The "google redirect virus"

In a recent thread we talked about the google redirect virus, and i promised to update everyone on new or better methods to remove this virus, so here it is.

As a computer tech and virus removal expert, it is my job to safely remove viruses from my clients computers while also protecting their information, so I have been working for months on the google redirect virus and have finally came up with a gauranteed removal method.

First, you must know about the google redirect virus and exactly what it does to your computer and how.


How the "google redirect virus" infects your computer

The google redirect virus is a "bootkit virus" which hides itself in both system restore, and your system rootkit, making it virtually undetected by most antivirus software. Even the ones that pick it up and say they remove it dont, it still comes back.

Symptoms of the "google redirect virus"

1: Directs most searches to malicious websites

2: Slows your computer down

3: Gets on your damn nerves lol

Steps to remove the "google redirect virus"

1: Restart your computer in "safe mode with networking"

2: Download "malwarebytes" from here http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol;1 and run it to remove as many files as possible

3: Download "ccleaner" from here http://www.filehippo.com/download_ccleaner and run both the cleaner and registry fix

4: Run your normal antivirus software

5: Turn off all antivirus software currently running

6: Download "combofix" from here http://www.bleepingcomputer.com/download/anti-virus/combofix
Run "combofix" and let it do its magic

7: Restart back into safemode and repeat steps 1-4

8: Restart in normal windows and repeat steps 1-4 again

9: Run a google search and see if it is fixed

10: Your done!


Conclusion

The reason for repeating these steps, is that you want to be more aggressive than the virus itself. It is quite possible that the virus will be gone way before step 8, but its better to be safe than sorry and have to start all over again. I have used this method several times lately and it has worked every single time. I also set it up so you can come directly to this page and click on all of the right links to download (since obviously google searches will be re-directed) So even if you do not have the virus now, it wouldnt be a bad idea to bookmark this thread for future easy access. Hope this helps many of you and for those who have been waiting, thanks for the patients. If anyone needs further help with this virus or any other virus removal, feel free to pm me and i will help as much as possible. Thanks

You say you are an "Expert"...but,

The site you are directing people to is "Not an official ComboFix download site. It Links to spywarecease.com and other rouges"


The official place to safely download ComboFix is:

Code:

http://bleepingcomputer.com/combofix/how-to-use-combofix

READ:

Code:

http://www.mywot.com/en/scorecard/combofix.org

Originally Posted by raidel21

You say you are an "Expert"...but,

The site you are directing people to is "Not an official ComboFix download site. It Links to spywarecease.com and other rouges"


The official place to safely download ComboFix is:

Code:

http://bleepingcomputer.com/combofix/how-to-use-combofix

READ:

Code:

http://www.mywot.com/en/scorecard/combofix.org

Actually you are 100% wrong lol, actually it only redirected to the site you just posted, but I changed that anyways. so it should be right now

Originally Posted by $$Money$$

or you can open up msconfig, delete the registry key, and delete the file that its pointing to..

Its not as easy as that.... trust me. Other viruses can be removed that way, but not this one. Its not only in the registry.

Originally Posted by Bartman

you are making it too complicated. download and burn AVG rescue cd as an iso image. insert cd. restart computer. done.

Yea.... not that easy, tried it..... didnt work.

There are two possible causes of the "Google redirect virus" (Bing, Yahoo as well) at this moment: TDSS rootkit and Cycbot. If it's a rootkit from the TDSS family then you shoud use TDSSKiller from Kaspersky lab.
If it's not TDSS then you will have to use Hitman Pro or Combofix. Also, you should check LAN and router settings.

thanks for the mini guide and recommended programs 2011nfl.

for the guys that keep suggesting simple steps, those might work for some viruses but most of the time it takes a lot more than just editing a couple entries in the registry. I have people bring me their pc because they got a virus and many times they are pretty insidious. If you try some simple solution as suggested by $$Money$$ or Bartman you might get lucky, but usually the virus is just going to come right back again. The guys making the viruses are aware of those simple solutions and will usually make the virus circumvent those possibilities.

Along with ideas and suggestions on how to get rid of viruses, I'm also looking for some information on what would be the best AVS to load on other peoples computers. I've been loading AVG for them, but I noticed that caused me a bunch of problems with running malewarebytes and combofix. They really don't like AVG.

This is for other peoples computers that are fairly computer illiterate. So it needs to be something free, that won't expire due to a subscription. Updates regularly etc. Basically the same thing as AVG free version. I was considering either sticking with giving out AVG or maybe switching to AVAST, but I'm wanting to know if there is something even better now.

Anyone have any better recommendations for FREE antivirus software?

Originally Posted by GreyWolf

This is for other peoples computers that are fairly computer illiterate. So it needs to be something free, that won't expire due to a subscription. Updates regularly etc. Basically the same thing as AVG free version. I was considering either sticking with giving out AVG or maybe switching to AVAST, but I'm wanting to know if there is something even better now.

Anyone have any better recommendations for FREE antivirus software?

As far as free antivirus software goes I have found Avira to be slightly better then Avast or AVG. Easy to use, updates regularly without any user interaction, doesn't consume alot of resources, free to use and doesn't require registration. Higher detection rates with Avira (really high if you want) but on the other hand that means more false positives. Just make sure you google how to disable the annoying nagware popups if you decide to use it

Originally Posted by GreyWolf

thanks for the mini guide and recommended programs 2011nfl.

for the guys that keep suggesting simple steps, those might work for some viruses but most of the time it takes a lot more than just editing a couple entries in the registry. I have people bring me their pc because they got a virus and many times they are pretty insidious. If you try some simple solution as suggested by $$Money$$ or Bartman you might get lucky, but usually the virus is just going to come right back again. The guys making the viruses are aware of those simple solutions and will usually make the virus circumvent those possibilities.

Along with ideas and suggestions on how to get rid of viruses, I'm also looking for some information on what would be the best AVS to load on other peoples computers. I've been loading AVG for them, but I noticed that caused me a bunch of problems with running malewarebytes and combofix. They really don't like AVG.

This is for other peoples computers that are fairly computer illiterate. So it needs to be something free, that won't expire due to a subscription. Updates regularly etc. Basically the same thing as AVG free version. I was considering either sticking with giving out AVG or maybe switching to AVAST, but I'm wanting to know if there is something even better now.

Anyone have any better recommendations for FREE antivirus software?

Originally Posted by Grizzy

As far as free antivirus software goes I have found Avira to be slightly better then Avast or AVG. Easy to use, updates regularly without any user interaction, doesn't consume alot of resources, free to use and doesn't require registration. Higher detection rates with Avira (really high if you want) but on the other hand that means more false positives. Just make sure you google how to disable the annoying nagware popups if you decide to use it

I agree with grizzy, avast and avg are both ok, but avira is a little better. But i would like to add that, for a small price, the best one I have found is malwarebytes full antivirus version. They sell lifetime product keys for $25 on their site, but my business partner buys in bulk and sells them to me for $15 each. So if anyone wants to try malwarebytes antivirus, I can see if he will sell them to you all for the same price. Im also doing taxes right now so im not gonna be on too much, but anyone can pm me and I will get back with you when I come back on. Also with that being said, anyone in dallas, come to me to get your taxes done, or if you know anyone in dallas and you refer them you will get $25 referral... Hmm that might be a good market for someone lol