Geeks With Blogs

News Copyright © 2008-2013 Paula DiTallo
Ask Paula! ...bringing you notes from the field...

The "scour" or Rootkit.Win32.TDSS virus has a long history which can be found here: http://en.wikipedia.org/wiki/Scour

Here is the primary symptom: after searching for something in your web browser using google, one of the results that you click on redirects you to scour.com.

If you've executed ClamWin, Malwarebytes, McAfee, Norton, etc. to find and isolate the virus without any luck--this isn't really a surprise, since this virus attaches to existing system drivers.

I only know of one reliable package that will remove this without ill effects--like adding new spyware. This package is called TDSSKiller. I have seen multiple websites that claim to have this software available, but the one that I know is reliable is located here:

http://support.kaspersky.com/viruses/solutions?qid=208280684

Once you go to Kaspersky's tech support site, the TDSSKiller zip file is available for downloading.

When you execute this software, you will be able to "cure" or repair the infected driver. Remember to jot down the name of the driver for future reference--should you need to reinstall the driver from a "same-as" working computer, or your install disk if the repair is ineffective. The driver that happened to get infected on my computer was the tcpip.sys driver. This caused my win sockets to loose their ip addresses. In most other instances, less critical drivers such as HDAudBus.sys are infected. In my case, I was not through correcting my computer problems until I corrected the broken WinSock issue and loaded an earlier version of the tcpip.sys driver from: C:\WINDOWS\ServicePackFiles\i386 which I placed in: C:\WINDOWS\system32\drivers

Don't forget to reboot your computer after your repair!

Once you download TDSSKiller and cure/repair your infected driver(s), the redirect on google searches should disappear .

Posted on Wednesday, June 29, 2011 7:58 PM Malware, Viruses, SpyWare | Back to top


Comments on this post: Why does my browser take me to Scour.com? (redirect virus)

# re: Why does my browser take me to Scour.com? (redirect virus)
Requesting Gravatar...
Yep, that TDSS killer worked awesome, I was getting so tired of scour.com, I was about to throw my laptop out the window
Left by Cash on Jul 07, 2011 10:12 PM

# re: Why does my browser take me to Scour.com? (redirect virus)
Requesting Gravatar...
I'm glad tdss killer worked out for you.
Left by plditallo on Jul 08, 2011 9:20 AM

# re: Why does my browser take me to Scour.com? (redirect virus)
Requesting Gravatar...
Thanks! this finally worked after trying many other things :)
Left by Alice on Oct 02, 2011 1:24 AM

# re: Why does my browser take me to Scour.com? (redirect virus)
Requesting Gravatar...
Nothing found...still on the trail to find a solution.
Left by Paula Thornton on Aug 02, 2012 9:19 AM

# re: Why does my browser take me to Scour.com? (redirect virus)
Requesting Gravatar...
oh my gosh thank you so much! Total life saver!
Left by Phi on Aug 26, 2012 11:41 AM

# re: Why does my browser take me to Scour.com? (redirect virus)
Requesting Gravatar...
It did not find the Scour.com malware, even though I get redirected there constantly. But I thank you for your dedication in defeating these problems. If you have any ideas let me know, this computer is basically ruined without being able to use search. Thanks, Dan
Left by Dan on Oct 26, 2012 11:03 PM

Your comment:
 (will show your gravatar)
 


Copyright © Paula DiTallo | Powered by: GeeksWithBlogs.net | Join free