Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirects


  • This topic is locked This topic is locked
5 replies to this topic

#1 emilearmandjoan

emilearmandjoan

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 27 April 2012 - 04:38 AM

hi guys im really struggling trying to get rid of this virus i have tried tdsskiller but it does not seem to load up on my computer i did have the smart hdd virus but i managed to get rid of this eventually with a detailed guide from this site very much appriciated btw so can you please point me in the right direction to get rid of this annoying google redirecting virus please

kind regards
scot


Hi,
i´m new in the forum as well and actual I registered to try to find some solution for your same problem.
My history was like this but I think the virus been able to install in my computer via a fake virus report from a fake windows defender that i click to quarantine, after that the SMART HDD Virus started running wile I was using Opera, (Opera was already registering troubles via a google redirecting, but never nothing before like a virus or a infected file or nothing). Everything crash, and the SMARTHDD started letting me know that i had a lot of problems in the Hard Drive, all fake. I rebooted straight away, checked my hard drive via Linux, everything was okay, come back to windows, install several Malware removers, found several infected files and erase them or quarantine them. After that only the Opera Browser kept infected or modified, when I arrived to the same point you are now, I gave up and try to recover the computer with the recovery partition to try to get it with the factory settings, BUT, the F4 key to access to the recover partition is not working, and there is no way to access to it, besides you try to assign a letter to mount via Diskpart, after you get it in the System folder via explorer, next to the C: but is not the way to boot from it or to do something practical with it. In the following link I leave some methods to bring back the grub or to try to boot it from recovery but there is no way to making it work for me, neither by the GRUB or the MBR: http://www.ubuntu-es.org/node/131505.
I hope that i´m just adding some information to this issue, I already reinstall the windows with the recovery CD but it wasn´t the same, and besides that, I still has the recovery partition there, but i´m not able to boot from it.

Sorry for my English, cheers and health for everyone.

Edited by hamluis, 27 April 2012 - 04:55 AM.
Split from different topic, moved to Am i Infected, PM sent new OP - Hamluis.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:54 AM

Posted 28 April 2012 - 09:36 AM

Hello,

I have posted on an internal forum for unbootable computers. Someone will be helping you soon.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:54 AM

Posted 28 April 2012 - 09:46 AM

:welcome:

We will need to view the system status from an external environment. You will need a USB drive and a CD to burn. There will be several steps to follow.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Next download driver.sh by noahdfear to your USB drive
  • Also Download Query.exe by noahdfear to the USB drive. In your working computer, navigate to the USB drive and click on the Query.exe. A folder and a file, query.sh, will be extracted.
  • Once this process is completed, download Dumpit by noahdfear to the USB drive.
  • Remove the USB & CD and insert them in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • In some computers you need to tap F12 and choose to boot from the CD, in others is the Esc key. Please consult your computer's documentation.
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh
  • Press Enter
  • After it has finished a report will be located on your USB drive named report.txt
  • Then type bash driver.sh -af
  • Press Enter
  • You will be prompted to input a filename.
  • Type the following:

    Winlogon.exe

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    volsnap.sys

  • Press Enter
  • If successful, the script will search for this file.
  • After it has completed the search enter the next file to be searched
  • Type the following:

    explorer.exe

  • Press Enter
  • After it has completed the search enter the next file to be searched
  • Type the following:

    Userinit.exe

  • Press Enter
  • After the search is completed type Exit and press Enter.
  • After it has finished a report will be located in the USB drive as filefind.txt
  • While still in the Open Terminal, type bash query.sh
  • Press Enter
  • After it has finished a report will be located in the USB drive as RegReport.txt
  • Close the Open Terminal.
  • Confirm that you see the file dumpit in your USB drive and double click on it.
  • After it has finished a report will be located in your USB drive named mbr.zip
  • Plug the USB back into the clean computer post the contents of the report.txt, filefind.txt and RegReport.txt in your next reply. The mbr.zip file must be attached to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:54 AM

Posted 28 April 2012 - 09:49 AM

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 emilearmandjoan

emilearmandjoan
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 21 May 2012 - 04:41 PM

Guys and girls, thank you very much for your help but i finally ended up to restore till factory state of the Samsung Laptop via a really difficult procedure, but finally successful.

Till next time, healt!

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:54 AM

Posted 21 May 2012 - 07:44 PM

Thanks for the update.
You're welcome!
I have closed this now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users