Redirect Virus In Bitdefender Vsserv.exe File?
In mid-August, Bitdefender stopped updating itself. I had to re-download and reinstall the program. Since then, I've had a redirect virus in IE whenever I do a Google search or Bing search. I've cleaned out everything and followed every online suggestion (Malware, WinPatrol, Hijackthis, SpyDoctor, etc.) and I've narrowed the problem down to c:\programfiles\bitdefender\bitdefender 2009\vsserv.exe When I kill this program in WinPatrol, the redirect problem goes away. Winpatrol says the company name for vsserv.exe is BitDefender S. R. L., which matches other BitDefender active tasks, although some are listed just as Bitdefender, others are listed as BitDefender SRL, and others are listed as BitDefender S. R. L. WinPatrol says vsserv.exe is a safe file:
Vsserv.exe is the virus scanning service for both Bitdefender and Bullguard Antivirus from Softwin. It installs with their antivirus and firewall programs. Xcommsvr.exe runs in the background as a service whenever you have Bullguard enabled. On most systems, this means that the file will be running all the time. We'd recommend leaving this file in place.
I'm sure whatever creepy virus I have wants the virus scanning service shut down. I'd rather leave it running. But I'm also sick to death of having to click on a search result, click the search button again, and then click again on the search result. Ugh. Often, the redirect first stops at http://www.cs102175.com/click.php?s=1&...355&pub=159 And occasionally I get a popup that looks like it's from Microsoft (see attached file) that says Your browser is under the threat of infection...blah, blah, blah. It comes up on sites that I know for certain are safe, and I doubt this has anything to do with Microsoft.
Any help would be appreciated!!
Comments
-
To check specific files for infection use virustotal service ,upload the files and wait for results.
I doubt vsserv.exe is malware ,99% is just a false positive from that scanner.
You can try aditional free antispyware programs like MalwareBytes Antimalware , Spyware Terminator , SuperAntiSpyware ,AdAware free or SpyBot Search & Distroy.
If you are in a LAN network and the network is infected the redirects may continue untill you clean all computers ,it really depends on what kind of malware makes you unhappy.
If any of the programs mentioned up do find something you can upload the suspect files ( archived with pass infected) on a free file hosting service then post a link here for some virus researcher to look over.0