Sign in to follow this  
Followers 0
daidalos74

Google redirect virus?

15 posts in this topic

Hi, I think I have the Google redirect virus on my computer and would really appreciate any help to solve the problem.

 

Date issue started: I think yesterday morning (CET), July 31st.

 

First noticed: I think I was clicking too fast on a pop-up prompt to update the chipset on my computer, but not sure it had anything to do with it :(

 

Symptoms: At first I got mulitple windows claiming something about error rewriting or something and desktop wallpaper turnec black rearranging my desktop icons. Possibly some other windows warnings that I don't recall now. Later google searches redirected me, but for most of the time it seemed like my browser (Firefox) blocked these attempts showing the bar "someone attempts to redirect..." Seems to be primarely related to google searches and gmail. Browser became very slow.

 

Steps taken: Ran Malwarebytes Anti Malware which detected a trojan which I deleted. Problem remained. Ran Windows defender, Malwarebytes, Kaspersky Virus Removal Tool and Webroot Secure Anywhere but none identified any threats. Tried to run Kaspersky TDSSkiller, but it wouldn't run on my computer. Tried everything in safe mode too, but without sucess.

 

GSI Log: http://www.getsysteminfo.com/read.php?file...d3bb51029d5a382

 

virusinfo_syscure.zip

Share this post


Link to post
Share on other sites

If you don't have Kaspersky installed, please feel free to use the Kaspersky Malware Removal Tool (AVPTool). It is linked in the first Important topic.

Attach its sysinfo.zip, located at Virus Removal Tool\LOG\avptool_sysinfo.zip

Share this post


Link to post
Share on other sites

Your log looks clean.

 

Tried to run Kaspersky TDSSkiller, but it wouldn't run on my computer.

 

Attach a Combofix log, please review these instructions carefully before downloading Combofix, and follow these instructions carefully after downloading Combofix.

 

Before downloading and Saving combofix to Desktop, please rename combofix to something like 123.exe to stop malware from disabling it.

 

Now, please make sure no other programs are running, close all other windows and pause Kaspersky (right click the K icon and click pause protection > Choose the

option "resume manually" if still active) until after the scanning and removal process has taken place.

 

Please double click on the Combofix file you downloaded. Follow the onscreen prompts to start the scan.

Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.

It may take a while to complete scanning and this is normal.

 

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after

scanning has completed.

 

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post. Also, please don't

forget to resume the Kaspersky that you paused.

 

Download Combofix here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

--------------------

The instructions posted here are for the original poster Only. If you have same or other issue, please see the first Important read me topic, and then open a New Topic for yourself.

Share this post


Link to post
Share on other sites

You're welcome. Any changes noted with the issues?

 

please zip up C:\qoobox\quarantine and upload to a filehost such as http://www.mediafire.com/

Then, Private Message me the Download link to the uploaded file. Click my user name and select Send message. Lastly, uninstall Combofix by: Start > run >

type combofix /uninstall > ok. The space between the x and the / is needed. Or Start > run > type 123 /uninstall > ok.

Share this post


Link to post
Share on other sites

Thanks, you have the link PMed. After the combofix the problems persisted, but now I could not open any programs from desktop icons or start menue. Did a clean boot and fixed some broken links, now it works again. Had some redirects after though, but firefox seems to block them. Strange.

Share this post


Link to post
Share on other sites

Thanks, I can't run the TDSSkiller from desktop in either normal or safe mode. Tried to rename before downloading too. Yes I am using a router for wifi.

Share this post


Link to post
Share on other sites

News: I did find something in the autostart panel (in the control panel, file alternatives) called qmiLNIQvQJ (dot) exe that I dont recognize. I thought for a while that the computer was up an running and startet to clean out som programs, everything worked fine including starting from menu and desktop icons. Now I am back to be able to open any programs besides web browser and the computer is slow again.

Share this post


Link to post
Share on other sites
autostart panel (in the control panel, file alternatives) called qmiLNIQvQJ (dot) exe...
Please post the screenshot of that.

 

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or

png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.

Share this post


Link to post
Share on other sites

You're welcome. Your screenshot: Enable Always show all icons, then post the screenshot of the notification area icons.

 

You do not have an anti virus application installed. Please install anti virus and do a scan.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0