Google Redirect Virus

sonar

Well-Known Member
Does anyone know how to get rid of that thing once and for all. I got it several times now and each time I had to do a system restore. For some reason though, this time the system restore (went back a month) didn't work.

I've tried everything. TDSS Killer is suppose to get rid of it, but it doesn't work for me. It's such a pain in the ass! If I can't get rid of it this time I am going to have to backup all my important files and reinstall windows.
 

RyanTheRhino

Well-Known Member
Does anyone know how to get rid of that thing once and for all. I got it several times now and each time I had to do a system restore. For some reason though, this time the system restore (went back a month) didn't work.

I've tried everything. TDSS Killer is suppose to get rid of it, but it doesn't work for me. It's such a pain in the ass! If I can't get rid of it this time I am going to have to backup all my important files and reinstall windows.

yea a smart virus will embed itself in the windows registry. So a system restore will pass over it because wiping out that file will corrupt the operating system.

If you have a saved disk image of try that. it is a step further then restore, but you may lose a lot of files.
 

sunni

Administrator
Staff member
pretty sure you would have to go into the registry adn delete form there system restore doesnt work
 

RyanTheRhino

Well-Known Member
for windows 7
search "regedit" from the task bar

look for anything unusual, i cant really say exactly where to look but start with the window programs since system restore didn't work.
 

Nutes and Nugs

Well-Known Member
Not sure what browser you are using but check to make sure your internet settings aren't using a proxy and your hosts file is clean.
 

zVice

Active Member
Try removing it in safe mode
alternatively just do a windows system restore, it will revert only system files
 

Figong

Well-Known Member
Just did a bit more research, and there is another that's very similar, yet signatures don't match for the TDSS killer to clean it... here are the manual removal instructions so you can peek at a few things related to a Cycbot infection: http://www.2-viruses.com/remove-cycbot

If you peek in the registry and find either of these:

Code:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\"load" = "%Temp%\dwm.exe"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\"ProxyServer" = "http=127.0.0.1:50370"
It's definitely a Cycbot infection at that point.
 

sonar

Well-Known Member
Thanks guys. The first 3 or 4 times I picked it up the system restore did work, but for some reason this time around it didn't. Going to check out some of those links. The first time I got it when TDSS Killer didn't work, I found a youtube video on how to manually remove it. That didn't work either. I don't think I was ableto find the file to remove. I don't know where the hell I keep picking this up at.
 

Figong

Well-Known Member
Thanks guys. The first 3 or 4 times I picked it up the system restore did work, but for some reason this time around it didn't. Going to check out some of those links. The first time I got it when TDSS Killer didn't work, I found a youtube video on how to manually remove it. That didn't work either. I don't think I was ableto find the file to remove. I don't know where the hell I keep picking this up at.
If its in system/os file directories...it may be set hidden.
 

sonar

Well-Known Member
If its in system/os file directories...it may be set hidden.
Yeah it was a few months ago, but I remember the video had me go in and make all the drivers or whatever visible. He said it would be a really long string of random letters/numbrs, but I couldn't find it.
 

ClaytonBigsby

Well-Known Member
Ohhhh, I got that once. Reminded me of my trip to Bangkok, when I got home I kept, sorry, nevermind. It is very frustrating. I backed up everything and reformatted my HD. I like to do that occassionally anyway. Keeps everything working faster.
 

sonar

Well-Known Member
Still no luck. Think I am just going to format the HD and reinstall windows. I'm probably due for a format anyway.
 
Top