Solved

redirect virus removal help

Posted on 2011-09-23
12
469 Views
Last Modified: 2012-05-12
redirect virus sends my google searches all over the place. does same thing with yahoo. AV anti virus full computer scan does not catch any problem.This means I have almost no internet access. This site says to use TDSSKILLER.exe. I tried to download it but  AV  said IT was a virus and did not permit download. what should I do?
0
Comment
Question by:oliviajones
  • 8
  • 4
12 Comments
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 36588896
You would need to disable the Anti-Virus on the computer and then run the TDSSKiller. Since it is the most preferred tool to remove the Google Redirect.

Though most of the AV should not say it as Virus but there could be false positive.

Recommended readings:

Infected router - Google search redirects even on a clean system
http://www.experts-exchange.com/A_5327.html

“Google Hijack” — Google Search Gets Redirected
http://www.experts-exchange.com/A_3299.html

Sudeep

0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 36588918
Further, it could be the infection it self which is not letting you download it. So one way is to get it on USB device from another computer and run it from USB to the infected computer.

You could also try renaming it to file like "iexplore.exe" and then run it.
0
 

Author Comment

by:oliviajones
ID: 36589425
Downloaded TDSSKILLER.exe to usb stick. Would not even unzip properly from stick on infected computer. Opened and copied exe file on clean computer, transferred to desk top of infected computer. GUI looked like it was working. Report: no threats found.
Now what?
0
 

Author Comment

by:oliviajones
ID: 36589465
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 36589506
have you also check the article below:

Infected router - Google search redirects even on a clean system
http://www.experts-exchange.com/A_5327.html

Sudeep

Also suggest you to run MalwareBytes full system scan:


http://www.malwarebytes.org/mbam-download.php

Once finished let us know if you this the issue is still there.

I hope that would help

Sudeep
0
 

Author Comment

by:oliviajones
ID: 36589705
there are 7 computers using this router. only one behaves badly. does this rule out router infection? If you rule it out i will go change router password. i have been lazy lately.....
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 500 total points
ID: 36589787
In that case it would not be the router. DId you ran MalwareBytes yet?

In some cases you would need to run Rogue Killer before running MalwareBytes.

Also I believe all the tools mentioned are run in Normal Mode and NOT in safe-mode.

I would also recommend you to go through the articles from Younghv

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

I hope that would help.

Sudeep
0
 

Author Comment

by:oliviajones
ID: 36590163
I am running MalwareBytes as we type. Did not do in safe mode, but I did disable all anti virus and a lot of unrelated junk processes from hp, etc, that run in the background. Should I interrupt the scan and start over? It's on a big drive and it takes forever. Do I have to scan ALL drives, including drives w music only, old files, etc, Or can i scan just the drive w Wondows7 OS? BTW this is a dual boot drive. Old vista OS/drive does not SEEM to be infected. do I need to scan it? we could really change how long these scans take if I leave off some of the HDs attached.
0
 

Author Comment

by:oliviajones
ID: 36590752
Malawarebytes found a trojan in my registry. What do I do now?????
malwarebite-trojan-find.JPG
0
 

Author Comment

by:oliviajones
ID: 36590777
If the picture is small, the threat found is Trojan BHO
0
 

Author Comment

by:oliviajones
ID: 36590792
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7783

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

9/23/2011 8:40:36 PM
malwarebytes mbam-log-2011-09-23 (20-39-03).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|K:\|L:\|)
Objects scanned: 542725
Time elapsed: 1 hour(s), 52 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
0
 

Author Closing Comment

by:oliviajones
ID: 36590817
suggestion of using Malwarebytes found virus. so now I have a new question
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now