Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
12787 Views 3 Replies Latest reply: Jul 21, 2010 3:25 AM by spywatching RSS
Newcomer 1 posts since
Apr 5, 2009
Currently Being Moderated

Apr 6, 2009 11:54 AM

google redirect virus (and others)

Hi, I was surfing the web a couple of days ago and have somehow completely infested myself with several viruses, one of which seems to be the nasty Google redirect virus. I immediately ran a McAfee scan and Malwarebytes scan and removed several infected files. However one of them seems to have been my winlogon.exe file and now when I log in (I currently have Windows XP) the welcome screen is no longer there and the logon funciton is the classic 'ctrl+alt+del' against a black screen.

Also, my USB ports don't seem to be working properly. I can plug in my USB and the C will make that sound to acknowledge its presence, however when I try to acess the files on my USB through 'My Computer' there is no 'removable disk' folder!!

Have run several scans unfortunately to no avail. Am tearing out my hair here for some guidance and help to exterminate this virus!!
  • paullotion Apprentice 8,078 posts since
    Apr 13, 2006
    Currently Being Moderated
    1. Apr 6, 2009 4:16 PM (in response to vi25)
    RE: google redirect virus (and others)


    However one of them seems to have been my winlogon.exe

    If it removed the system32 version of winlogon then it is not surprising that you cannot log in. Do you have your windows xp disc?

    The Black Bear

    *Important News for BT/TalkTalk customers*

    BT/TalkTalk dump Phorm spyware, for more information see this article Here , also visit the NODPI website for much more information relating to DPI.
  • Newcomer 6 posts since
    May 26, 2005
    Currently Being Moderated
    2. Jul 22, 2009 11:57 AM (in response to paullotion)
    RE: google redirect virus (and others)
    Usually a file wdmaud.sys may be a common cause of Google Result Redirection, if it is in C:\Windows\System32 directory.
    There is another, good one wdmaud.sys file and it is located in C:\Windows\System32\Drivers directory.

    If you simply delete this file, the problem goes away, but will come back in several hours.

    Try MalwareBytes to remove Google Redirect virus
  • spywatching Newcomer 1 posts since
    Jul 21, 2010
    Currently Being Moderated
    3. Jul 21, 2010 3:25 AM (in response to spywatcher)
    Re: RE: google redirect virus (and others)

    Google redirect virus tend to infect the driver files in computer and there is no definitive answer to this problem. in my case, atapi.sys file was infected and as soon as the infection was killed using tdss killer, my search results stop redirecting. Also check dns settings, proxy and host file.  This virus is now spreading in new ways and my all antivirus software failed to detect it. I was able to follow this Google Redirect Virus Removal method and got rid of the problem.


    I'm willing to buy mcafee If it can deal with such problems. can anybody confirm this for me?

More Like This

  • Retrieving data ...

Bookmarked By (0)