Solved

redirect virus removal help

Posted on 2011-09-23
12
487 Views
Last Modified: 2012-05-12
redirect virus sends my google searches all over the place. does same thing with yahoo. AV anti virus full computer scan does not catch any problem.This means I have almost no internet access. This site says to use TDSSKILLER.exe. I tried to download it but  AV  said IT was a virus and did not permit download. what should I do?
0
Comment
Question by:oliviajones
  • 8
  • 4
12 Comments
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 36588896
You would need to disable the Anti-Virus on the computer and then run the TDSSKiller. Since it is the most preferred tool to remove the Google Redirect.

Though most of the AV should not say it as Virus but there could be false positive.

Recommended readings:

Infected router - Google search redirects even on a clean system
http://www.experts-exchange.com/A_5327.html

“Google Hijack” — Google Search Gets Redirected
http://www.experts-exchange.com/A_3299.html

Sudeep

0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 36588918
Further, it could be the infection it self which is not letting you download it. So one way is to get it on USB device from another computer and run it from USB to the infected computer.

You could also try renaming it to file like "iexplore.exe" and then run it.
0
 

Author Comment

by:oliviajones
ID: 36589425
Downloaded TDSSKILLER.exe to usb stick. Would not even unzip properly from stick on infected computer. Opened and copied exe file on clean computer, transferred to desk top of infected computer. GUI looked like it was working. Report: no threats found.
Now what?
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:oliviajones
ID: 36589465
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 36589506
have you also check the article below:

Infected router - Google search redirects even on a clean system
http://www.experts-exchange.com/A_5327.html

Sudeep

Also suggest you to run MalwareBytes full system scan:


http://www.malwarebytes.org/mbam-download.php

Once finished let us know if you this the issue is still there.

I hope that would help

Sudeep
0
 

Author Comment

by:oliviajones
ID: 36589705
there are 7 computers using this router. only one behaves badly. does this rule out router infection? If you rule it out i will go change router password. i have been lazy lately.....
0
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 500 total points
ID: 36589787
In that case it would not be the router. DId you ran MalwareBytes yet?

In some cases you would need to run Rogue Killer before running MalwareBytes.

Also I believe all the tools mentioned are run in Normal Mode and NOT in safe-mode.

I would also recommend you to go through the articles from Younghv

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

I hope that would help.

Sudeep
0
 

Author Comment

by:oliviajones
ID: 36590163
I am running MalwareBytes as we type. Did not do in safe mode, but I did disable all anti virus and a lot of unrelated junk processes from hp, etc, that run in the background. Should I interrupt the scan and start over? It's on a big drive and it takes forever. Do I have to scan ALL drives, including drives w music only, old files, etc, Or can i scan just the drive w Wondows7 OS? BTW this is a dual boot drive. Old vista OS/drive does not SEEM to be infected. do I need to scan it? we could really change how long these scans take if I leave off some of the HDs attached.
0
 

Author Comment

by:oliviajones
ID: 36590752
Malawarebytes found a trojan in my registry. What do I do now?????
malwarebite-trojan-find.JPG
0
 

Author Comment

by:oliviajones
ID: 36590777
If the picture is small, the threat found is Trojan BHO
0
 

Author Comment

by:oliviajones
ID: 36590792
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7783

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

9/23/2011 8:40:36 PM
malwarebytes mbam-log-2011-09-23 (20-39-03).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|K:\|L:\|)
Objects scanned: 542725
Time elapsed: 1 hour(s), 52 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
0
 

Author Closing Comment

by:oliviajones
ID: 36590817
suggestion of using Malwarebytes found virus. so now I have a new question
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Info tools for social network surveillance 12 122
PUP or Virus 6 78
antispam / virus gateway 5 65
"k" and "i" wont work in a dell lap top 5 40
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question