Google redirect virus

**pskelley** · 2008-11-13, 02:05

Thanks for returning your information and the feedback, please understand that we have a way to go to resolve all of your issues, both malware and not malware.
The next step is very time consuming and I will be morning before I can do this. I have been at this since early AM and prefer not to do complex fixes when I am tired and prone to error. I will psot the results of the uninstall list, that will give you something to work on tonight if you wish.

Uninstall list: I look for malware and security issues and will not know all of your programs, but you should.

Hackers are using out of date programs to infect folks more and more,
Here is a small free tool that lets you know when something needs an update if you are interested: https://psi.secunia.com/ While PSI runs in the System Tray for realtime notifications, I personally prefer to turn it off in MSConfig and run it from All Programs when I want to do a check.

Adobe Reader 7.0.8 <<< out of date and unsafe, see this:
http://news.cnet.com/8301-1009_3-100...ml?tag=nl.e433
http://www.filehippo.com/download_adobe_reader/

Java 2 Runtime Environment, SE v1.4.2_03
Java 2 Runtime Environment, SE v1.4.2_06
VERY BADLY out of date and likely why you are infected, see this:
http://forums.spybot.info/showpost.p...80&postcount=2
Be aware of this information so you can opt out of anything you do not want.
Microsoft Does MSN Toolbar Distribution Deal With Java:
http://searchengineland.com/microsof...java-15413.php

We have found these very old versions are hard to remove, that being the case, this tool will help.
http://www.majorgeeks.com/JavaRa_d5967.html

Viewpoint Media Player <<< I suggest uninstalling this:
For your information, Viewpoint is installed by aol probably without your knowledge. I suggest you uninstall this resource waster in Add Remove programs.
http://www.greatis.com/appdata/u/v/viewmgr.exe.htm
http://www.spywareinfo.com/newslette....php#viewpoint
http://www.clickz.com/news/article.php/3561546

and we can run Smitfraudfix to remove what it found, follow these directions carefully.

Clean:
Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
Double-click SmitfraudFix.exe
Select 2 and hit Enter to delete infected files.
You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt

Optional:
To restore Trusted and Restricted site zone, select 3 and hit Enter.
You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone.
Note, if you use SpywareBlaster and/or IE-SPYAD, it will be necessary to re-install the protection both afford. For SpywareBlaster, run the program and re-protect all items. For IE-SPYAD, run the batch file and reinstall the protection.

Post the C:\rapport.txt

The next step will be posted in the AM EST.

Thanks

Thread: Google redirect virus

Thread Tools

Display

Threaded View

Tags for this Thread

Posting Permissions