January 4th, 2009 by Andy Didyk
There is a particularly nasty virus out there that is very new, and so there isn’t a lot out there that has been written about it. I just wasted my entire Sunday trying to clear our home computer of it, and I finally think I’ve found a solution, so I thought I would post it here. My symptoms were that whenever I would search for anything in Google, MSN, or Yahoo, the results would appear as normal, except that all of the links were redirected to bogus spam sites.
As it turns out, I had some sort of Trojan Downloader, which had jumped on the web an infected my system with all kinds of nasty stuff. Most of it was easy to clear with some of my favorite ( and FREE!) antivirus and anti-spyware software (AVG Free, Spybot Search & Destroy, and Zone Alarm).
However, even with the Trojan (which, when you think about it, is a misnomer because the Greeks built the Trojan horse, not the Trojans) was cleared, the search results remained the same. Because this is so new, a lot of the forums online don’t have solutions posted yet. Late this evening some started showing up, so I’ll post the solution that worked for me.
I found it here, amidst some bantering about Linux vs. Mac vs. Windows. Basically, if when your search results are loading you see “18.104.22.168″ in your browser’s status bar, you need to browse to your C:/Windows/system32/wdmaud.sys and delete the file. You still need to run the antivirus programs to get rid of the Trojan that started the problem (and possibly downloaded other goodies on your PC), but deleting this file did the trick for me.
I really hope that helps someone out there, and I’m grateful to all of the altruistic techies out there who work to make the internet a slightly safer place.
Oh, and Happy New Year!
This entry was posted on Sunday, January 4th, 2009 at 10:14 pm and is filed under blogging, misc.. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.