Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The latest Google Redirect Virus baffles almost all AV programs - How to get rid of it


  • This topic is locked This topic is locked
1 reply to this topic

#1 monkapotamus

monkapotamus

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:53 AM

Posted 26 June 2011 - 02:25 PM

Just a heads up to those struggling with the google redirect virus/malware.

I have never run across a beast like this before, Once I caught it every Google, Bing or Yahoo search would be redirected to a bunch of low rent ad sites. I finally wound up using Altavista search, which I suppose is such a minor search engine player they didn't bother hijacking it.

NOTHING would even detect it. Not Nortons, Kasperky, Super AV, Malware Bytes, etc. etc. I went through the whole PC Magazine list of top rated 2011 AV packages. There was a prior Google virus that Nortons and Kaspersky had made standalone removal tools for (Norton Power Eraser and TDSSkiller respectively), but these did not even detect the virus. Hijack this showed nothing suspicious.

I spent days on this problem. In using Altavista I finally sussed that it was a rootkit virus of some kind, and I finally came across this odd little anti-malware rootkit detector package (link below) called RegRun 6.9. The instructions had imperfect grammar, but by God it worked! It looked at the dlls and flagged a suspicious one and that was it. It worked where everything else had failed.

http://www.regrunreanimator.com/security/

Edited by monkapotamus, 26 June 2011 - 02:25 PM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:53 AM

Posted 08 July 2011 - 08:23 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users