Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is It Just Me, or Is There a HUGE Increase in Google Redirect Infections?


  • Please log in to reply
1 reply to this topic

#1 deandome

deandome

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:56 PM

Posted 30 July 2011 - 06:05 PM

My laptop and desktop have gotten it (I think the desktop is clean, but the laptop is driving me nuts), and I think my mom might have gotten one.

Then I see a lot of posts here, so I'm wondering if this is some kind of 'epidemic' that's been hitting over the last month or so. If so, are the infections all similar, ergo, might there be a common solution?

My laptop is crazy. I have/use Avast (main anti-virus), Ad-Aware (bulky, but it seems to get a lot of stuff missed by others), Malwarebytes, Sophos Anti-Rootkit AND Spybot S&D. I'll run thru all of them, and one of them will find a trojan. I'll 'fix' it with that program, restart, and the redirects still happen. Then I'll run the gamut again, and a different trojan will be detected by a different scan...and the pattern continues.

I thought I had it licked when Avast found a trojan, then I did an Avast boot-scan coming out of that fix..but of course, it came back. Now I'm having trouble finding it with any of those scans.

I'm not looking for a fix here...I might go thru the fix-it forum, or I might just reformat. But I thought it might be interesting to discuss the increasing frequency, resiliency & severity (if any)of these infections.

Also, what exactly do these trojans DO, other than the redirecting? Seems like a helluva lotta work & effort to create & spread these things just to mess with peoples' searches. Do they steal passwords & send them back to the creators?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:56 PM

Posted 30 July 2011 - 09:22 PM

Hello. if you have SpyBots Teatimer active it may prevent fixes from the other tools.
You may have a TDDS infection,

Please follow our Removal Guide here How to remove Google Redirects. You will move to the Automated Removal Instructions

If it finds something make sure Cure is selected
Next click Continue then Reboot now
A log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

You are far from the only one with this infection. it is running rampant. It is a TDSSSERV rootkit component.


Also, what exactly do these trojans DO

This is determined by the tupe of trojan it is. See Malware
A Trojan Dropper

Dropper is a simple executable file. Its only function is to install virus into memory or attack files with a virus. Dropper is usually used by the author for sending a virus into “wild”, i.e. it is a zero virus generation. In case of polymorphic viruses the dropper in most cases does not contain a polymorphic decryptor but only the bare virus body.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users