logo-dw

Go Back   Dreamweaver Club Forums > Hand Coders Forum > General
Register FAQ Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
Old 09-14-2011, 09:27 PM   #1
johnMoss
johnMoss's Avatar
 
Join Date: Dec 2010
Location: Dallas
Posts: 867
Default Google Redirect Bug

Anybody had any fun trying to get rid of this bug? Gotta client with it on their laptop. Researched it thoroughly, have tried malware bytes & the Norton eraser so far, still not fixed, and looks like I gotta go in and dig deep into the root kit for this one, and that's new territory for me. I understand also one has to change out passwords as well, but at what point? Anyone? Anyone know? Bueller, Bueller.....
__________________
LinkedIn: jM
johnMoss is offline   Reply With Quote
Old 09-15-2011, 02:49 AM   #2
edbr
edbr's Avatar
 
Join Date: Aug 2005
Location: Bali
Posts: 11,175
Default

found this on a forum

Quote:
This virus was very nasty to my computer too. We had it for about 2 weeks. I tried many of the malware removal tools (Malwarebytes, AVG, TDSS Rootkit, Housecall) even the almighty Hitman Pro that has worked for many others, but not for me.

I was ready to give up but I decided to try ComboFix, and poof, virus be gone! The culprit was the ws2_32.dll file. At first I was hesitant to use this tool because of warnings that it may render your computer to be useless of used improperly. My experience with it was a breeze. I think that it's a tool that a moderately experienced user could utilize, by just following the provided instrustions.
__________________
If you're happy and you know it shake your meds!
different style links examples

Flight / Hotel search
Free script download
Bali Villas
edbr is offline   Reply With Quote
Old 09-15-2011, 02:52 AM   #3
edbr
edbr's Avatar
 
Join Date: Aug 2005
Location: Bali
Posts: 11,175
Default

and hitman pro worked for many it seems http://www.surfright.nl/en
__________________
If you're happy and you know it shake your meds!
different style links examples

Flight / Hotel search
Free script download
Bali Villas
edbr is offline   Reply With Quote
Old 09-15-2011, 12:15 PM   #4
johnMoss
johnMoss's Avatar
 
Join Date: Dec 2010
Location: Dallas
Posts: 867
Default

I'll give that comboFix a shot. I've at least got it contained, but the searches are still compromised. I'll report back on the results...
__________________
LinkedIn: jM
johnMoss is offline   Reply With Quote
Old 09-15-2011, 02:12 PM   #5
domedia
Administrator
domedia's Avatar
 
Join Date: Dec 2003
Posts: 9,730
Default

I've got requests like that a few times.

"Hey, Mr Web Designer! You work with 'computers', right? Can you fix mine?"
domedia is offline   Reply With Quote
Old 09-15-2011, 11:19 PM   #6
johnMoss
johnMoss's Avatar
 
Join Date: Dec 2010
Location: Dallas
Posts: 867
Default

Quote:
Originally Posted by domedia View Post
I've got requests like that a few times.

"Hey, Mr Web Designer! You work with 'computers', right? Can you fix mine?"
Oh so true!
Ok here's the lowdown...
Ed, dead on the money! These guys [combofix] are a .org? I hope they make a pile a money at some point; they deserve it. I found this bug amusing only if they did such a great job of burying it. Not one of the malware programs, including the flagship Norton series, could tackle it. This ComboFix ran itself completely, following the precise path they laid out on their site. By all appearances so far the bug is destroyed. One odd thing though... (Ed, you've seen this too?)
The website instructions have it as such one should not run the program without some type of competent supervision or at the behest of one of their forum mentors. [i.e John, follow the instructions, and Jim, no snickering ]
Part of the program is to report back to the forum with the report generated. I went online & joined their forum, left a message, the moment I hit post, the computer restarted itself, and when I went to look for the log where it should be, it was gone. In fact, it's vanished from the system entirely. Very odd. Computer seems fixed though, & I've reinstalled MalwareBytes to keep an eye on it.
__________________
LinkedIn: jM
johnMoss is offline   Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:01 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Copyright 2006 DreamweaverClub.com