PDA

View Full Version : Google Redirect Bug


johnMoss
09-14-2011, 09:27 PM
Anybody had any fun trying to get rid of this bug? Gotta client with it on their laptop. Researched it thoroughly, have tried malware bytes & the Norton eraser so far, still not fixed, and looks like I gotta go in and dig deep into the root kit for this one, and that's new territory for me. I understand also one has to change out passwords as well, but at what point? Anyone? Anyone know? Bueller, Bueller..... :)

edbr
09-15-2011, 02:49 AM
found this on a forum

This virus was very nasty to my computer too. We had it for about 2 weeks. I tried many of the malware removal tools (Malwarebytes, AVG, TDSS Rootkit, Housecall) even the almighty Hitman Pro that has worked for many others, but not for me.

I was ready to give up but I decided to try ComboFix, and poof, virus be gone! The culprit was the ws2_32.dll file. At first I was hesitant to use this tool because of warnings that it may render your computer to be useless of used improperly. My experience with it was a breeze. I think that it's a tool that a moderately experienced user could utilize, by just following the provided instrustions.

edbr
09-15-2011, 02:52 AM
and hitman pro worked for many it seems http://www.surfright.nl/en

johnMoss
09-15-2011, 12:15 PM
I'll give that comboFix a shot. I've at least got it contained, but the searches are still compromised. I'll report back on the results...

domedia
09-15-2011, 02:12 PM
I've got requests like that a few times.

"Hey, Mr Web Designer! You work with 'computers', right? Can you fix mine?" ;-)

johnMoss
09-15-2011, 11:19 PM
I've got requests like that a few times.

"Hey, Mr Web Designer! You work with 'computers', right? Can you fix mine?" ;-)

Oh so true!
Ok here's the lowdown...
Ed, dead on the money! These guys [combofix] are a .org? I hope they make a pile a money at some point; they deserve it. I found this bug amusing only if they did such a great job of burying it. Not one of the malware programs, including the flagship Norton series, could tackle it. This ComboFix ran itself completely, following the precise path they laid out on their site. By all appearances so far the bug is destroyed. One odd thing though... (Ed, you've seen this too?)
The website instructions have it as such one should not run the program without some type of competent supervision or at the behest of one of their forum mentors. [i.e John, follow the instructions, and Jim, no snickering :)]
Part of the program is to report back to the forum with the report generated. I went online & joined their forum, left a message, the moment I hit post, the computer restarted itself, and when I went to look for the log where it should be, it was gone. In fact, it's vanished from the system entirely. Very odd. Computer seems fixed though, & I've reinstalled MalwareBytes to keep an eye on it.