1. Name Calling or general rude behavior is no longer acceptable in the Cafe, We are adults which means that we should be able to debate without resorting to name calling. Warnings will be given out if users fail to act appropriately.

Google Redirect Virus

Discussion in 'Toke N Talk' started by sonar, Mar 15, 2013.

  1.  
    sonar

    sonar Outdoor Moderator

    Does anyone know how to get rid of that thing once and for all. I got it several times now and each time I had to do a system restore. For some reason though, this time the system restore (went back a month) didn't work.

    I've tried everything. TDSS Killer is suppose to get rid of it, but it doesn't work for me. It's such a pain in the ass! If I can't get rid of it this time I am going to have to backup all my important files and reinstall windows.
  2.  
    RyanTheRhino

    RyanTheRhino Math Mod


    yea a smart virus will embed itself in the windows registry. So a system restore will pass over it because wiping out that file will corrupt the operating system.

    If you have a saved disk image of try that. it is a step further then restore, but you may lose a lot of files.
  3.  
    sunni

    sunni Global Mod Staff Member

    pretty sure you would have to go into the registry adn delete form there system restore doesnt work
  4.  
    RyanTheRhino

    RyanTheRhino Math Mod

    for windows 7
    search "regedit" from the task bar

    look for anything unusual, i cant really say exactly where to look but start with the window programs since system restore didn't work.
  5.  
    RyanTheRhino

    RyanTheRhino Math Mod

  6.  
    Figong

    Figong Well-Known Member

  7.  
    Nutes and Nugs

    Nutes and Nugs Well-Known Member

    Not sure what browser you are using but check to make sure your internet settings aren't using a proxy and your hosts file is clean.
  8.  
    RyanTheRhino

    RyanTheRhino Math Mod

  9.  
    zVice

    zVice Active Member

    Try removing it in safe mode
    alternatively just do a windows system restore, it will revert only system files
  10.  
    Figong

    Figong Well-Known Member

    Just did a bit more research, and there is another that's very similar, yet signatures don't match for the TDSS killer to clean it... here are the manual removal instructions so you can peek at a few things related to a Cycbot infection: http://www.2-viruses.com/remove-cycbot

    If you peek in the registry and find either of these:

    Code:
    HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\"load" = "%Temp%\dwm.exe"
    
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\"ProxyServer" = "http=127.0.0.1:50370"
    
    
    It's definitely a Cycbot infection at that point.
  11.  
    sonar

    sonar Outdoor Moderator

    Thanks guys. The first 3 or 4 times I picked it up the system restore did work, but for some reason this time around it didn't. Going to check out some of those links. The first time I got it when TDSS Killer didn't work, I found a youtube video on how to manually remove it. That didn't work either. I don't think I was ableto find the file to remove. I don't know where the hell I keep picking this up at.
  12.  
    Figong

    Figong Well-Known Member

    If its in system/os file directories...it may be set hidden.
  13.  
    sonar

    sonar Outdoor Moderator

    Yeah it was a few months ago, but I remember the video had me go in and make all the drivers or whatever visible. He said it would be a really long string of random letters/numbrs, but I couldn't find it.
  14.  
    ClaytonBigsby

    ClaytonBigsby Well-Known Member

    Ohhhh, I got that once. Reminded me of my trip to Bangkok, when I got home I kept, sorry, nevermind. It is very frustrating. I backed up everything and reformatted my HD. I like to do that occassionally anyway. Keeps everything working faster.
  15.  
    see4

    see4 Well-Known Member

    Buy a Mac. Or stop visiting porn sites. :-P
  16.  
    Tragic420

    Tragic420 Active Member

    what does the virus do ? and how do u know if u have it ?
  17.  
    sonar

    sonar Outdoor Moderator

    Still no luck. Think I am just going to format the HD and reinstall windows. I'm probably due for a format anyway.

Share This Page