Google Redirect Virus

October 8, 2011 at 14:52:38
Specs: Windows XP, 2.992 GHz / 1022 MB
I also have the Google redirect virus and was hoping someone could walk me through the disinfecting process since my anti-virus software seems to be useless against it.

I use Firefox for my browser and the machine runs with MS XP.


See More: Google Redirect Virus

Report •

#1
October 8, 2011 at 17:40:02
You can try a full scan using malwarebytes and fix all it finds for starters....post back how you make out with that

Some HELP in posting on Computing.net plus free progs and instructions 7 Medals


Report •

#2
October 8, 2011 at 21:09:59
Google redirect virus is a browser hijacker related to tdss.rootkit. heres an introduction of redirect virus:
"Internet Explorer redirect virus, which is mostly known as Google Searches redirecting virus is a browser hijacker related to TDSS.RootKit and ZeroAccess Rootkit malwares. It makes some changes in browser settings and causes browser redirection. Not only IE but this virus may cause other browsers to redirect and as this virus is popular as Google Redirect malware but remember it also creates the same problem with other search engines like Bing, Yahoo and Ask.com."

You may remove this google redirect virus by install an anti malware like Malware Bytes or Super antispyware, or do it manually
http://www.techvts.com/google-searc...


Report •

#3
October 8, 2011 at 21:17:09
Malwarebytes picked up a few things (log below). A few years back, I was hit with this and was told that I needed to do more than that. Is this it?

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7906

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

10/8/2011 9:12:58 PM
mbam-log-2011-10-08 (21-12-58).txt

Scan type: Quick scan
Objects scanned: 217808
Time elapsed: 11 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWaySearchAssistantDE.Auxiliary (Adware.MyWaySearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWaySearchAssistantDE.Auxiliary.1 (Adware.MyWaySearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\SYSTEM32\kd139432.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\020000008698e3131406c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\020000008698e3131406o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\020000008698e3131406p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\SYSTEM32\020000008698e3131406s.manifest (Malware.Trace) -> Quarantined and delete


Report •

Related Solutions

#4
October 8, 2011 at 23:09:36

Report •

#5
October 9, 2011 at 09:16:46
Came up clean other than a few tracking cookies.

Report •

#6
October 9, 2011 at 09:21:42

Report •

#7
October 20, 2011 at 21:39:46
Seemed to disappear, but is back in full force today. I rescanned using MB, Hitman Pro, and the Trojan Remover but none found anything new this time.

Report •

#8
October 20, 2011 at 22:01:49
ok, time for you to use combofix:
http://www.bleepingcomputer.com/com...
Follow the online guide and you should be fine

Some HELP in posting on Computing.net plus free progs and instructions 7 Medals


Report •

Ask Question