Google Redirect Virus: Need Assistance

[ChenAzn]

Hey guys,

After successfully "removing" the Google redirect virus from my computer twice in the past, it has made its way back into my system stronger than ever. I've tried almost every method (for a non-advanced computer user)--checking the hosts file, Kaspersky TDSSKiller, FixTDSS, Hitman Pro 3.6, CCleaner, RKill, Microsoft Security Scanner, Spybot S & D, and a couple of other "methods" i.e. flushing the DNC cache, deleting the temp files in Java, etc. and none have worked.

I was hoping someone could point me in the right direction on where to go next (re-format/factory reset is my no-hope solution), or guide me through the use of programs such as ComboFix and GMER, as my computer expertise is fairly limited.

I'm operating on a Windows 7 Home Premium 64 bit laptop.

Thanks for all of your help!!!

Andrew

 

[DustSailor]

Download the 64bit version at the bottom and run the program: What is Windows Defender Offline?

If it remomves it, I would recommend MSE over hitman pro: Spyware Protection | Free Spyware Protection | Microsoft Security Essentials - make sure you never have two antivirus softwares installed at the same time.
^Use your fully updated antivirus to perform a full scan of your system. If you fear a USB stick has been infected, scan those too.

Consider installing a fully updated Malwarebytes-free for an additional manual scan that is quite good: http://www.malwarebytes.org/mbam-download.php

Lastly, assuming the fix is applied, delete potentially corrupted restore points and create another: http://www.sevenforums.com/tutorials/336-system-protection-restore-points-delete.html

run sfc scan: http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html
^restart and run it again (x2), if you found errors, for a total of 3 runs and restarts.

uninstall all java and install the newest version: java.com: Java + You

Make sure windows is completely and thoroughly updated. This is an important security item!

 

[DustSailor]

previous post updated--

You may want to take a look at this, for additional protection, disable gadgets (read this): Microsoft Security Advisory (2719662): Vulnerabilities in Gadgets Could Allow Remote Code Execution

Disable and/or remove all add-ons that you do not trust, or know the company who provides it.

Never install programs from an untrusted/unknown source, including opening emails from unknown people, opening links to unknown sites from untrusted people or even from a search provider, such as google. Uninstall all such programs you may have on your system.

Run this tool in case it should fix any firewall problems: http://support.microsoft.com/mats/windows_firewall_diagnostic/en-us

 

[DustSailor]

Um, by the way, welcome to Sevenforums
And a big thanks to Brink for many of those tutorials I've posted here.

Hopefully I don't rush you too much. I can be long-winded when excited...

 

[PatrickGSR94]

Will those suggestions for an XP SP3 x86 machine? Because my home machine has been redirecting like crazy. I'm about to reformat the darn thing, though.

 

[DustSailor]

all except for the restore points. with xp, deleting them will be a bit different, you might look up how on bing/google.

with defender, you'd download the 32 bit version. and xp doesn't have gadgets