redirect virus removal help

redirect virus sends my google searches all over the place. does same thing with yahoo. AV anti virus full computer scan does not catch any problem.This means I have almost no internet access. This site says to use TDSSKILLER.exe. I tried to download it but  AV  said IT was a virus and did not permit download. what should I do?
oliviajonesAsked:
Who is Participating?
 
Sudeep SharmaConnect With a Mentor Technical DesignerCommented:
In that case it would not be the router. DId you ran MalwareBytes yet?

In some cases you would need to run Rogue Killer before running MalwareBytes.

Also I believe all the tools mentioned are run in Normal Mode and NOT in safe-mode.

I would also recommend you to go through the articles from Younghv

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

I hope that would help.

Sudeep
0
 
Sudeep SharmaTechnical DesignerCommented:
You would need to disable the Anti-Virus on the computer and then run the TDSSKiller. Since it is the most preferred tool to remove the Google Redirect.

Though most of the AV should not say it as Virus but there could be false positive.

Recommended readings:

Infected router - Google search redirects even on a clean system
http://www.experts-exchange.com/A_5327.html

“Google Hijack” — Google Search Gets Redirected
http://www.experts-exchange.com/A_3299.html

Sudeep

0
 
Sudeep SharmaTechnical DesignerCommented:
Further, it could be the infection it self which is not letting you download it. So one way is to get it on USB device from another computer and run it from USB to the infected computer.

You could also try renaming it to file like "iexplore.exe" and then run it.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
oliviajonesAuthor Commented:
Downloaded TDSSKILLER.exe to usb stick. Would not even unzip properly from stick on infected computer. Opened and copied exe file on clean computer, transferred to desk top of infected computer. GUI looked like it was working. Report: no threats found.
Now what?
0
 
oliviajonesAuthor Commented:
0
 
Sudeep SharmaTechnical DesignerCommented:
have you also check the article below:

Infected router - Google search redirects even on a clean system
http://www.experts-exchange.com/A_5327.html

Sudeep

Also suggest you to run MalwareBytes full system scan:


http://www.malwarebytes.org/mbam-download.php

Once finished let us know if you this the issue is still there.

I hope that would help

Sudeep
0
 
oliviajonesAuthor Commented:
there are 7 computers using this router. only one behaves badly. does this rule out router infection? If you rule it out i will go change router password. i have been lazy lately.....
0
 
oliviajonesAuthor Commented:
I am running MalwareBytes as we type. Did not do in safe mode, but I did disable all anti virus and a lot of unrelated junk processes from hp, etc, that run in the background. Should I interrupt the scan and start over? It's on a big drive and it takes forever. Do I have to scan ALL drives, including drives w music only, old files, etc, Or can i scan just the drive w Wondows7 OS? BTW this is a dual boot drive. Old vista OS/drive does not SEEM to be infected. do I need to scan it? we could really change how long these scans take if I leave off some of the HDs attached.
0
 
oliviajonesAuthor Commented:
Malawarebytes found a trojan in my registry. What do I do now?????
malwarebite-trojan-find.JPG
0
 
oliviajonesAuthor Commented:
If the picture is small, the threat found is Trojan BHO
0
 
oliviajonesAuthor Commented:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7783

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

9/23/2011 8:40:36 PM
malwarebytes mbam-log-2011-09-23 (20-39-03).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|K:\|L:\|)
Objects scanned: 542725
Time elapsed: 1 hour(s), 52 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
0
 
oliviajonesAuthor Commented:
suggestion of using Malwarebytes found virus. so now I have a new question
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.