How to remove Pc spyware - Google Redirect Virus?

How Did My Computer Become Infected with the Google Redirect Virus?


The Google Redirect Virus is really a category of rootkits that is absolutely one of the most difficult pieces of malware to remove. It hides from almost all antivirus, antispyware, and removal tools and does not allow the user to visit many antispyware sites or download removal tools. It redirects Google search results to a variety of sites other than the true site is was supposed to show. Normally you won't understand you have a virus until you try to search for something in Google and you can't get to the sites you want. Instead you get popups, miscellaneous sites promoting products, and everything else except for the page you really wanted. In my particular case, Malwarebytes and Combofix, two well known and very good malware cleaning tools showed no infection at all. However the redirect was still present on the computer. 

How Do I Know I Have a Google Redirect Virus on My System?

Try to search Google for something and click on the various search results that show up, if none of the results allow you to go to the appropriate site, you are infected. Instead you'll be redirected to sites like:

Can I Remove the Google Redirect manually?

Many sites on the net have various instructions for manually removing this rootkit. To be honest, none of these manual methods work. There are really only two products floating around the net that successfully remove this type of infection. One by Kaspersky Labs and one by Symantec. So, please follow the instructions below to download these tools and remove the Google Redirect Virus from your computer. Follow these steps in order to restore internet access, check your hosts file, and finally delete the rootkit.

Fix Proxy Settings

1) Open Internet Options in the Control Panel or via Tools menu in Internet Explorer
2) Click on the Connections tab
3) Click on LAN Settings
4) Uncheck the "Use a Proxy Server for your LAN" setting. Especially if the address spot is blank.
5) Click OK
3) Download RKill from Bleeping Computer to your desktop. Double-click on it and run it. This program will try to kill any malicious processes currently running on your system.


Check Hosts File

Follow the steps on my page about how to check or reset the Hosts File

Remove the Google Redirect Malware with TDSSKiller

Kaspersky Labs has created a removal tool called TDSSKiller to remove the Google Redirect Virus. Follow these steps to download and run it. In some cases, you may have to run it in Safe Mode with Networking to remove it.

1) Download TDSSKiller, unzip it, and Save it to your desktop.

2) Double-click on TDSSKiller.exe to run. If the program does not run, you may have to rename it to something like explore.exe, 123.exe, or something else before running it. The virus is trying to block the program from running, so renaming it will in some cases allow it to run.

3) Click on the Start button to start a scan and allow it to completely run

4) Allow TDSSKiller to fix any issues it finds and reboot the computer afterward

5) After reboot, try Google and see if the redirect it gone.

For more detailed information on TDSSKiller visit the Kaspersky page

Extra Steps with FixTDSS.exe

In a few circumstances, I have been unable to run TDSSKiller even after renaming it. In these cases, I have turned to the other removal tool that works, FixTDSS by Symantec. Follow these steps to download and run it.

1) Download the FixTDSS.exe tool from Symantec and save it to your desktop

2) Double-click on FixTDSS.exe and run it

3) Click Start to begin the process, and then allow the tool to completely run

4) Restart the computer when prompted

5) After reboot, the program will give you the results of the scan and cleaning.

6) Try Google and see if the redirect virus is gone.

For more detailed information on FixTDSS visit the Symantec page.

Run a Thorough Virus Scan


Finally, as an extra precaution, scan your computer with online virus scanner like Housecall, BitDefender, or eTrust or download and install an antivirus program and run a complete scan. A list of online scanners is below, some however will only scan but not remove issues.


Online Virus Checkers
Trend Micro Housecall - will scan and remove threats
BitDefender Scan Online - will scan and remove threats
ESet (NOD32) Online Scanner
Kaspersky Online Scan - will scan and remove threats
Panda Activescan - appears to only scan for but not remove threats
McAfee FreeScan - appears to only scan for but not remove threats
eTrust Antivirus Web Scanner - will scan and remove threats
Symantec Security Check - will scan and remove threats
Dr.Web Online Check - user can upload and test for threats on particular files

Trojan Scanner
TrojanScan by WindowsSecurity.com

Spyware Scanners
Malwarebytes AntiMalware
Super AntiSpyware
Spybot Search and Destroy


Congratulations! Your computer should be free of the Google Redirect Virus.
Written by Mark Hasting 
Posted by Unknown at 7:28 AM 0 comments
Labels: , ,

How to uninstall Panda Antivirus and Panda Internet Security

Panda Antivirus and Panda Internet Security are fairly popular products that many people have enjoyed using. Awhile back, a customer brought in a computer and needed help installing the latest version of Panda Internet Security 2009. His computer already had Panda 2008 installed and the installation for the 2009 version was failing every time he tried to install it.

Each time he tried to install the software, it would bring up the following screen during the installation and the installation would end. The screen told us the installation failed because "traces of previous installations have been detected" on the computer. Leaving no antivirus software installed. No matter how we uninstalled or reinstalled, the same error message appeared time and again.

Any removal through the Add/Remove Programs option in the Control Panel failed, because nothing regarding Panda existed in the Add/Remove listing.

I proceeded to download automatic removal utilities from Panda Software. Listed below are the normal Panda Removal programs to remove their products.

Panda 2006 Removal Utility

Panda 2007 Removal Utility

Panda 2008 Removal Utility

Panda 2009 Removal Utility

Panda 2010 Removal Utility

Panda 2011 Removal Utility

Panda 2012 Removal Utility

Unfortunately, running any of the above automatic removal programs STILL did not solve the problem and I was left with the "traces of a previous installation" error. A windows service called "Panda Process Protection Service" and a driver called "Panda Process Protection Driver" remained in the system and refused to be deleted.

Then I stumbled upon a Panda Security Utility that did the trick. If you are experiencing similar issues, please give this procedure a try.

1) Download the PandaSecurityUtility and save it to your desktop

2) Once the file is downloaded, double-click on it to run. For Windows Vista/7 users, you'll want to right-click on the file and click Run as Administrator so the program has the correct permissions to uninstall the software.

3) When the utility finishes, search the computer for the file C:\Windows\RAVTC.tmp and delete it if it exists.

4) Now reset the Winsock catalog by following these directions:
  • Click on Start, Run
  • Type CMD and press Enter
  • On the black screen, type the following command and press Enter

    netsh winsock reset catalog
  • Type Exit and press Enter to close the command prompt
5) Restart the computer

6) Install Panda software (this time it should work)

What began as a simple uninstall/reinstall job turned into about 4 hours of trouble, however at last the problem was solved. Hopefully, this information will save you time and headache if you run into the same type of problem.

Other Removal Instructions for Antivirus Programs

Uninstall Norton
Uninstall McAfee
Uninstall Avast
Uninstall AVG
Uninstall AntiVir
Uninstall Panda

Buy Anti-Virus Software If you don't already have antivirus software loaded on your computer. You should download and install an antivirus product immediately. The popular commercial antivirus products like McAfee and Norton are ok, but there are also excellent free antivirus solutions available. Listed below are some of the popular free and commercial antivirus software products.

Learn more information about Viruses at the PC HELL Virus Center


Written by Mark Hasting
Posted by Unknown at 6:51 AM 0 comments
Labels:
Subscribe to: Comments (Atom)
Flag Counter
Powered by Blogger.