Does this scenario sound familiar? “Every time you do a search and click on a results link, you end up on some random page, even though the link shows you should be going elsewhere. This “browser redirection” problem is affecting Google, Yahoo and other search engines and is caused by a multi-faceted threat called TDSS or Tidserv.
TDSS or Tidserv is designed to redirect search results to other links and infected web pages so you end up visiting web sites associated with the threat’s authors, but that’s just the most visible effect. According to Symantec it hides itself using advanced rootkit technology, displays advertisements, and opens a back door that further compromises the affected system’s security.
Symantec reports that this Trojan is designed specifically to make money. It generates web traffic, collects sales leads for other dubious sites, and tries to fool the victim into paying for useless software. If those tricks don’t work it can kick up the threat level by downloading additional malicious or misleading programs.
Threats like this one, once they get past normal security precautions, are usually very difficult to remove. If you click on a search link and it goes to the wrong place once, that might be a fluke. If it happens multiple times you’ve got a problem. Update your antivirus and run a full scan, seek a threat-specific removal tool online like Kaspersky’s TDSSKiller.
You can download the program here.
http://support.kaspersky.com/faq/?qid=208283363
The main reason, we’re talking about this problem today is lately we’ve received some emails from unknown senders offering to “help” fix this problem for free. The subject line of the email is usually something like “Remove The Google Redirect Virus Instantly” and below is the text from one of the actual emails:
—————————————————————————————
From: wowdealz@googlegroups.com [mailto:wowdealz@googlegroups.com] On Behalf Of Google redirect fix
Sent: Monday, November 05, 2012 9:50 AM
To: wowdealz@googlegroups.com
Subject: Remove The Google Redirect Virus Instantly
hi internet user
Do you know that:
The Google / Search redirect virus is one of the most common viruses
of 2010, 2011 & 2012, infecting millions of computers around the World.
Designed by expert hackers, it is highly annoying and will continually redirect your web searches to fake or dangerous websites.
The main reason why this virus is is one of the most damaging is that it cannot be removed with traditional antivirus programs.
Instead, you need to use special methods or tools to get rid of it, which have remained a mystery until now.
FixRedirectVirus is the solution to remove the search redirect virus from your PC.
Created by a computer technician with over 10 years experience, this working method removes the virus at its core –
removing the infection from your PC & preventing it from returning.
My simple program will explain exactly what the virus is and will then remove it automatically for you.
Now!
What Is The Google Redirect Virus& Why Is It So Difficult To Remove?
>>>>>> Click here
—————————————————————————————————-
I know we’ve talked about these types of emails in the past but sometimes people forget or just believe that there are friendly people out there just lining up to help them fix all their computer problems for free –
I’ve removed the links from this email for your safety but if you clicked them they would take you to a web page with additional links to click and download their program that will clean your computer for free. The file that you would download is a “zipped” file that you would need to download and double click to “extract” – nuff said…..
Don’t EVER trust your computers security to an unknown person offering to fix it for free… I did a quick Google search on “how to fix Google redirect” and came away with hundreds of sites and links with all sorts of potentially harmful fixes, downloads and links that take you to an infected webpage causing the exact problem you are trying to fix. My quickie search result showed 2,610.000 webpages found.
If you do attempt to fix problems like this on your own, visit legitimate business websites like Kaspersky or Symantec and search for their removal tools and instructions. Remember, even some legitimate looking webpages may not be all they pretend to be.