02
You can try a full scan using malwarebytes and fix all it finds for back how you make out with that

Some HELP in posting on plus free progs and instructions 7 Medals

Report •

October 8, 2011 at 21:09:59
Google redirect virus is a browser hijacker related to tdss.rootkit. heres an introduction of redirect virus:
"Internet Explorer redirect virus, which is mostly known as Google Searches redirecting virus is a browser hijacker related to TDSS.RootKit and ZeroAccess Rootkit malwares. It makes some changes in browser settings and causes browser redirection. Not only IE but this virus may cause other browsers to redirect and as this virus is popular as Google Redirect malware but remember it also creates the same problem with other search engines like Bing, Yahoo and"

You may remove this google redirect virus by install an anti malware like Malware Bytes or Super antispyware, or do it manually

Report •

October 8, 2011 at 21:17:09
Malwarebytes picked up a few things (log below). A few years back, I was hit with this and was told that I needed to do more than that. Is this it?

Malwarebytes' Anti-Malware

Database version: 7906

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

10/8/2011 9:12:58 PM
mbam-log-2011-10-08 (21-12-58).txt

Scan type: Quick scan
Objects scanned: 217808
Time elapsed: 11 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWaySearchAssistantDE.Auxiliary (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWaySearchAssistantDE.Auxiliary.1 (Adware.MyWaySearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\SYSTEM32\kd139432.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\020000008698e3131406c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\020000008698e3131406o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\020000008698e3131406p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\020000008698e3131406s.manifest (Malware.Trace) -> Quarantined and delete

Report •

Related Solutions

October 8, 2011 at 23:09:36

Report •

October 9, 2011 at 09:16:46
Came up clean other than a few tracking cookies.

Report •

October 9, 2011 at 09:21:42

Report •

October 20, 2011 at 21:39:46
Seemed to disappear, but is back in full force today. I rescanned using MB, Hitman Pro, and the Trojan Remover but none found anything new this time.

Report •

October 20, 2011 at 22:01:49
ok, time for you to use combofix:
Follow the online guide and you should be fine

Some HELP in posting on plus free progs and instructions 7 Medals

Report •

Ask Question