Google Redirection Virus
Google Redirection Virus
I've spent the better part of three days trying to get rid of the virus and clean up my hard drive of unwanted spyware and adware. I started with the virus. I researched it but couldn't really find any definitive answers as to how to eradicate the problem and from reading message boards I found out that alot of virus protection software will not pick it up and if it does it can't clean it leaving the computer operator to manually clean the computer up which can be a time comsuming task not to mention if you don't know how to properly do it without damaging the hard drive you could be in for more problems that you started with.
After much seartching and not finding anything too reliable I decided to do the system restore in an effort to get the system back to how it was. Fortunately, that worked but I still wasn't satisfied because I figured the file was still lurking on the hard drive somewhere and I just hadn't found it yet so I proceeded to get rid of every unneeded file on my hard drive. The files I was unfamiliar with I did a lookup. That's when I found a number of spyware and adware programs lurking on the hard drive.
Believe it or not when my husband downloaded yahoo messenger(I don't know what site he downloaded it from) he downloaded some spyware programs with it.
For those of you who don't know what the google redirection virus is well let me explain it as best as I can. There is more than one variation as is the case with most viruses. Essentially the google virus redirects you to unwanted sites. It's quite simple. You type in a search term, for example probate and in my case up popped the results which looked legitimate such as 1 800 probate.com and various other similar sites relating to probate. When I clicked on the site instead of going to a site relating to probate I was forwarded to various advertiser sites and search engines I've never heard of. For instance I was forwarded to scour.com, tazinga.com, outdoor living and a few others that I wasn't interested in and when I tried to click the back button I was stuck on the site which more than likely offered up more malware. I didn't click on any links on the sites. I promplty closed my browser.
To begin with the only solution I could find to keep from being forwarded was to disable active scripting. In fact I changed it to the highest security settings I could however that will only work for the short term as most sites require java and scripting. I also disabled Iframes and Meta Refresh and my computer works just fine. I read on a message board about disabling meta refresh with the google virus.
I checked several search engines and Bing is also affected however yahoo and a few of the smaller search engines are not. I also read that the virus is a weakness in Internet Explorer 8. As to whether it affects other internet explorer versions I don't know but did read that it affects firefox as well so be very careful using those browsers until they find a fix and be very careful about using google and other top search engines as this google virus is very difficult to get rid of especially when some virus protection doesn't work to eliminate it. I personally tried my Norton first(I have the most up to date version) and it didn't find it let alone clean it. I still don't know if it's somewhere on my hard drive. I don't have the symptoms anymore thankfully.
My husband downloaded some software and got several pieces of spyware and adware on my computer which aren't always as bad but it can make the computer run more slowly which is a pain to say the least.
I located Shopper Reports, Hotbar, my websearch and a couple of others. These are all malware. Most of it is adware but useless and unneeded on your hard drive.
I located most of it in program files. One of the ways I knew the programs weren't supposed to be there was by looking at the creation and modification dates. Most of it was downloaded only a day previously and I hadn't downloaded anything excpet for my husband downloading yahoo messenger but shopper reports and websearch, etc. shouldn't be with yahoo messenger and even it was I don't want it or need it so I deleted it. Some of the files couldn't be deleted until I restarted in safe mode. Then I was able to delete them.
I still have a couple of things to do then I will be done hopefully.
THe first place to look is in program files and click on every folder and look at it's contents. If it's a folder/program you know you've downloaded then skip it but if you didn't download an application you see delete it. If you aren't sure look up the file name in whatever search engine you use. If it says it's most likely a windows/microsoft file leave it alone.
Most of the files I looked up I found out immediately they were malware.
When I was done I went to disk cleanup and deleted everything there I didn't need such as temporary internet files, etc. I emptied the recycle bin and restarted and proceeded to defrag the system even though it didn't need it. It can't hurt to do this.
Before doing anything you're not familiar with I recommend getting as much information as you can and there are a number of computer boards where people will help you but you have to be patient as there are alot of people asking for help at any given time.