Remove Virus Which Redirects to go.google.com | go.google.com Redirect Virus Removal tool for Windows

MALWAREbytes anti-malware solved it 4 me

MALWAREbytes anti-malware solved it for me too, until I rebooted again…. then the shit came right back. Ugh. This is coupled with VUNDO which is *THE* worst malware EVER. I cannot get rid of this and think I’m going to have to resort to just formatting. I hope this program works.

I can’t Launch any anti virus softwares, I think the virus blocked it. Malwarebytes’ Anti-Malware and XoftSpySE doesn’t launch. please help

I can’t launch Malwarebytes either like Palmera said.

Any help? It says it’s running in Task Manager -> Processes, but it won’t show on screen.

Thanks.

XP Removal tool gets stuck during installation. Well, no help here..

Google Spyware Doctor found some issues but not all.

Installation finely completed but the tool won’t run.

Malwarebytes’ Anti-Malware is recommended but it won’t start either. This virus is very smart. It blocks certain URLs, redirect Google results, and prevents certain programs from running.

@Peter, @Rob, @Palmera,
Hi, guys - The post has been updated with a link to another tool to remove the go.google.com virus

I have both on my computer and cant run either….help

Hey all, I have this same virus, stupid thing is sooooo tricky!!!! Won’t let me run the programs you listed, Malwarebytes program won’t install and the go.google removal program (XoftSpySE) will install but won’t run, I’ve tried everything!!!! Pleasssssseeeee help, this is getting to be sooo frusterating.

Also certain websites won’t even load, like trendmicro’s housecall, and bleepingcomputer.com (tried on my GFs computer and it works fine, not on mine though).

Also my programs won’t update, antivirus won’t, spyware won’t, its like this thing is one step ahead of me!!!

Please help!!!!!

Exactly the same as me so any help would be grately appreciated.

I have tried to copy to CD Malware bytes from my desktop to run on the laptop but it fails and wont copy so i cant even do that now!!

Im at the end of my tether

Has anyone come up with a solution? I can’t get MBA-M or Xoft to run…

I’ve searched the web up and down for the past 2 days with no avail. Tried everything imaginable just can’t figure it out.

Curse this wretched virus! Someone knew what they were doing when they made this sucker!

jclayart:
No joke!! Whatever you do, don’t download Cyber Defender. It ran a scan, but in order to go any further I would have to have subscribed ($20 or so), but it messed up my toolbars and search bars…It got ugly, but uninstalling it from my control panel fixed it. Have you tried the STOPZilla?

I’m in the same boat guys. I’ve tried running the following programs in safe mode and regular mode:

AVG - can’t update definitions, blocked by this virus
McAfee - same, can’t update DAT files
Ad-aware - nothing found
Spybot Search + Destroy - can’t update, download includes via other PC, applied them manually, no threats found
Hitman Pro 3 - found and fixed 1 threat, but did not solve problem
Hijack This! - exe won’t run
Super Anti Spyware - exe crashes when run

I’ve spent hours on this - freakin spammers and hackers deserve to burn in the fires of hell.

Anyone else have luck purging this thing??

Eric

Same problem happening to me. Can’t search bleepingcomputer or techguy forums as go.google redirects. Can’t access support.microsoft.com either.

I’ve run SmitFraudFix & Combofix both in Safe Mode and rebooted with no luck. Seems like it went away but a day later here I am again and Malwarebytes won’t run for me either.

Best of luck to everyone

Chuck

I spent a good 10 hours on this over the course of a week. Trojan Remover finally worked. It found a backdoor file with TDSS in the name. It stopped the file upon restart and it solved the problem. That is one tough virus.

After manually updating and running SpyBot S&D, it found it (i think..) It referred to “Microsoft.Windows.RedirectedHosts” which sounds exactly like what we’re after. It found 2 entries then my screen suddenly went black. Are the files smart? Did they know they were found and triggered this? I don’t know, but i force shut down in case something bad was happening. Now trying SpyBot in safe mode. still scanning…

It found them again, 4 entries this time. Screen went black again even though I’m in safe mode. Grr. I’m gonna just wait and see what happens. This sucks.

Oh man, I’m such an idiot, hahaha. I’m so paranoid about this bug that I freaked out over the SCREEN SAVER starting, haha.. Yeah, the files don’t turn the screen black, i’m just a retard.

Browser redirects to go.google/go.yahoo/go.msn

Symptoms: Slow internet search, text fonts in Google are bigger than normal, redirected to go.google/go.yahoo/go.msn and then on to advertisements after clicking on links on Google page, unable to download any anti-spyware downloads, unable to download Microsoft’s malware program (says page is unavailable), unable to go to many trouble-shooting help forums and download pages (says pages are unavailable or that there is no internet connection), Malwarebytes and other malware programs will not run (they freeze up during the install)

After fighting with this for 2 days, I finally found the following solution posted (worked on 11/16/08):

Go to http://www.freedrweb.com/cureit/ for free (you will have to do this on another computer, because the malware will not let you do it on the infected computer), download the program on a jump drive, and then run on the infected computer.

It worked for me, my computer is back to normal (after cureit deleted a tdssxxom file in Windows/System32/drivers)!!!

To whomever posted the solution originally, thank you!!!!

Go to Start > Control Panel > System > Hardware > Device Manager > View > Show Hidden Devices.

Scroll down to “Non-plug and Play Drivers” and click the plus icon to open those drivers.

Then search for “TDSSserv.sys”

Right click on it, and select “Disable”

Note: If you select Uninstall, it will install itself again when you reboot the system, so DON’T select Uninstall.

Restart your pc.

You can now update your Antirus/Malware/Rootkit softwares and the go.google rubbish will stop.

Its now up to the Anti-Virus/Malware/Spyware companies to make an effort to stop this, and not rely on simple basic home PC user’s like myself to save the world

In simple terms, TDSSserv.sys is a service/server redirecting all software updates to 127.0.0.1 (your own computer) so they won’t update.

To get the programs to run, just rename the exe file…the virus is preventing them to run. Just rename Malwarebytes and it will run.

Keith’s right. I just renamed the .exe file, and it was no longer blocked.

By far the easiest and simplest option.

awesome from BOMP!
i think i will get it corrected now
mike

Thank you Bomb…you saved me there. I did everything except your instructions and after everything just clicked. Awesome…..

Bomp - Thanks so much

Dear Mr. Bomp:

You are awesome!!!! Thank you! Thank you! Thank you! Many hours and attempts with many virus or rootkit fixes did nothing. But you, you did it, man. Did I say thanks? Thanks!!!!

WOW, THANK YOU!! Keith’s suggestion did the trick for me in renaming the Malwarebytes setup file so that it would actually install. I couldn’t install any anti-virus program because this thing recognized all of them until I tried the rename. I did manage to get rid of the Antivirus2008 malware popup with the free program Avira Antivirus which for some reason loaded while being infected. Malwarebytes did the rest and everything seems back to normal.

You are a God !!!

I spent some 2 hours to try to clean the computer of a friend. Malwarebytes that i use to remove spywares on all computers can’t open. Same thing for other popular anti spywares.

I tried the last solution (disable TDSSserv.sys) and it worked. I was able to update again Malwarebytes and run it. It found the virus and removed them.

Many many thanks

Thanks bro, you just made my day - this worked perfectly. After losing a hard drive on my laptop and getting my gf’s laptop infected with this virus in the last 3 days, I was about to lose my mind and spend $300 to take the machine to Geek Squad. The system had to recover from a serious error and it scared the crap out of me. I even had to dig out my 5 year old Compaq PC just to get internet access.

Thank you, thank you, thank you, thank you.

Everyone should kiss this mofo’s feet.

Bomp i realy want to thank you for your post, also I want to thank Rohit for making this thread, without you guys I still would have had this virus on my laptop.
Thank so much =D

What a pain!!! After seeing that someone else had success with Trojan Remover, I gave it a try and VOILA it was gone. Thank you so much for the help!