Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirection


  • Please log in to reply
5 replies to this topic

#1 Russ Fosberg

Russ Fosberg

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 01 July 2010 - 07:34 AM

I have a laptop user that is infected with a Google redirection virus. We have Trend running as our Anti-Virus and I use Malwarebytes to clean the computers when Trend can not find it.

Malwarebytes found about 37 entries and I quarantened them. But we still get the redirection.

I have tried running in safe mode with networking and perform the scan but it finds nothing.

I downloaded Combofix but I have not ran that yet.

Would like to know what steps I should try next.

Thank you for any assistance you can provide

Russ

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:21 AM

Posted 04 July 2010 - 05:27 PM

Try this:

http://www.bleepingcomputer.com/virus-remo...sing-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 Russ Fosberg

Russ Fosberg
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 13 July 2010 - 03:38 PM

I downloaded and ran the tdskiller and it ran through all of it's scans and found nothing.

Google Redirect is still happening.

Please advise which tool I should try next.

Thank You

Russell Fosberg

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:21 AM

Posted 13 July 2010 - 06:34 PM

Go Start > Run > type: "cmd" In the window that appears type: "ipconfig /flushdns". Close the command box.

Please download HostsXpert 4.3
  • Extract (unzip) HostsXpert.zip to a permanent folder on your hard drive such as C:\HostsXpert
  • Double-click HostsXpert.exe to run the program.
  • Click "Restore MS Hosts File".
  • Click OK at the confirmation box.
  • Click "Make ReadOnly?".
  • Click the X to exit the program.
-- Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

Also reset your router if you have one.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 Russ Fosberg

Russ Fosberg
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 20 July 2010 - 08:56 AM

Host file is now read only. It was the standard host file. I am still getting the redirection issue. To make matters worse it happens only some of the times and not all of the time. Please advise next area to look at.

#6 Russ Fosberg

Russ Fosberg
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 20 July 2010 - 09:53 AM

I tried Hitman Pro and it appears to have found a system file that was infected so hopefully that solves my problem.

Thank You for all of the assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users