Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect/Firefox Hijack solved (hopefully)


  • Please log in to reply
1 reply to this topic

#1 victwin

victwin

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:59 AM

Posted 05 January 2010 - 07:14 AM

Hello all,

This is my first post and if luck holds maybe my last. I'm posting here and on a few other tech forums to spread this solution around as it seems a good amount of people have been hit by this problem.

About a week or so ago I got hit by the rootkit rle822x problem. This is when you do a search using Google (in my case with Firefox) and find a number of results. Upon clicking on any one of the results you are then redirected to rle822x.com and eventually get to another list of results or even a website that had nothing to do with the Google result you first clicked on.

I originally had the McAfee suite installed and it didn't prevent this virus/spyware/whatever from getting onto my system. I then downloaded, updated, and ran Spybot and Malwarebyte's Anti-Malware with no effect on rle822x (though they did identify and stop a couple of other spyware programs). I eventually downloaded and paid for Spyware Doctor. This program at least helped neutralize some of the symptoms of rle822x by at least blocking the redirects. In spite of several full scans using Spyware Doctor I still couldn't clean my machine.

I finally came across this guy's blog and his successfull cure using ComboFix:

http://nickyt.org/?p=300

I then did a search on ComboFix and came up with this helpful tutorial on this very site:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

I followed the tutorial step by step. ComboFix found a rootkit and took care of it. This seems to be the source of the problem. My computer now seems to be running fine. I know that ComboFix isn't a commercial app and even pops up several disclaimers when it runs. But it did the trick on my machine so I would recommend it highly. It's been the only thing that seems to have taken care of the rle822x problem. I have since donated to the tutorial author's paypal account. Thank you very much and please PM me if you have any questions.

BC AdBot (Login to Remove)

 


#2 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:03:59 AM

Posted 05 January 2010 - 03:28 PM

Hello victwin and :thumbsup: to BleepingComputer

I am very glad to hear that your malware problems have been resolved.

You made brief mention in your post, but I wanted to provide the following warning for the benefit of others who may read this thread.

ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. When CF is run without trained assistance, it can no longer be considered a "safe" tool. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

You may find this topic to be helpful - ComboFix usage, Questions, Help? - Look here

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users