The Blue Screen of Death / Google re-direct

tharpdevenport

Baseband Member
Messages
44
Yes, this zombie computer has survived the infamous Blue Screen of Death.

The computer ran a program before start up to try and repair and it found the following were corrupt, and fixed them:

NDIS.SYS
NETIO.SYS
MSRPC.SYS

Windows Vista
Internet Explorer 7 (don't want 8)
No new hardware or software has been installed.
Three spyware/anti-virus programs installed:
Ad-aware
Windows Defender (Microsft program)
and Webroot (computer's owner installed that, but the subscription of far out-of-date and he doesn't want to renew, so I can't update the definitions fro that).

I have all needed updates from Windows Update installed, as well as definitions for the first two anti-virus programs.


About a week ago the computer's owner messed around online and when I got back, it had some kind of virus or bad thing installed (can't say what since I don't know for sure), that re-directs search results in Google.
I figured I could live with it as I can just copy hte search link and paste it into the address bar, since none of the anti-virus programs -- even in Safe Mode -- are finding anything, but I guess I was wrong. I'm assuming the Blue Screen of Death and corrupt files were a result of what ever the heck this is.

I tried doing a search for the Google re-direct, but there are different versions and every search I did for the bad files in the Registry, came up empty. I just won't be able to find out without knowing which version I have, I guess.


Can anybody help? What do I do? Installed a fourth spyware/anti-virus program and hope it finds it? Will the .sys files corrupt again and maybe even kill the computer?


I've told the computer's owner again & again not to click on random search results as they are junk pages which might trick you into installing something or trick you to click on something to get out, but he just IGNORES me. Doesn't seem to get it. I told him the resutls will put what ever words you want in the results, that he could search for his name and nudes pictures, and he'll get results, but sometimes people are oblivious.
 
It is called a scour. The only thing I have found that will get rid of a redirecting scour is called hitman pro 3.5. Also CCleaner would be helpful.
 
Hitman pro isn't the only thing. Combofix made by bleeping computer can get rid of almost anything. I'd give that a shot.
 
Tried F-Secure rescue CD?

Runs out of windows, destroys pretty much all known viruses, you boot from it.

Backup beforehand, as this CD can potentially render the PC unbootable if the virus is in a critical system file.
 
"TDSSserve.sys" this file is present in the hidden devices of the device manager option. control panel has this option. after disabling the file restart your computer. Google redirect has ability to disable the antivirus removal tools, firewalls and corrupt the registry.
download and install antivirus removal tool from the Internet. so that it scan and remove the Google redirect virus.
at the last step change the LAN setting by disabling the Use proxy server which you found in the Internet option of the tools.
 
Back
Top Bottom