1. This forum section is a read-only archive which contains old newsgroup posts. If you wish to post a query, please do so in one of our main forum sections (here). This way you will get a faster, better response from the members on Motherboard Point.

Google Redirect virus

Discussion in 'IBM Thinkpad' started by Mike Y, Mar 23, 2012.

  1. Mike Y

    Mike Y Guest

    I have one machine that was running AVG instead of Avast, and it got nailed
    by the google redirect virus.

    And this machine NEVER was used to browse the web except for 'business' use.
    I think I picked up the virus from a corporate data site for a chip I wanted
    to use.

    Anyway, I can't get the thing out.

    I see lots of software to take it out but it's all from last summer or
    earlier. TDSSKiller and others say no infection found.

    I even installed Avast WITH AVG and ran a boot scan. Avast found 14 things
    that were 'laying in wait' for me on the drive that AVG had let through, but
    even it didn't find what is causing this google redirect.

    Ok, you can use ANY browser (I've use IE and Chrome, the same) and they work
    fine. Go to google.com to do a google search and it will do the search.
    Only symptom here is it doesn't 'auto fill' and change the screen, it waits
    till you hit enter for the search. The search runs fine, and finds what you
    want. But every clickable link goes to an ad page. If you cut and paste
    the link, it works there find. But doing a mouseover of the link shows that
    it always goes to this hacked google web page with a /go?nnnnnn at the end
    where the redirect happens.

    I've put wildcard blocks on the common redirects which sorta works. At
    least, it blocks the ad pages sometimes, but they rotate to new all the

    Any ideas
    Mike Y, Mar 23, 2012
    1. Advertisements

  2. Mike Y

    Jim Guest

    Run MalwareBytes on the machine.

    Jim, Mar 23, 2012
    1. Advertisements

  3. Mike Y

    Mike Y Guest

    Been there, done that. And Avast. And AVG. And Spybot. This sucker is

    I went into the network security where you set restricted sites and found
    that if you put this in the restricted list

    http : / / www dot google dot com slash go *

    it will block the corruption and google search now works. However, anytime
    you try to use google search it always comes up with a warning screen. But
    now the search links are clickable

    Kinda pisses me off, as this came right through AVG. Avast was bitching at
    me the last few days about somes sites, but nothing has gotten through.
    Avast may not be able to take it out, but at least it didn't let it in!

    Oh, I installed Avast as a '2nd line of defense' with AVG, then did a boot
    scan. Avast found 14 things in old data that AVG didn't blip at all about.
    Mike Y, Mar 23, 2012
  4. You might look at your hosts file - on XP in
    and see it it's been corrupted.
    Marc Auslander, Mar 23, 2012
  5. Mike Y

    Mike Y Guest

    I'll have to check that... I'm not at the system right now, and won't be
    till Monday morning.

    But I'm somewhat sure that was one of the things the IT guy looked at after
    I gave up.

    Mike Y, Mar 23, 2012
  6. In addition to what Jim suggested, try SuperAntiSpyware. If that doesn't
    get it, check your HOSTS file. Hijack This! also works pretty well. Good
    Tom Rutherford, Mar 23, 2012
  7. Mike Y

    Mike Y Guest

    That was part of it!

    I had an SVN redirect in there and it corrupted that. And the previous
    version of the hosts file was also modified.

    But I fixed the hosts file. Then put the IP addresses that it put in the
    file into my restricted sites with a wild card, and took out the google site
    with the /go?nnnn and everything seemed to work fine.

    Don't know how we missed that.

    Mike Y, Mar 27, 2012
  8. Mike Y

    smilesarah Guest

    I think you need a powerful antivirus software,there is a series of Norton 360. It can help you to detect thousands of known or unknown virus. When you turn on the computer ,the automatic protection will be resident in the System Tray. While you get some files from the disk ,Internet or E-mail,it will automatically detect the safety of all documents. If the file contains the virus ,then it would immediately give you a warning,and appropriate handle them.
    Here is the website:http://www.antivirusprice.co.uk/
    smilesarah, Sep 24, 2012
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.