Google/ig and Youtube not working, also Google URL links?
Question: A few days ago, I noticed that any Google URL I click takes me to the actual link, but the URL is either an IP address, or a different site all together. The redirect urls have ranged, but currently "buffpuma" is the site. Now today, I get redirected to a different ad site all together. Yahoo and other search engines work fine, google is the only issue. I'm thinking I have the Google-redirect Virus, but I can't seem to get rid of it, and don't know where it came from. My homepage is google.com/ig but that shows a 404 not found page, and youtube, which is linked to my google account is also "not found". I have ran: Spybot S&D, Housecall, Malewarebytes, Superanti Spyware, Avira, and Eset which some have found nothing, while others have detected virus and supposedly removed them. After the reboot, nothing has changed. I've tried countless things, and websites, but nothing has worked. I really don't know what else to do, the known virus for the Google-redirect has specific c>windows>system32 files and in the device manager as well, but my system doesn't, but the "symptoms" are the same. Help, please? So I ran TDSSKiller, had that fix the issues and then ran Ad-Aware and after, redid both scans the second Ad-Aware scan told me I had to re-boot, which I did. During the start up it showed a screen telling me that it was deleting something in one of the directory folders. Now everything looks fine, youtube, google/ig and google search. I am going to re-scan both, but Ad-Aware and TDSSKiller surely did the thing for me. So today I noticed the virus is back. I'm really mad and confused, nothing has worked at all.
Best Answers: Google/ig and Youtube not working, also Google URL links?
I also have this. It is a rootkit, and a very hard one to remove. Someone in this thread mentioned that ComboFix kills it. I will try it and report back. I need to try running this in Safe Mode. There are two ways I have mitigated the effects of the redirect: 1) I now run my browsing from a Limited Access account, one without Administrative rights. 2) In my HOSTS file, I add the ____puma.com (whatever it switches to) and have it poiint to 127.0.0.1, and in that manner, I prevent it from getting to the puma site and installing new malware. ----- Okay, I am back. Running ComboFix in safe mode under an administrative account fixed it. I needed to disable AVG resident shield and bring down my firewall, but to prevent additional virus activity, I unplugged my internet. AVG still yelped about ComboFix components being viral, but they were not and I ignored the warneds (Allow File To Remain). Google FINALLY works well, but I think, once I buy a 3 terabyte external drive and back up my computer's files, that I will scrub the machine by using a neat Recovery tool shipped with my computewr that restores to factory-condition, and reinstalling what I want. BUT -- ComboFix appears to have worked. YAY TEAM! I am running XP SP3. -------- Further update No love. Google worked briefly, On the next reboot, back to buffpuma.com. Will continue trying and report back if I find success. Dammit anyways. -------- FINAL UPDATE ComboFix worked. It required certain things: Turn off all other virus protection and drop your firewall. Scary stuff. But I did it. I actually removed AVG and Ad-Aware outright, dropped firewall, rebooted in safe mode with networking, unplugged internet until ComboFix needed it. ComboFix wanted me to install Microsoft Recovery tool, so I plugged internet back in, let it update, and unplugged when it was done. Then ComboFix ran again, and guess what it found? KERNAL32.DLL was infected in Windows/System32. Hey guys.... that is an IMPORTANT file,....it restored an uninfected copy from the Microsoft Recovery, and now this *^[email protected]^ virus or rootkit is DEAD. ALL HAIL COMBOFIX!!!!! ------------------------------------- DEFINITE LAST UPDATE Fail. Back to the BS on reboot. Nothing is working, Kapersky in safe mode, even TDKKiller in safe more, ComboFix in safe mode. NOTHING. Going to wipe of everything and factory restore. If it still happens, like this one dude has happened in a post two below mine, then I'm figuring .40 caliber rounds to the CPU should fix it for good. No seriously I think I read something about this bad boy lurking all the way in your router, if you have one. I will power that down or flash that bios before I restore, just in case. This is the toughest rootkit I have EVER experienced. ------------------------- I LIED THAT THE ABOVE WAS MY :AST UPDATE 2/15/2012: I had to factory-reimage the machine AND factory-reset the router. This SOB burrows into your router too. Be sure to do the following: - Set up two accounts, one for internet surfing that is limited-access, and one for administration functions, that is password protected. - When you set up your router again, CHANGE THE DEFAULT router login password and set your WIFI to one of the encrytion standards, with password protection there too. - Reboot in safe mode and change your Administrator password, it is defaulted to blank.
I am also having this problem but it's not just Google it's all search engines and some links on normal sites as well. I have to manually put an address in the bar or I am redirected to this Upsalepoint.com in the same manner. However, after "jumping" there I get redirected to these other sites as well: www.strikingoffers.com /-=-/ www.ave99.com /-=-/ nbaok.net /-=-/ ect.. This is some kind of adware but nothing seems to be detecting it.
I've been experiencing the same thing. What's the fix for Windows 7? TDSSKiller worked like a champ. After running TDSsKiller and rebooting, Norton found the risks, but didn't previously. Weird. Superantispyware and Malwarebytes AntiMalware both found it but couldn't fully fix it. Only TDS did the complete job.
Check for malware, use free of malwarebytes, get it here, click blue free download button. http://www.malwarebytes.org/mbam.php ~
I have had this problem for about 2 weeks. I have tried EVERYTHING! Including System Restore and returning my computer to factory condition. I Completely wiped everything. After I set my computer back up and opened Google it still happened. I didn't download anything. I setup the computer and my modem and went straight to Google. I don't know what I can do to get rid of this if that didn't work... ***EDIT**** TDSSKILLER IS AWESOME!!!!! It worked perfectly and easy!!!! http://support.kaspersky.com/downloads/utils/tdsskiller.zip
That sounds like a browser hijacker. There are never any guarantees in malware fighting, but here's my best shot at a generic removal procedure: First, boot into Safe Mode With Networking. (See below for details.) That sometimes keeps malware from protecting itself. Then, if you have an anti-virus, make sure it has the latest virus definitions and run a full scan with it. If you don’t have one, many people here swear by Malwarebytes (it’s free). I suggest you also download Ad-Aware Free and Spybot S&D (they’re free), install them, update them and run full scans with them in Safe Mode With Networking. Also, turn off System Restore to evict any copies of bad stuff that might be lurking there. To get into Safe Mode with Networking: 1. Log out and reboot your machine. 2. When the machine starts the reboot sequence, press the F8 key repeatedly. 3. Select Safe Mode with Networking from the resulting menu. 4. Login. If the malware has changed your password, try logging in as Administrator. By default, Administrator has no password. 5. The machine will continue booting, but the Windows desktop will look different. 6. When you're finished doing what you need to do, log out and reboot back into normal mode. Another trick that may enable anti-malware and/or its installer program to sneak past the malware is to change the name of the anti-malware program itself. The names of the files and their locations differ between anti-malware programs, but the procedure is always the same: 1. In Windows Explorer, find the folder with the anti-malware. 2. Change the name of the program (it always ends with a .exe) to virtually anything else, but keep the “.exe” part. 3. Run that. Note that even if the anti-malware programs get rid of the malware, they may not be able to reverse the effects. Search the Web for possible fixes. Update and run full scans regularly, not just when you think you already have malware. Good luck. Note: There ARE free versions of these reputable programs on the websites listed. They just may not be obvious. Ad-Aware Free (free): http://www.lavasoftusa.com/ Spybot S & D (free): http://www.spybot.com/ MalwareBytes (free) http://www.malwarebytes.org/ (If the program doesn’t run, changing its filename from mbam.exe to something else ending in .exe has sometimes proven effective.) AVG anti-virus (free): http://free.grisoft.com/doc/2/lng/us/tpl/v5/ Avast! (free): http://www.avast.com/ Kaspersky (free trial) (Seems to dislike installing on any machine with just about any other decent anti-malware, including some firewalls.): http://usa.kaspersky.com/downloads/
If you have your own answer to the question Google/ig and Youtube not working, also Google URL links?, then you can write your own version, using the form below for an extended answer.