Google Redirect Virus (Warning)

natalie_ca

TCS Member
Thread starter
Top Cat
Joined
Jul 2, 2006
Messages
21,136
Purraise
223
Location
Winnipeg, Manitoba, Canada
http://www.itpro.co.uk/633436/millio...e-image-attack

There is a virus circulating which is missed by many virus scanners. It redirects google search result links to other odd sites. The sites seem harmless but you cant get to what you searched for.

tdssskiller from http://support.kaspersky.com/downloa...tdsskiller.exe is supposed to identify and remove it.

There are TDSS tdl3 and tdl4 varients.

I have been getting redirected and the above program didn't seem to find anything. So I also used "Cureit" (free download)

http://www.freedrweb.com/cureit?lng=en

Delete everything it finds.

I also recommend that you download and run the free Malwarebytes from http://download.cnet.com/Malwarebyte...ml?tag=mncol;1

This picked up several items that were missed by Cureit. Again, delete everything it finds.

Make sure you reboot your computer after each scan.
 

ducman69

TCS Member
Top Cat
Joined
Sep 18, 2010
Messages
3,232
Purraise
47
Location
Texas
These aren't really viruses, but rather malware infections. Hence why Macs are so frequently infected by them in my experience, as there are very few viruses for the platform and most assume they are thus immune from all forms of infection.

On the positive side, these almost always require the user to be tricked into manually downloading the malware.

Malwarebytes is my favorite as well, as it is designed specific to catch this type of malware, which anti-virus programs frequently are not. I recommend installing it as its free for non-corporate use, doesn't take up much space, and you don't have to have it running constantly so won't use any resources. That way you don't have to worry about how you'll get it installed if your browser is already hijacked. I'm a IT guy btw, 11yrs.
 

kittkatt

TCS Member
Top Cat
Joined
Apr 1, 2006
Messages
6,108
Purraise
14
Location
Online
So what you're saying is that if you use the Google search engine you'll be taking a chance of picking up the virus or whatever it is?


I have Malwarebytes: will it stop the infestation?


I'm not too savvy when it comes to this kind of thing.
 

ducman69

TCS Member
Top Cat
Joined
Sep 18, 2010
Messages
3,232
Purraise
47
Location
Texas
You can optimize your site to be one of the top results for keyword searches, but a user still has to click on something to get infected. It can't hijack anything unless you're already infected.

To get infected requires action on your part, and it won't just happen on its own really.

Say you search for "kitten wallpapers". You then click the result, and are directed to a "bad site". All you have to do is close the window if you're not brought to a site about kitten wallpapers like you expected, no harm. But typically you are tricked into having to click to download something (such as a popup that pretends to be your antivirus and says click her to remove infection so you click to download and run it and that installs the malware), unless your security settings are really low well below the default settings or you're on old-school internet explorer version 6 or something (you should be on version 7 or higher and will be automatically unless you turned automatic updates off).
 
Top