The redirect virus is coming from within Google, be careful, and the XP Repair virus is popping up again, just thought I'd pass this info. along.
Once again, I really like having Linux instead of Windows. Do a google search for Re-Direct Virus, there is lots of information and you can find some fixes that are free.
Oh My! I just came across this site whilst researching for my malware training and I am presently learning about the TDSS Rootkit. I hope I don't offend anyone for correcting the idea that Google is the culprit because the redirects from a Google search is just a symptom of a Rootkit being installed. Google is just as safe as any other search engine and the redirect virus affects ALL search engines including MSN, Bing, Ask, etc. The most likely culprit to infect your computer with the redirecting virus which is due to a Rootkit is File sharing sites. If you download movies, music, or any other documents from a free file sharing site (like Limewire or Napster, etc.) you could have gotten infected with the redirect virus that way. You could also have gotten it from visiting malicious websites — sometimes hackers can change the scripts on sites that you normally visit and you wouldn't think anything of it. If you are prompted to approve an ActiveX file, or if you clicked on an email and visited a site — any of these things could have infected your computer with the search engine redirect virus. It is not Google search engine specific though it targets the Firefox Browser and you do not get it by searching with the Google Search Engine. Many people are misinformed about this virus because that's all they know and it has been dubbed the Google Redirect virus because more people use Google world wide. When they are infected with this Rootkit and search with Google or any other search engine that they use they get redirected when they click on a link. The redirects have been narrowed down to a random CLSID named folder in %userprofile%\Local Settings\Application Data, and the registry value HKLM\~\Mozilla\*Firefox*\extensions\\ - "CLSID"="folderpath". Removing the folder stops the redirects, but removing the registry value alone doesn't. Please read: How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller And to learn more about how to protect yourself against malware invasion, please read this article by Tony Klein. It was just recently updated by Tashi as noted at the bottom of the post. So how did I get infected in the first place? As I stated above, I hope I don't offend any of the members here. I just wanted you to know that it is safe to use Google or whatever search engine you desire. It's poor web surfing habits that cause malware infections. Happy Surfing everybody! HP
Thanks for this string. Now I know why my main computer is acting up. Haven't even been using it that often :-? And I thought it was Bing trying to over-ride Google when I did a search.
Hi Jewel, That could very well be the case. Though since I am still in training can only provide education on malware and not guidance. The professionals look down on those trying to help other remove malware when they are not trained to do so. Kinda like your hairdresser being upset when someone gives you advice on hair color. I would definitely have your other computer looked at and there are a few very good sites that will help you to help yourself get rid of the malware on your computer. Bleeping Computer is the one I linked to above. Geeks to go has some of the brightest professionals/researchers from around the world. Though I send my mother to a site called LandzDown where there is a lady by the name of Corrine that is Highly recommended by Microsoft and is a Microsoft (MVP) that has patience for her level of computer skills. You have no idea how many people think that their computer is just broke when in fact it has malware on it that prevents it from working the way it should. I have a girlfriend who actually threw her computer in the garbage and bought a new one because she didn't know any better. I hope you choose the join one of those sites. My recommendation would be LandzDown. I realize I am new here to this forum and have not built a trust or reputation but I would never steer anyone down the wrong path. I decided to learn about malware to help those who don't know how to help themselves. We are entering the age of computers and many of us who never grew up with computers need to learn more about computer safety. If you do any kind of online banking, please register at one of those forums above and get that computer cleaned of all malware. There are people out there that do their best at creating malware just to trap those like us who are unaware of the dangers of identity theft, etc. Have a nice day my dear. Good luck and safe surfing! HP
