My computer has Google redirect virus. Does BitDefender clean Google redirect virus automatically? Or do we need to do it manually?
Are you using FireFox?
If so, please check to see if XULCache was installed, this was a Google Redirector that I caught a few months ago.
With FireFox open, press Ctrl-Shift-A and see if XULCache is in your Extensions. If it is, disable it.
I am using FireFox but I don't have XULCache.
Hello
Please tell me what version of Bitdefender are you using? I need this so I ca post here further instructions.
Have a great weekend!
Hello Please tell me what version of Bitdefender are you using? I need this so I ca post here further instructions. Have a great weekend!
Hello,
My Bit Defender version is Internet Security 2012 on win7/64 bit OS Service Pack 1. Asus laptop 4GB RAM/ Core2 Quad.
Google image search redirect me to some p0rn pages.
And there is no link safety information on google search page. However the information is present on this forum page for example. I think it affects google search page only.
Thank you very much.
If you are using Mozilla Firefox or Google Chrome, please uninstall all the extensions and reboot your PC.
Install your favorite extensions/add-on from the official store:
https://chrome.google.com/webstore/category/extensions
https://addons.mozilla.org/en-US/firefox/
Reboot and follow these instructions:
[how to GENERATE A BDSYS LOG]
. Save and extract the BDSYS tool to a location of your choice:
http://www.bitdefender.com/files/Knowledge.../BDSysLog_i.exe
. Make sure you close all active applications and then run "BDSysLog_i.exe"; If you receive a firewall alert,select to Allow the application to connect;
. Click the "Create log" button to start generating the log; A progress bar is indicating that the tool is creating the report;
. When the small window appears with the message "Log saved" then the report is complete and a new file named "bdsyslog.zip" has appeared on your Desktop;
. Upload that file on
http://www.sendspace.com
or
http://www.mediafire.com
and send me a PM with the download link.
If you were already asked to generate the log file, disregard the message above and just post the ticket ID.
IMPORTANT:
.During this process the Real Time Protection in Bitdefender must be temporarily disabled;
.If you receive a Bitdefender Firewall alert to inform you that BDSysLog_i.exe tries to connect to the internet,then you need to select Allow;
[how to DISABLE THE ANTIVIRUS PROTECTION in Bitdefender 2012]
In order to disable the antivirus protection, please open Bitdefender and click the "Settings" button in the upper side part of the interface"; In the new window go to "Antivirus" > "Shield" tab and click on "ON" under On-access scanning. Select the time interval that suites your troubleshooting needs and click "OK". The On-access scanning should be enabled back after finishing the troubleshooting procedure.
We will get back to you as soon as the analysis is complete.
Have a nice day!
I have sent the logs to the labs and I will get back to you with an answer.
Thank you!
We couldn't find anything suspicious in the logs.
Please reset your hosts file to default:
http://support.microsoft.com/kb/972034
Also, make sure that you don't have a proxy set for your current internet connection:
http://www.plus.net/support/software/browsers/proxies.shtml
Let me know if everything is OK after the first restart.
Take care.
There is no IP mapping to host names in my host file like MicroSoft's default file. These days no IP forwarding to p0rn pages has happened though. I don't know why.
However there is no link safety information in google search pages. You can see in picture-1. The information exist in Yahoo search pages (picture-2) . Actually all the web pages has link safety information except google search pages.
Under Settings->Privacy do you have Scan SSL turned on?
In order to be able to properly identify the causes for the reported situation and find a solution we will need to investigate a bit deeper.
Please follow the steps below and send us the result:
a ) Go to this page
http://technet.microsoft.com/en-us/sysinte...s/bb963902.aspx and download the autoruns file.
b ) Extract the contents of the downloaded file and run the 'autoruns.exe' file;
c ) Wait for the list to be filled with all the processes and then make sure that you have the Everything tab selected in the upper part;
d ) Click on the Disk icon right under File and chose any location folder on your computer;
e ) Save the file with a specific name (your name, computer name, a random name, which one you want) and then send me a PM with it.
If the file is too big to attach it, upload it on
We will analyze the information you sent and then reply with a possible solution in the shortest time.
Have a nice day.
Yes it worked. The link safety information is back. However I did not close it. I haven't known that there was such an option until now. Maybe virus did it. Because of this reason I will send the further information you asked.
What can you tell me about this toolbar?
TTNET Arac Cubugu IE Toolbar Engine c:\program files (x86)\ttnet arac cubugu\tbcore3.dll
Also, do you use something from SupportSoft, Inc. c:\program files (x86)\ncnetworksdm\bin\tgsrvc.exe ?
If not, we recommend you to remove both and reboot the PC.
What can you tell me about this toolbar?TTNET Arac Cubugu IE Toolbar Engine c:\program files (x86)\ttnet arac cubugu\tbcore3.dll
It is my previous internet service provider. I forgot to remove the d@mn thing since I dont use IE much. Now, I have removed it.
Also, do you use something from SupportSoft, Inc. c:\program files (x86)\ncnetworksdm\bin\tgsrvc.exe ?If not, we recommend you to remove both and reboot the PC.
I don't know about SupportSoft. I have removed it too.
Hello What can you tell me about this toolbar? TTNET Arac Cubugu IE Toolbar Engine c:\program files (x86)\ttnet arac cubugu\tbcore3.dll Also, do you use something from SupportSoft, Inc. c:\program files (x86)\ncnetworksdm\bin\tgsrvc.exe ? If not, we recommend you to remove both and reboot the PC. Thank you!
So you think the virus was nested in c:\program files (x86)\ncnetworksdm\bin\tgsrvc.exe ?
Possibly, do you still encounter any issues?
Hello Possibly, do you still encounter any issues? Thank you!
Okey, but is it so simple to uninstall a virus? Bitdefender didn't detect it and its scan option was changed by virus. Can I trust the machine or should I consider formatting it?
Yes, you can trusted. We didn't find anything suspicious in the logs.
Actually, the active part was removed by Bitdefender, we only needed to clean the leftovers.
Let me know if you still encounter any issues.
Hello Yes, you can trusted. We didn't find anything suspicious in the logs. Actually, the active part was removed by Bitdefender, we only needed to clean the leftovers. Let me know if you still encounter any issues. Have a great weekend!
I didn't know that. Thank you very much for the information.
Meanwhile, I am not encountering any issues. Just wanted to be sure.
Hi
Thank you very much for your feedback!
I declare this case resolved.
Should you need any further assistance, please do not hesitate to contact us.
Have a great day!
