X
Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

Google Redirect Virus Removal

Posted

So essentially, it seems that somehow my PC has picked up a version of the Google redirect virus. It is only affecting Firefox, and it seems to be a bit stealthier than previous versions. Essentially, 70% of the time I try and click on a search result (only the first one clicked per search), it will redirect me to a php script on a different server. It seems the script analyzes what I searched and attempts to redirect me to a phishing site that has related information about my search e.g. realgamerz.net and other shady URLs. I assumed it was a registry issue, but despite using all of the below virus/malware scanners nothing has been found. Is it possible one of my plugins has been compromised and that it has something to do with the Firefox software/Firefox plugins? Your advice is much appreciated.

1) Kaspersky Anti-Virus 2011 Professional 2) HijackThis 3) SuperAntiSpyware 4) Spybot S&D

If there are other recommended malware scanners you think I should try I would be happy to do so.

Additional System Details

Sites Affected

http://www.google.com

Installed Plug-ins

  • Google Update
  • Shockwave Flash 11.4 r402
  • Next Generation Java Plug-in 1.6.0_33 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • 5.1.10411.0
  • VLC media player Web Plugin 2.0.0
  • Foxit Reader Plug-In For Firefox and Netscape

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1

More Information

Application Basics
Name
Firefox
Version
15.0.1
User Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1
Profile Folder
Show Folder
Enabled Plugins
about:plugins
Build Configuration
about:buildconfig
Crash Reports
about:crashes
Memory Use
about:memory
Extensions
Name
Version
Enabled
ID
Firebug
1.10.3
true
firebug@software.joehewitt.com
HttpFox
0.8.11
true
{4093c4de-454a-4329-8aff-c6b0b123c386}
Java Console
6.0.33
true
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
Poster
3.1.0
true
{d48a39ba-8f80-4fce-8ee1-bc710561c55d}
Printing Helper
2.5
true
ugjkwkqoee@ugjkwkqoee.org
User Agent Switcher
0.7.3
true
{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
FiddlerHook
2.3.9.1
false
fiddlerhook@fiddler2.com
Kaspersky URL Advisor
11.0.2.579
false
linkfilter@kaspersky.ru
Kaspersky Virtual Keyboard
11.0.2.579
false
virtualKeyboard@kaspersky.ru
Important Modified Preferences
Name
Value
accessibility.typeaheadfind.casesensitive
1
accessibility.typeaheadfind.flashBar
0
browser.cache.disk.capacity
1048576
browser.cache.disk.smart_size.first_run
false
browser.cache.disk.smart_size_cached_value
276480
browser.places.smartBookmarksVersion
4
browser.startup.homepage_override.buildID
20120905151427
browser.startup.homepage_override.mstone
15.0.1
browser.tabs.warnOnClose
false
extensions.lastAppVersion
15.0.1
network.cookie.prefsMigrated
true
places.database.lastMaintenance
1349379869
places.history.enabled
false
places.history.expiration.transient_current_max_pages
26276
places.history.expiration.transient_optimal_database_size
167772160
privacy.cpd.cookies
false
privacy.cpd.downloads
false
privacy.cpd.formdata
false
privacy.cpd.history
false
privacy.cpd.sessions
false
privacy.donottrackheader.enabled
true
privacy.sanitize.migrateFx3Prefs
true
privacy.sanitize.timeSpan
0
security.warn_viewing_mixed
false
Graphics
Adapter Description
Parallels Display Adapter (WDDM)
Vendor ID
0x1ab8
Device ID
0x4005
Adapter RAM
Unknown
Adapter Drivers
prl_umdd
Driver Version
7.0.15107.0
Driver Date
9-3-2012
Direct2D Enabled
Blocked for your graphics card because of unresolved driver issues.
DirectWrite Enabled
false (6.1.7601.17789)
ClearType Parameters
ClearType parameters not found
WebGL Renderer
Blocked for your graphics card because of unresolved driver issues.
GPU Accelerated Windows
0. Blocked for your graphics card because of unresolved driver issues.
JavaScript
Incremental GC
0
Library Versions
Expected minimum version
Version in use
NSPR
4.9.1
4.9.1
NSS
3.13.6.0 Basic ECC
3.13.6.0 Basic ECC
NSS Util
3.13.6.0
3.13.6.0
NSS SSL
3.13.6.0 Basic ECC
3.13.6.0 Basic ECC
NSS S/MIME
3.13.6.0 Basic ECC
3.13.6.0 Basic ECC

cor-el
  • Top 10 Contributor
  • Moderator
10739 solutions 96657 answers

Do a malware check with some malware scanning programs on the Windows computer.
You need to scan with all programs because each program detects different malware.
Make sure that you update each program to get the latest version of their databases before doing a scan.

You can also do a check for a rootkit infection with TDSSKiller.

See also:

If using various malware scanners does not fix it or if you are blocked from installing those scanners then ask advice at a forum that specializes in malware removal.

anupraman 0 solutions 2 answers

Google Redirect Virus is notorious when it comes to avoid detection by security tools. Just in case, if you are not able to fix it using any tools try to remove it manually. Learn how to remove Google Redirect Virus manually.

A video tutorial is also available to guide you properly google redirect virus manual removal video

morendill 0 solutions 3 answers

Antiviruses rely on signature and m ay no know about your virus Use Unhooker (http://www.oshiunhooker.com/download.html)

It disables all redirects in several clicks and it's free.

datasbyte 0 solutions 2 answers

Helpful Reply

Go into the Add-on's Manager (You may need press the ALT key first to get to the menu, then select Tools..Add-ons) and disable (or delete) the Printing Helper 2.5 addon. The problem went away after I did this. Just to be sure this addon was responsible, if I re-enabled the printer helper addon, the problem presented itself again. I'm not sure where I picked up this addon (I don't ever remember installing it) or if it came with firefox, but it seems to be the culprit for me. It seems to provide no 'printer help' to my knowledge. Printing works with out it.

Modified by datasbyte

SlimSylv 1 solutions 6 answers

I am running Windows XP Professional SP 3.0 32 bit..... My problem started when MSE seemingly disappeared....I was doing an MSE scan & Malwarebytes scan daily, then MSE disappeared...then I started getting the redirect problems....so I was using Internet Explorer....I attempted to fix it myself, I did the Killer, and it found a problem with MBAM chameleon....it didn't go to the cure button, so I couldn't fix the problem. I downloaded Avira to do an anti-root kit & anti malware, but it got stuck after 15%, was going for 59 minutes, before I realised. Now I have uninstalled my Malwarebytes, and can't get it back, because I keep getting redirected..it's also now infected my Internet Explorer. My inexpert stumbling around not really knowing what I'm doing seems to have made the problem worse....I am old & not a techie, so please, pretend I'm five...lol...I need detailed instructions.... Please, help, what can I do next? Sylvia Thanks in advance

anupraman 0 solutions 2 answers

Did you try the instruction that I mentioned before.

Google Redirect Virus is notorious when it comes to avoid detection by security tools. Just in case, if you are not able to fix it using any tools try to remove it manually. Learn how to remove Google Redirect Virus manually.

A video tutorial is also available to guide you properly google redirect virus manual removal video

I apologize if you find this info too technical.I wish I can see your computer and troubleshoot for you.I created the video just for making it easy for others to follow instruction.There is also a professional service that I mentioned at the end of article.You may also try that if nothing else helped.

Good Luck SlimSylv

Ksoulz 0 solutions 2 answers

I created an account just to say thanks.

I had an addon in there I did not recall adding, deleted it and my problems with the google redirect went away.

I was not able to find anything using any anti-malware, tdsskiller, etc. I also tried the method provided by atechjourney. All it took was to delete some addon.

ivani5075 1 solutions 18 answers

Google redirect virus is challenging to get rid of due to its capability to hide deep inside the operating system as well as its potential to eliminate traces and footprints on how it got inside the computer. As of nowadays, not a single security application in the industry can guarantee 100% protection from this infection. This explains, why your pc got infected even having a safety software installed.

Some computer users know that Google redirect virus is just not a virus, but in fact a rootkit. Rootkit infections unlike other virus, spyware or trojan infections are really difficult to get rid of. In most cases, google redirect virus rootkit is seen related to Trojans which makes it a lot more deadly. In accordance with a 2011 report, Google redirect virus have currently infected 45,00,000 computers worldwide, out of which 1/3rd is from US.

Some symptoms that you are having this virus on your PC:

  • Browsers freeze
  • Pages not loading at all
  • Google/Bing/Yahoo searches redirected to malicious site/s
  • Some programs won’t respond
  • Internet connection brakes itself
  • Terrible adds popping on visited webpage/s

If you have these symptoms on your Computer, I suggest using safe and respected software program as the 1 I've provided below. The Google redirect virus removal tool deals with malware infections that lead to Google redirect virus symptoms and are so difficult to detect and fix.

moderator removed spam link
Forum rules and guidelines

Modified by the-edmeister

servicrete 0 solutions 1 answers

Wow... after months of searching the web, the only thing that worked is to disable the Printer Helper in the extensions.

THANK YOU SO MUCH.... you are awesome.

datasbyte 0 solutions 2 answers

You are welcome.

paperjoe 0 solutions 1 answers

Helpful Reply

I also disabled printer helper and it totally worked! Thank you.

coffeegirl111 0 solutions 1 answers

This worked!!! For weeks I have tried every virus removal tool, tip and trick and nothing removed it. I am so grateful to have found this info, I can again happily do my google searches, than you!

akam001 0 solutions 1 answers

I have the same problem with the google redirect, However I do not have a printer helper add on. What else can be the problem??

Ksoulz 0 solutions 2 answers

Try deleting all the addons, I myself didn't have the printer-helper addon, but another, and deleted that and was set.

angie22 0 solutions 2 answers

I have read all the above posts and have a silly question...I am not a techie by any means!! You have suggested to disable the printer add-on...how do I find the add ons? Is this from control panel, my computer or where? Thanks for any direction you can give me :)

JCo999 0 solutions 1 answers

When you open your browser, you will see (at the top) File, Edit, etc, Tools. Click on Tools, then Add-Ons. I was fighting this for weeks, then just now came across this thread. Problem solved by deleting Printer Helper...hope it works for you, as well!! :)

angie22 0 solutions 2 answers

Thank you so much for your response..unfortunately it did not help me! I do not have a printer helper add-on :( I actually have very few add-ons. I did disable a few that I was not sure of but it did not help. I have ran Spyhunter 4, System Suite, TDSS killer...nothing has worked!! Guess it's to the repair shop I go.

cor-el
  • Top 10 Contributor
  • Moderator
10739 solutions 96657 answers

If using various malware scanners does not fix it or if you are blocked from installing those scanners then ask advice at a forum that specializes in malware removal.