Google redirect virus
in [Freeware]
|
From: David H. Lipman on 1 Aug 2010 21:06 From: "Johnw" <johnmattmel(a)gmail.com> | David H. Lipman presented the following explanation : >> If you had a TDSS (aka; TDL3) infection then you had a RootKit which was not >> a virus, it is a trojan. | The key words in the op's inquiry are > Google redirect. | Here is one definition of rootkit, more here. | http://www.google.com.au/search?hl=en&defl=en&q=define:Rootkit&sa=X&ei= | FhFWTLa2NsS3ceTRiMAM&ved=0CBQQkAE | http://www.wisegeek.com/what-is-a-rootkit.htm | A RootKit is a virus that embeds itself (either through Hardware or | Software) in the system, and doesn�t come out with your usual | Anti-Virus/Anti-Spyware. It also blocks almost every anti-spyware, | anti-virus and the like. | What is Google search rdirect virus and how to remove it? | http://www.troublefixers.com/remove-virus-which-redirects-to-gogooglecom-gogooglecom- | redirect-virus-removal-tool-for-windows/ As for "Google redirect" there are tons of malware that can redirect Google. Everthing from DNSChangers to those that mod the etc/hosts file. As for "A RootKit is a virus " that is COMPLETELY FALSE. A RootKit is malware that gains very low level access to the OS Kernel such that it has Root Level control. RootKits are not viruses as they do not self replicate and need assistance for an infection vector and they certainly don't embed themselves in hardware. The term RootKit is concatennation of terms referring the Unix concept of Root Access and Kit as being a utility or administrative tool. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Neeter on 2 Aug 2010 18:49 Hi There, I just fixed a guys computer that had that same issue. It took me a lot of trial and error to figure it out. If it is the same thing on his computer, there was a hidden hosts file. I had to show all hidden files in the c:\windows\system32\drivers\etc\ folder. So no matter how many times I thought I had fixed the problem, I was only editing the hosts file that I could see. I hope this helps you! Neeter > I have got AVG installed and still infected with this virus. > Now the hibernation doesn't work too. What is the quickest > way to remove the virus? > > /Why Tea
From: David H. Lipman on 2 Aug 2010 19:16 From: "Neeter" <neeter(a)gmx.com> | Hi There, | I just fixed a guys computer that had that same issue. It took me a lot | of trial and error to figure it out. If it is the same thing on his | computer, there was a hidden hosts file. I had to show all hidden files | in the c:\windows\system32\drivers\etc\ folder. So no matter how many | times I thought I had fixed the problem, I was only editing the hosts | file that I could see. I hope this helps you! | Neeter If there were two hosts files where one was hidden and the other being.. c:\windows\system32\drivers\etc\hosts was not hidden then the registry was modified and you need to look at... HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters "DataBasePath" should point to the real 'hosts' file. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Why Tea on 2 Aug 2010 20:35
On Aug 3, 8:49 am, Neeter <nee...(a)gmx.com> wrote: > Hi There, > I just fixed a guys computer that had that same issue. It took me a lot > of trial and error to figure it out. If it is the same thing on his > computer, there was a hidden hosts file. I had to show all hidden files > in the c:\windows\system32\drivers\etc\ folder. So no matter how many > times I thought I had fixed the problem, I was only editing the hosts > file that I could see. I hope this helps you! > Neeter > I thought I had mentioned my problem had been fixed :) Not sure if the problems are the same as I didn't have to delete any hidden host file. Just went through the directory you mentioned and found nothing there. |