Our system detected that your browser is blocking advertisements on our site. Please help support FoxesTalk by disabling any kind of ad blocker while browsing this site. Thank you.
Jump to content
Parafox

Google redirect virus

By Parafox, in Entertainment Forum

Recommended Posts

Parafox

Parafox

Posted
Posted

I seem to have a virus that redirects all my google searches. When i click a link on Google I get redirected to different sites purpoting to be a search engine but I think they're bogus.

I have searched the web (on a different computer) and it seems to be something called "google redirect" virus. The fixes seem to be hit and miss so I was wondering if anyone else has had this or is sufficiently au fait with computers as to be able to help me cure it.

I'm running Windows XP home.

Any advice or help would be much appreciated

Thanks

Link to comment
Share on other sites
irDeano

irDeano

Posted
Posted

I had that on my old laptop, if I remember correctly the only way I managed to get rid of it was to use system restore and restore the computer to a date before you had the virus.

Link to comment
Share on other sites
JadeFalcon

JadeFalcon

Posted
Posted

download Malwarebytes from download.com install that and update it then give it a run over your system. you have a trojan and not a propper fully fledged virus. Also please use a browser such as FireFox, i will never use internet explorer as its too prone to attack via an activeX script. which is what a lot of sites use to do drive-by trojan downloads.

if u need any more help just ask here

Link to comment
Share on other sites
Parafox

Parafox

Posted
  • Author
Posted

download Malwarebytes from download.com install that and update it then give it a run over your system. you have a trojan and not a propper fully fledged virus. Also please use a browser such as FireFox, i will never use internet explorer as its too prone to attack via an activeX script. which is what a lot of sites use to do drive-by trojan downloads.

if u need any more help just ask here

Thanks Jade, I will try that... hopefully it will run because I read that some viruses/trojans will prevent malware anti virus from running.

Is that malwarebytes program easy to use?

Link to comment
Share on other sites
JadeFalcon

JadeFalcon

Posted
Posted

easy to use yes, but the results can sometimes be confusing especially if you've turned off something such as the windows firewall or auto updates. malwarebytes detects those as possible malware changes.

it does allow you to save a logfile tho so if you do get confused you can post it here so we can look through it

Link to comment
Share on other sites
Parafox

Parafox

Posted
  • Author
Posted

easy to use yes, but the results can sometimes be confusing especially if you've turned off something such as the windows firewall or auto updates. malwarebytes detects those as possible malware changes.

it does allow you to save a logfile tho so if you do get confused you can post it here so we can look through it

ok thanks.. I am at work so will have to try when I get home this evening.. I also read that I can delete IP addresses through a host file using the following... c:\windows\system32\drives\etc\hosts... is this likely to work?

Link to comment
Share on other sites
Parafox

Parafox

Posted
  • Author
Posted

ok thanks.. I am at work so will have to try when I get home this evening.. I also read that I can delete IP addresses through a host file using the following... c:\windows\system32\drives\etc\hosts... is this likely to work?

I have tried the above and deleted all but the "localhost" address and it seems to have stopped the re-directs, Is it likely that the malware is still there? I will download Malwarebytes and run it anyway.

I already have Spybot S&D as well as Avir anti-virus and a firewall and windows defender. None of these stopped the infection nor could it be removed by them. It all seemed to kick off when I downloaded Microsoft Security Essentials. I'm wondering if that was from a bogus site (it looked real enough).

Thanks for taking the time to help me. It's appreciated

Link to comment
Share on other sites
ozleicester

ozleicester

Posted
Posted

I have tried the above and deleted all but the "localhost" address and it seems to have stopped the re-directs, Is it likely that the malware is still there? I will download Malwarebytes and run it anyway.

I already have Spybot S&D as well as Avir anti-virus and a firewall and windows defender. None of these stopped the infection nor could it be removed by them. It all seemed to kick off when I downloaded Microsoft Security Essentials. I'm wondering if that was from a bogus site (it looked real enough).

Thanks for taking the time to help me. It's appreciated

Security essentials (i think) is a dodgy thing and probably what brought in the trojan., you may have to run malwe\are bytes a few times...i also ran spybot a few times.. to finally clear. If its the same one as i had, you may need a rootkiller too.

Link to comment
Share on other sites
DB11

DB11

Posted
Posted

Run HijackThis (although, with all due respect, you're probably not computer-techy enough to understand how this works and what / what not to remove else you wouldn't asking for help on how to remove a virus, but I'll leave this as a point anyway)

CCleaner

MalwareBytes

Reset Internet Explorer

Full scan with anti virus software that you have (just to be safe)

Should be good to go.

Link to comment
Share on other sites
Parafox

Parafox

Posted
  • Author
Posted

Run HijackThis (although, with all due respect, you're probably not computer-techy enough to understand how this works and what / what not to remove else you wouldn't asking for help on how to remove a virus, but I'll leave this as a point anyway)

CCleaner

MalwareBytes

Reset Internet Explorer

Full scan with anti virus software that you have (just to be safe)

Should be good to go.

Thanks, Quite right I am a silver surfer so I only point and click. How do i reset IE?

Thanks for your help

Link to comment
Share on other sites
Parafox

Parafox

Posted
  • Author
Posted

Tools > Internet Options > Advanced > Reset

Ok Thanks.

Will this get rid of all the IP addresses in the c:\windows32 hosts file. apparently it could be that's where this thing is lurking so i need to remove them. I tried manually selecting them and clicking delete but they just re-appeared.

Also I cant now re-boot in safe mode I only get option to skip restore data and load from boot file (or something like that) Then it just loads normally but obviously i need to be in safe mode to run scans etc.

Sorry to be a pain but It's starting to get to me :frusty:

Link to comment
Share on other sites
Parafox

Parafox

Posted
  • Author
Posted

Security essentials (i think) is a dodgy thing and probably what brought in the trojan., you may have to run malwe\are bytes a few times...i also ran spybot a few times.. to finally clear. If its the same one as i had, you may need a rootkiller too.

I ran CCcleaner and it deleted spybot S&D !! FFS :frusty::frusty::frusty:

Link to comment
Share on other sites
ozleicester

ozleicester

Posted
Posted

DB11 is usually pretty on the ball with these things so id suggest following his instructions. (mind you, I found Hitman pro quite intimidating, so if you arent fully computer confident be careful before doing anything permanent with it)

Link to comment
Share on other sites
Fox92

Fox92

Posted
Posted

Yes I had it. It was a bugger, and it used to direct me to Asian dating websites more than anything else.

Anyway, I got rid of it by formatting my hard drive.

Best of luck.

Link to comment
Share on other sites
DB11

DB11

Posted
Posted

Yes I had it. It was a bugger, and it used to direct me to Asian dating websites more than anything else.

Anyway, I got rid of it by formatting my hard drive.

Best of luck.

Bit of an extreme length to go to lol

Link to comment
Share on other sites
Fox92

Fox92

Posted
Posted

Bit of an extreme length to go to lol

Yes I know. It was getting on my nerves though and I didn't want to log into any accounts of mine, such as bank accounts and e-mail etc, so I just thought I'll get rid of it completely by formatting the hard drive. It worked though :cool:

Whatever you do don't download a 'anti virus' called Thinkpoint. It automatically downloaded, and it had the Microsoft Windows logo on and all that, on our system. It stated that Windows Task Manager was the virus and we could never open it.

Anyway, when we finally downloaded real anti-virus software (as well as the one installed), it turned out that the Thinpoint software was the actual virus.

So, yes, don't do that.

Link to comment
Share on other sites
Parafox

Parafox

Posted
  • Author
Posted

Run HijackThis (although, with all due respect, you're probably not computer-techy enough to understand how this works and what / what not to remove else you wouldn't asking for help on how to remove a virus, but I'll leave this as a point anyway)

CCleaner

MalwareBytes

Reset Internet Explorer

Full scan with anti virus software that you have (just to be safe)

Should be good to go.

Thanks DB 11 and the others who have posted very helpful advice. I did the above apart from resetting IE. I also downloaded TDSS Killer from Kaspersky and that finally restored things to a usable condition. I could use the computer again, HURRAH!! Life is normal!...

Thats when when the power supply unit blew!!! So you can see I have had a bad time with the damn thing this last week.

Took it in to be repaired, (which was a simpler task than I thought) , got it back, loaded up, Googled something and... BANG, the blue screen of death!!! My entire desktop disapeared, all the items on my secondary drive had gone and the screen was all blue . It appeared I had lost the lot. I did a few things to try to recover, I did System Restore but that just said "No changes have been made to your computer at this time" after it re-booted. I right -clicked on the screen and it had been re-set to blue background and the option to set a preference had been disabled which gave me a clue that all was not lost.

Somehow as I was frantically trying to sort it out, I stumbled onto View Folder options, I then clicked "show hidden files" and lo and behold, there they all were, everything was still there but whatever had happened had hidden my files to make it look as though they had been "stolen". All the icons and shortcuts were greyed out and I had to right-click each one to reset the "hide files/folders" option to show files.. The IE shortcut was there so I could access the internet for help. I tried to download Malware Bytes again via Google but I kept getting re-directed to a site called MajorGeeks which offers the download link for Malware Bytes. I was very suspicious of this so I didn't click on anything. The shortcuts to the malware programs I had downloaded re-appeared so i was able to run them as before

Thinking back, I remember a message box appearing saying "critical hard drive failure, your information is at risk, please re-boot now" Then a message from "Microsoft" saying the computer had a virus and that I needed to download the latest anti-virus software immediately. Then things started disappearing frm the desktop. This is now obviously a hoax message, linked to making my files "disappear". Sure enough when I ran Malware bytes again I had got 3 viruses called Trojan FakeAlert-Akrum.(in various similar names).

Sorry it's a bit long-winded but I thought it might be useful to others to beware of spurious warnings appearing to come from legitimate sources and to know not to panic and that things can be sorted if you take your time and follow a logical process.

It took a lot of worrying hours to get it all back and working normally again and so far all seems well.

Thanks again to FT members for advice because it was good advice which worked. The whole scenario wasn't helped by my tecnological naivety, though.

Link to comment
Share on other sites
DB11

DB11

Posted
Posted

Just to clarify, MajorGeeks is a legitimate site and is where you can download both MalwareBytes and HijackThis from :)

There is also a free piece of software called Hitman Pro, which is very useful :thumbup:

I say free, it's free to run scans with but as soon as it finds a rootkit, or otherwise malicious piece of malware, it will prompt you to activate a free 30 day licence, and then proceed to remove the infection. After the 30 days, then anymore rootkits you find it won't remove. Useful for a one time thing, really.

Link to comment
Share on other sites
ozleicester

ozleicester

Posted
Posted

:thumbup: good news

Hey DB11, i mentioned this elsewhere but noone seemd to know the answer and as it has some relevance to the stuff above, thought id mention it to you see if you could help at all?

When i rotate pics with windows photo viewer (windows7) the pics (files) are automatically hidden, this started a couple of weeks ago about the time i got a nasty little trojan thingo... ive googled etc but noone seems to know why windows hides them.. or how to stop it happening... have you heard about it?... know of any fixes etc?

Cheers. Oz

Link to comment
Share on other sites
DB11

DB11

Posted
Posted

:thumbup: good news

Hey DB11, i mentioned this elsewhere but noone seemd to know the answer and as it has some relevance to the stuff above, thought id mention it to you see if you could help at all?

When i rotate pics with windows photo viewer (windows7) the pics (files) are automatically hidden, this started a couple of weeks ago about the time i got a nasty little trojan thingo... ive googled etc but noone seems to know why windows hides them.. or how to stop it happening... have you heard about it?... know of any fixes etc?

Cheers. Oz

Do you have McAfee Anti Virus software installed?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...