Google Search Results Redirect Virus

Discussion in 'Computer Games and General Discussion' started by MissingNo._, Jul 29, 2010.

Jul 29, 2010
  1. MissingNo._
    OP

    Member MissingNo._ aka MissingNoL

    Joined:
    Apr 12, 2009
    Messages:
    748
    Location:
    Greater Bay Area, California
    Country:
    United States
    The topic says almost all of it.
    When I click on a search result that comes from Google or most other search websites, it redirects me with a results5.google.com website as the redirection 'tube'.
    Some sites that are in any way affilated with Google have random pop-ups that occur often.

    I've heard of this in 2001 or 2000, and I'm not sure how to start looking for a cure to this virus.
    Can anyone help?
     


  2. Hakoda

    Member Hakoda GBAtemp Addict

    Joined:
    Feb 2, 2008
    Messages:
    2,133
    Location:
    San Jose, CA
    Country:
    United States
    Find your Hosts file which can be located in C:\Windows\system32\drivers\etc. Open it in notepad (open it as an admin if your in Vista or 7). Remove everything that's not this:

    [​IMG]

    Save it and set the hosts file as Read-Only.
     
  3. DeliciousRice

    Newcomer DeliciousRice Newbie

    Joined:
    Jul 29, 2010
    Messages:
    6
    Location:
    Cardboard Box
    Country:
    United States
  4. MissingNo._
    OP

    Member MissingNo._ aka MissingNoL

    Joined:
    Apr 12, 2009
    Messages:
    748
    Location:
    Greater Bay Area, California
    Country:
    United States
    @DeliciousRice: Failed

    @Hakoda: I cannot figure out how to open it as an admin.
    I opened it, though. It had an IP address that wasn't after a #. I deleted it, but I couldn't save the file. I needed to be an admin, I think.
     
  5. Tanas

    Member Tanas GBAtemp Addict

    Joined:
    Aug 19, 2006
    Messages:
    2,258
    Country:
    United Kingdom
  6. Hakoda

    Member Hakoda GBAtemp Addict

    Joined:
    Feb 2, 2008
    Messages:
    2,133
    Location:
    San Jose, CA
    Country:
    United States
    Go to Start --> All Programs --> Right-click on Notepad --> Run as Admin. In notepad, click Open --> Navigate to the Hosts file --> Set to view all file types in the small drop-down menu --> Open Hosts
     
  7. DeliciousRice

    Newcomer DeliciousRice Newbie

    Joined:
    Jul 29, 2010
    Messages:
    6
    Location:
    Cardboard Box
    Country:
    United States
    Oh! Sorry, wrong program. I meant to post this link:
    http://jpshortstuff.247fixes.com/GooredFix.exe

    Instructions:
    * Ensure all Firefox windows are closed.
    * To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
    * When prompted to run the scan, click Yes.
    * It doesn't take long to run, once it is finished move onto the next step

    (Next step would have been to use the thing I posted earlier, so just ignore the last step above)
     
  8. MissingNo._
    OP

    Member MissingNo._ aka MissingNoL

    Joined:
    Apr 12, 2009
    Messages:
    748
    Location:
    Greater Bay Area, California
    Country:
    United States
    It has appeared to work, yet I didn't restart my computer yet.
    And it does it only sometimes.
    I'll post back here if I experience it still. After a good reboot.
     
  9. MissingNo._
    OP

    Member MissingNo._ aka MissingNoL

    Joined:
    Apr 12, 2009
    Messages:
    748
    Location:
    Greater Bay Area, California
    Country:
    United States
    It appears to be doing it with Yahoo! Google is fine.

    EDIT: I mean Yahoo! is having a problem, but Google isn't.

    EDIT 2: Scratch that. It's having all of the same problems again.

    EDIT 3:
    @DeliciousRice: TDSSKiller: Failed
    @Hakoda: Failed
     
  10. I2aven's_Sag

    Member I2aven's_Sag GBATemp Otaku

    Joined:
    Sep 13, 2009
    Messages:
    726
    Location:
    Northern Virginia
    Country:
    United States
    Programs to try:

    Spyware:
    Spybot Search and Destroy
    Adaware SE (Adware).

    Malware
    Malwarebytes Anti-Malware
    Super Anti-Spyware (or similar).

    Malwarebytes has saved my butt plenty of times, but I've heard that Suepr Anti-Spyware is just as powerful if not more powerful. I'd reccomend cracking either program for a higher level of real-time protection. Spywarebot scans for and fixes vulnerabilities in your browsers as well, so it's pretty useful too. Either way, make sure to update the programs to the most recent update, for example, I just updated from 4304 to 4369 on Malwarebytes and it's only been maybe 2-3 weeks since the last scan. Make sure that you clear your internet cache and temporary files (CC Cleaner) with your browser CLOSED. If you're paranoid you could also consider disconnecting from the internet while running all of this. Most of these programs are free or have free-versions for home use (with semi-limited features).
     
  11. Originality

    Member Originality Chibi-neko

    Joined:
    Apr 21, 2008
    Messages:
    5,149
    Location:
    London, UK
    Country:
    United Kingdom
    Whatever program you're running to try and fix your problems, I recommend doing it in Safe Mode. This will stop any automatic scripts (seeds) from repairing any files/virus you find/quarantine/delete, as well as prevent certain types of seeds from stealthing themselves to your scans.
     
  12. I2aven's_Sag

    Member I2aven's_Sag GBATemp Otaku

    Joined:
    Sep 13, 2009
    Messages:
    726
    Location:
    Northern Virginia
    Country:
    United States
    Safe Mode w/ or w/o networking(interwebs)? I'm assuming the first, in which case he should update his programs before booting into safe mode ; )
     
  13. Hakoda

    Member Hakoda GBAtemp Addict

    Joined:
    Feb 2, 2008
    Messages:
    2,133
    Location:
    San Jose, CA
    Country:
    United States
    I agree as giving the computer access to the internet could allow it to snag that nasty virus again. Use the programs that have been provided. Once the virus has been caught and removed, edit the Hosts file again and reboot. You can't just keep editing the Hosts file with the virus still there.

    What AV are you running?
     
  14. Rydian

    Member Rydian Resident Furvertâ„¢

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    The sticky here covers far more.

    Typo.
     
  15. luckwii

    Member luckwii GBAtemp Fan

    Joined:
    Apr 30, 2010
    Messages:
    388
    Country:
    United States
    Oops! I gave you the link to the "reformat my hardrive.com" website. [​IMG]
     
  16. GutsMan.EXE

    Member GutsMan.EXE GBAtemp Regular

    Joined:
    Sep 3, 2009
    Messages:
    123
    Country:
    United Kingdom
    Well if it's redirecting you and it's not your host file it's properly most likely changed router configurations in "DNS Address".

    Find out how to access your router (it varies depending on make/ model) and login details which should be default if you haven't changed it ( can be found out by googling or going on makers site). Access example: 192.168.0.1 or 192.168.1.1, logins could be: admin; admin, admin;password etc.

    Once in navigate to where your DNS settings are and it should automatically be fetched from your ISP, if it's not and it's using a primary/ Secondary DNS server change the settings.

    If it isn't and settings are normal then it could just be spyware/ malware/ virus.
     
  17. Technik

    Member Technik GBAtemp Advanced Fan

    Joined:
    May 2, 2009
    Messages:
    794
    Country:
    United States
    Thank you sooo much. I had the same google virus and this fixed it for me. [​IMG]
     
  18. bwillb

    Member bwillb GBAtemp Advanced Fan

    Joined:
    Jul 2, 2009
    Messages:
    620
    Country:
    United States
    can't believe no one has asked which browser you're using yet. a bad extension or search service could easily cause these issues.
     
  19. sprogurt

    Member sprogurt GBAtemp Fan

    Joined:
    Dec 13, 2006
    Messages:
    375
    Country:
    United Kingdom
    1. Run with more antiviruses ( some can pick up viruses that others can't). Microsoft security essentials has the highest detection rate at the moment.

    2. FULLY uninstall the browser the reinstall it. This means delete it from regedit as well but make sure you know what you're delting first (do this at your own risk.)

    3. If it's not working by now, choose a different browser.
     
  20. fishykipper

    Member fishykipper pkmn breeder

    Joined:
    Jul 19, 2009
    Messages:
    613
    Location:
    United Kingdom
    Country:
    United Kingdom

Share This Page