Thread: A Few Questions

First off, I don't know if any of ya'll have ever heard of this "Google Redirect Virus" that's going around, but it just barreled up my computer's ass like a freight train. For those who haven't heard of it, its a virus that hides in your registry and hijacks your Google searches, sending you to fake websites with autorun programs that pile on more and more spyware, malware, backdoors and other nasty shit. I have spent literally all night following every single tutorial on how to manually remove this damn thing and have run so many anti-virus, anti-spyware, anti-malware, anti-adware, and anti-rootkit programs that my heads about to explode. Let me just break it down: I have used AVG, Avast!, Avira, Microsoft Security Essentials, TDSSkiller, FixTDSSkiller, ComboFix, Malewarebytes, SUPERAntimalware....and the list goes on. Yet, this thing is dug in like some kind of mutant tick! Not one of those programs was able to detect let alone neutralize the virus. So, after spending all night punching a brick wall, it seems that the only option left is a complete hard drive partition and OS reinstall. That doesn't bother me as much as it used to since I have all my games and important stuff backed up. Plus my computer could probably use a fresh start. Anyway, what I wanted to ask you IT guys is, when I get everything up and running again, what programs (preferably free) would ya'll recommend to keep this from reoccurring? I've read I don't know how many articles on this question, but I would rather get opinions from people I actually trust. Any ideas are greatly appreciated.


Cleric

Being aware of the fact that you are going to a site that may not be trustworthy is the best way to prevent this. Anti-virus software is mostly reactive, not proactive in the sense that if I wrote a virus today that had no similar signatures to any previous viruses, AV wouldn't detect it until the AV company updates their software.

I personally use avast! Free Antivirus | Download Antivirus Protection Software the Internet Security version of Avast. It can be a bit annoying for me because I'm a power user but its still good in my opinion. The best feature of it for you may be the sandboxing, if it actually works lol, and the rating system it does for websites.

OpenDNS might prevent you from inadvertently going to a malicious site; I've used it for years with good results.

OpenDNS - Cloud Internet Security and DNS

Did you do a system restore? I have had some nasties before and I was able to restore to an earlier point, ridding of the virus. Prior to the restore, it wouldn't even let me open Microsoft Security Essentials.

If all else fails, back up your files and nuke it!

On my home PC, I use AVG Free. But as it has been mentioned, AV is always reactive. For proactively make sure you are always up on security patches for Windows and all the programs you use. Java, Flash, and third party browsers are particularly important to keep up with. Patching usually plugs holes before they can be exploited. Finally, watch what you click on. Patched IE9, Firefox, and Chrome are all solid, but if you tell them to go to a questionable site or to open a suspicious file, bad things are going to happen.

Sent from the land of bier and bretzels on my Galaxy S3 using Tapatalk

I use MSE.

Boot to safemode. Run Malwarebyes. Run Spybot S&D. Run your AV.

Well its all done. Formatted with a new install. Now its just the grind of getting everything back that i need. It did the trick though...no mas virus and my rig is finally performing like it should. Yeah HeavyG, i did a system restore to way before i noticed the problem and it was still there. Apparently it can latch on to any registery file it wants to, even a previous system restore point. It can even delete system restore points in some cases. I did that too White. Ran in safemode and ran Malwarebytes and Avast (i think). Didn't do anything....well it did find a couple of other trojans, but not the one i had. I even did the same step 2 more times with different programs. Like i said.....sucker was dug in good lol.

Just install AdBlock and No Script (disable for TPG), and don't go to those second hand meme sites.

Originally Posted by Gumby

On my home PC, I use AVG Free. But as it has been mentioned, AV is always reactive. For proactively make sure you are always up on security patches for Windows and all the programs you use. Java, Flash, and third party browsers are particularly important to keep up with. Patching usually plugs holes before they can be exploited. Finally, watch what you click on. Patched IE9, Firefox, and Chrome are all solid, but if you tell them to go to a questionable site or to open a suspicious file, bad things are going to happen.

Sent from the land of bier and bretzels on my Galaxy S3 using Tapatalk

The best way I've found to keep these potential security holes patched is by installing Secunia Personal Software Inspector (PSI):
Free Computer Security - Personal Software Inspector