Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspect Google Redirect Virus - Please Advise


  • Please log in to reply
3 replies to this topic

#1 Xian

Xian

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 05 November 2011 - 11:59 AM

I believe my wife's computer is infected with the Google Redirect Virus. When we launch a browser (both IE8 and Firefox were experiencing this previously, today only IE8 shows the behavior) and try to go to google.com we end up at google.co.uk or google.lt. This behavior seems to match descriptions of the Google Redirect Virus.

AVG Antirvirus is not detecting any infections.

Last weekend, *before* I read the instruction threads here or registered here, I did run Combofix (I now know this was a mistake) and it did find two infected files (winlogon.exe and explorer.exe) and replaced them with copies from the original installation backup files. The symptoms went away for about a week, but have returned today. Now that I've read the instructions here I am not going to run any tools until directed by you fine, knowledgeable folks.

OS: Windows XP SP3


Any advice/guidance would be really appreciated.

Thank you!

Edited by Xian, 05 November 2011 - 12:00 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:19 PM

Posted 05 November 2011 - 08:39 PM

With the information you have provided I believe you will need help from the malware removal team.
Please make sure that you read the information about getting started first.
Then start a new thread HERE and include or required logs.
Including a link to this thread will be helpful.

Good luck and be patient. Help is on the way!

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Xian

Xian
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 06 November 2011 - 10:18 AM

Thank you for the response. I have now opened a thread in the virus, trojan, malware forum.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:19 PM

Posted 06 November 2011 - 11:06 AM

Cool :)

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users