Very stealthy redirect

Have run at least a dozen antivirus tools (mbam, anvir, avg, gmer, blacklight, drweb, sophos, HMP, ESET, combofix, TDSSKiller etc) and can’t seem to shake the google redirect. Also deleted/ reinstalled Firefox, removed Java, cleared temp files and web cache, ran fixboot and fixmbr.

A number of viruses have been cleared including Hiloti, Java/Agent.U, TR/Fakealert.47.308(found in a .jar file), TR/Dldr.Murlo.laz

Current symptoms: Google searches are redirecting.

Not sure what to do next. Any help would be greatly appreciated.

Previously I ran GMER and TDSSKiller without picking up any error. When I twice tried to run Combofix (including safe mode) the system appeared to hang for >1 hour so I rebooted.

However I may be starting to get somewhere: Just tried GMER again and got a BSOD in atapi.sys. I’ve read that file is sometimes targetted by google redirect viruses.

Will have a crack at running SFC /SCANNOW then try GMER again and report back.

SFC /SCANNOW prompted for the install cd about a dozen times so I guess it replace that many files. Whether the virus was able to overcome this I don’t know.

The instructions in that link are for Kaspersky Virus Removal Tool version 10. The latest on the website is V11 which has a very different interface. Do you suggest selecting “automatic scan” or “Manual Disinfection.”?

shreyas murali,

Some of the programs you’re asking customers to use can be dangerous in the wrong hands.

What are your qualifications ???
Where did you get your training ???

well,

before joining the malware removal team at systematics we were first trained to deal with malware cases remotely and also at hand irrespective of our knowledge. ;D 8)

Who is “we” ???

we…are the people who came to join systematics… 8)

systematics is a workshop for virus removal,hardware problems,software problems,computer repairs etc…where i work on the malware removal team. 8)

You are talking in generalities how about some specifics.

this is not in general…at systematics u are trained individually and given personal attention…they then allow us to guide people remotely under supervision at training… :wink:

The training is a session of hardwork of 3 to 4 months…u will have to slog to join systematics… :slight_smile:

So have you finished your training ? is there a direct link to this systematics ?

well,we dont have any website…i am sorry…but i have competed the training and currenty working there…this workshop is famous i can say…i found some related info about its existance:

http://maps.google.co.in/maps/place?hl=en&bav=on.2,or.r_gc.r_pw.&biw=1280&bih=705&um=1&ie=UTF-8&q=systematics+at+vasai&fb=1&gl=in&hq=systematics+at&hnear=0x3be7ae956bc1587b:0x864f53a94baa5145,Vasai,+Maharashtra&cid=12484270293370353312

I still fail to see any evidence of your qualifications and just taking your word for it is not is not a wise choice imo, i would think that someone who has the correct training and professionalism would have introduced themselves to the viruses forum and have stated directly there qualifications and experience, i think some evaluation process by senior members and the mods might be in order here.

Shreyas Murali has been banned for trying to circumvent an existing ban on com155. Based on forum information, they are one and the same.

I think thee next step will be deleting all the posts of them.
Nothing will show him more as his posts are useless and he is losing time…

The problem being is deleting ‘all’ the posts will leave many topics looking disjointed.

Little bugger, i did have my suspicion’s.
Good job David :slight_smile:

I have spent a lot of time investigating this, so I’m sure we have found our doppelgänger and also cleaning up some of his mess without leaving topics totally disjointed.

I think it’s better that let them misleading and misinformation…

Not something which we should really discuss here.

You’re right. Open forum. Sorry.