What is Gumblar?
According to the IBM Internet Security Systems website, Gumblar is a botnet that infects traditionally non malicious web servers so as to infect the computers of users who have visited infected websites. Gumblar computer virus attacks PCs through vulnerabilities in some versions of the Adobe’s PDF reader and Flash player software.
Google Redirect and Gumblar Virus
Once it infects a PC, the gumblar virus silently redirects the victim’s google search results to websites that injects malwares. Reportedly, the gumblar virus targets google users and the updated version is said to have been tweaked to more efficiently infect users of the Google Chrome browser.
Gumblar Detection: Are You Infected?
Detection of the gumblar malware may be done by identifying malicious scripts. Web pages that are infected by the gumblar PC virus have a script that looks like this:
Infected websites have their own modification of the script but these modifications have common parts that can be identified as the gumblar . cn script. Read this post for more information on Gumblar symptoms. You may also want to check your website using this site:
How to Avoid Gumblar
US-CERT has already issued a statement about the Gumblar malware and encourages users to use updated software and antivirus programs.
Gumblar Removal : How to Remove Gumblar
Unmaskparasites.com provides gumblar remove instructions and recommends scanning for spyware using programs such as the malware removal tool Malware Bytes. Remove all the malicious codes that have been installed in the server files (.html, .php, .js, etc.) and change FTP passwords in a clean computer. Read this article for a more detailed instruction.
For more information on Gumblar virus removal and detection, visit these gumblar removal articles and references:
http://blog.scansafe.com/
http://www.iss.net/threats/gumblar.html
http://www.guardian.co.uk/technology/2009/may/22/gumblar-google-malware
http://www.cbsnews.com/stories/2009/05/29/tech/cnettechnews/main5047992.shtml?source=RSSattr=SciTech_5047992
Related posts:
- Google Redirect Virus Removal Google redirecting If your computer is having issues with google search redirect, chances are you get what many refer to as the google redirect virus aka google virus. If you are looking for information on how to fix google redirect virus, this article on google redirect removal will provide you the information that you need to [...]...
February 7th, 2010 at 6:11 am
I just recently purchased a software program that will protect and eradicate this virus while restoring your infected files to their original state. You can see a video on it at:
http://webserverguardian.com/?e=KarlHummel
I hope this is helpful!
February 7th, 2010 at 12:28 am
Hi can any one help with the following
my pc boots into windows but from there on it wont run any aplications or programes
it also can get to the choices of open in safe mode etc screen but wont go from the normally mode to any of the other modes
I have tried to data wipe the hard drive and clean instal windows but the pc wont run the data wipe pro programe from the disc
I also have another pc that will not recognize the hdd
or if it does it says make stand alone drive into primary
I have tried changing the cable connections and going into bios and none of this works
any help will be gratefully received
AndyJ
December 26th, 2009 at 2:52 am
I have been hit hard, namely my PC.
I posted some info here:
http://blog.itadapter.com/2009/12/gumblaroid-virus.html
Neither of AV programs could detect anything.
I ended up restoring whole disc from image, could not get rid of it otherwise,
looks like they inject a JS with *.MHT file link that opens up IE that then sucks ActiveX