Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Google Redirect Virus

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Google Redirect Virus

Unread postby Gary R » March 20th, 2013, 11:23 am

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:Files
C:\Users\Michael Gugluizza\AppData\Roaming\lxcydrsj.dll

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

I'm not convinced the other detection is necessarily a valid one, do you know what this file is ?

C:\Mike\Marinette Marine\Projects\3_Completed Projects\1074 - DC Office\IT Services and Support\SysArc\SysArc Fincantieri_Marine_09-24-10_.pdf


If it's something you know, then let me know.

If you don't know what it is then we can either delete it, or we can check it for infection with a number of other scanners and ascertain what kind of risk it is to your system.

To do that ....

C:\Mike\Marinette Marine\Projects\3_Completed Projects\1074 - DC Office\IT Services and Support\SysArc\SysArc Fincantieri_Marine_09-24-10_.pdf

  • Browse to the file in the quote box above.
  • Click Send/Submit, and the file will upload to VirusTotal/Jotti, where it will be scanned by several anti-virus programmes.
  • After a while, a window will open, with details of what the scans found.
  • Note details of any viruses found.
  • Post me the details please.

Run a few searches with Google, and let me know if you're still being redirected.




.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: Google Redirect Virus

Unread postby gugluizza » March 20th, 2013, 3:22 pm

Below is the log file from OTL

========== FILES ==========
C:\Users\Michael Gugluizza\AppData\Roaming\lxcydrsj.dll moved successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 03202013_141829

The other file that was identified above from the ESET scan is a pdf file, which I have since deleted as it is no longer needed. I believe we can dismiss that as a continuing virus / issue.

I ran several searches in Google and all looks well!
gugluizza
Regular Member
 
Posts: 37
Joined: June 15th, 2008, 11:37 pm

Re: Google Redirect Virus

Unread postby Gary R » March 20th, 2013, 6:02 pm

OK, looks like we've taken care of everything that's shown in any of the scans we've run, time for a little housekeeping and then we're done.

First

Let's clear out OTL and the files and folders it created. This will also remove TDSSKiller, and SystemLook.
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

Next

Please delete ...

JRT.exe
JRT.txt


Next

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Tweaking.com Registry Backup


As far as I can see, your computer looks clear of infection now.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

If your computer is running slowly after your clean up, please read.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Google Redirect Virus

Unread postby gugluizza » March 21st, 2013, 8:26 am

I have completed all sets above, including removing the scan tools identified. However, each time I re-start my PC, I encounter the following error message:

There was a problem starting C:\Users\MichaelGugluizza\AppData\Roaming\lxcydrsj.dll

The specific module could not be found


I tried to find that specific file on my C drive, but I don't have an AppData folder in that path location.

How do I get rid of this error message?
gugluizza
Regular Member
 
Posts: 37
Joined: June 15th, 2008, 11:37 pm

Re: Google Redirect Virus

Unread postby Gary R » March 21st, 2013, 9:58 am

The file is no longer present, however there's a setting in your Registry that's trying to call it. Since you still have HijackThis on your computer, please do the following ....

Run a scan with HJT and when finished check the following item (if found).

O4 - HKCU\..\Run: [Sqaok] rundll32 "C:\Users\Michael Gugluizza\AppData\Roaming\lxcydrsj.dll",vllwzdf

Now close all open windows and click Fix Checked to remove it.

Now re-boot your computer and let me know if the problem still persists.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Google Redirect Virus

Unread postby Gary R » March 25th, 2013, 1:06 pm

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 109 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware