Results 1 to 8 of 8

Thread: [SOLVED] ZASS Google Redirect/Windows Update -> Restored a clean image

  1. #1
    techwritermn Guest

    Default [SOLVED] ZASS Google Redirect/Windows Update -> Restored a clean image

    ZASS cannot detect in any scan mode the Google Redirect/Windows Update malware on our PC for the last 7 days, with the following symtoms:

    1) Google searches in all browsers sometimes yield results with links that don't match displayed text going to random sites with lots of download links, or phony search sites.
    2) Frequent Crypt32 error messages in Event Log.
    3) Cannot do Windows Update or Microsoft Update; get ox800072efe error.
    4) In all browsers, http://windowsupdate.microsoft.com yields no page found error.
    5) Generic Host Processor failures almost once a day.
    6) Cannot start Windows XP Pro SP3 in Safe Mode; get kdcom.dll error.
    7) Once "ati video bus poller" application appeared in Task Manager when Windows Explorer hung; could not be stopped.
    8) In Firefox, new tabs occasionally open on their own to similar sites noted above.
    9) Can bring up https://windowsupdate.microsoft.com (with S in HTTP) but get same update error.
    10) None of these occur on Mac or iPhone on same home area network.

    Have tried full/complete scans with the following, removing those that run all the time to avoid ZASS conflict. Most yielded no errors; a total of 5 Trojans and a few tracking cookies removed by some. None had any effect on above symptoms.

    1) Google Pack's Spyware Doctor.
    2) Microsoft Essential Security.
    3) Microsoft Malicious Software Removal Tool; scanned 2+ million files on all drives.
    4) Malwarebyte's Anti-Malware
    5) Spybot Search and Destroy.
    6) Kaspersky's TDSSKiller.

    Except for above symptoms, system still runs and boots okay.

  2. #2
    techwritermn Guest

    Default Re: ZASS cannot detect Google Redirect/Windows Update malware

    Had to post this from Mac; got repeated errors from PC.

  3. #3
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: ZASS cannot detect Google Redirect/Windows Update malware

    Hi!

    please follow the standard procedure to clean malware in the machine. Follow ALL steps (including dedicated clean-up support by experts if you are not able to get rid of the infection) as detailed here:
    Malware Clean-up Guidance

    For the future, you should not run other security tools with ZA (many even if disabled), this can create problems when infections are detected or cleaned with the end result of less security.

    To avoid infection in the futute see here:
    xyz was not detected. What I should do?

    Cheers,
    Fax
    Last edited by fax; July 26th, 2010 at 01:46 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  4. #4
    techwritermn Guest

    Default Re: ZASS cannot detect Google Redirect/Windows Update malware

    With regard to Fax's suggestions, I was unable to boot in Safe Mode, with or without Networking; it yields a blue screen with a message about kdcom.dll, although that DLL is unchanged.

    I've tried Malwarebytes, as noted; it didn't find anything.

    Also, I checked the hosts file; it's clean, just one entry for 127.0.0.1. I also checked DNS setting; it's obtained automatically and ipconfig indicates it's set to our ISP's domain server.

    Kaspersky's Google Redirect fix yielded nothing found.

    Having tried 6 different pieces of malware noted in various Google Redirect postings, I'm hesitant about just trying others without some clear sense of why.

  5. #5
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: ZASS cannot detect Google Redirect/Windows Update malware

    Then proceed to free expert support at the suggested sites:
    Bleepingcomputer and spywarehammer (Link in my previous post).

    They will guide you through a complete check and cleaning.
    I have moved the thread in the right section.

    Thanks,
    Fax
    Last edited by fax; July 26th, 2010 at 02:57 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  6. #6
    techwritermn Guest

    Default Re: ZASS cannot detect Google Redirect/Windows Update malware

    I've never used Microsoft's System Restore before. Could I use that to restore to a point before the malware infection (I think it was 6 days ago), providing a timely restore point exists that I can use? I'm haven't yet checked; I'm not on that home system right now.

    Why do the instructions to which you provided a link recommend purging prior system restores after finding and removing the malware? Microsoft strongly recommends not doing this. Wouldn't a prior infected restore point be a problem only if I restored to that point?

  7. #7
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: ZASS cannot detect Google Redirect/Windows Update malware

    Modern infections can survive and replicate via restore points. This is why it is always recommended to purge restore points after cleaning the machine.

    I would warmly suggest you clean your system with the support of malware experts. This is the only way to be sure you are really clean. Just let them going through your logs and analyse the infection.

    Modern pests are designed to rest hidden, survive by infecting deeply the system and keep leaking confidential info out.

    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  8. #8
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: ZASS cannot detect Google Redirect/Windows Update malware

    ... and when you have fully cleaned your system try to follow closely the instruction here: xyz was not detected. What I should do?

    Most of the times is just a matter of common sense. Always read pop-ups by ZA. If you are not sure DO NOT allow. Do not install random applications to your system, always check them before. Do not beleive any pop-up telling you are infected, etc. Few rules to follow and you will keep your system clean and in shape for its productive use.

    Hope this helps.

    Since I have added already all the steps you need to follow and there is not much to add, I will close now this thread.
    If you need to follow up with any clarification, please PM me.

    Thanks,
    Fax
    Last edited by fax; July 26th, 2010 at 09:49 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Scan Stalls on Windows XP --> Clean install latest version
    By Oxbargle in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 3
    Last Post: June 20th, 2010, 10:29 PM
  2. Google Redirect Virus
    By solidterry in forum Malware Discussion
    Replies: 7
    Last Post: November 22nd, 2009, 04:10 PM
  3. question on google redirect virus
    By loggiesh in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 4
    Last Post: November 17th, 2009, 09:28 AM
  4. Replies: 2
    Last Post: September 24th, 2006, 12:24 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •