?
Solved

redirect virus removal help

Posted on 2011-09-23
12
Medium Priority
?
504 Views
Last Modified: 2012-05-12
redirect virus sends my google searches all over the place. does same thing with yahoo. AV anti virus full computer scan does not catch any problem.This means I have almost no internet access. This site says to use TDSSKILLER.exe. I tried to download it but  AV  said IT was a virus and did not permit download. what should I do?
0
Comment
Question by:oliviajones
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
12 Comments
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 36588896
You would need to disable the Anti-Virus on the computer and then run the TDSSKiller. Since it is the most preferred tool to remove the Google Redirect.

Though most of the AV should not say it as Virus but there could be false positive.

Recommended readings:

Infected router - Google search redirects even on a clean system
http://www.experts-exchange.com/A_5327.html

“Google Hijack” — Google Search Gets Redirected
http://www.experts-exchange.com/A_3299.html

Sudeep

0
 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 36588918
Further, it could be the infection it self which is not letting you download it. So one way is to get it on USB device from another computer and run it from USB to the infected computer.

You could also try renaming it to file like "iexplore.exe" and then run it.
0
 

Author Comment

by:oliviajones
ID: 36589425
Downloaded TDSSKILLER.exe to usb stick. Would not even unzip properly from stick on infected computer. Opened and copied exe file on clean computer, transferred to desk top of infected computer. GUI looked like it was working. Report: no threats found.
Now what?
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 30

Expert Comment

by:Sudeep Sharma
ID: 36589506
have you also check the article below:

Infected router - Google search redirects even on a clean system
http://www.experts-exchange.com/A_5327.html

Sudeep

Also suggest you to run MalwareBytes full system scan:


http://www.malwarebytes.org/mbam-download.php

Once finished let us know if you this the issue is still there.

I hope that would help

Sudeep
0
 

Author Comment

by:oliviajones
ID: 36589705
there are 7 computers using this router. only one behaves badly. does this rule out router infection? If you rule it out i will go change router password. i have been lazy lately.....
0
 
LVL 30

Accepted Solution

by:
Sudeep Sharma earned 2000 total points
ID: 36589787
In that case it would not be the router. DId you ran MalwareBytes yet?

In some cases you would need to run Rogue Killer before running MalwareBytes.

Also I believe all the tools mentioned are run in Normal Mode and NOT in safe-mode.

I would also recommend you to go through the articles from Younghv

http://www.experts-exchange.com/A_4922.html (Rogue-Killer-What-a-great-name)
http://www.experts-exchange.com/A_5124.html (Stop-the-Bleeding-First-Aid-for-Malware)
http://www.experts-exchange.com/A_1940.html (Basic Malware Troubleshooting)

I hope that would help.

Sudeep
0
 

Author Comment

by:oliviajones
ID: 36590163
I am running MalwareBytes as we type. Did not do in safe mode, but I did disable all anti virus and a lot of unrelated junk processes from hp, etc, that run in the background. Should I interrupt the scan and start over? It's on a big drive and it takes forever. Do I have to scan ALL drives, including drives w music only, old files, etc, Or can i scan just the drive w Wondows7 OS? BTW this is a dual boot drive. Old vista OS/drive does not SEEM to be infected. do I need to scan it? we could really change how long these scans take if I leave off some of the HDs attached.
0
 

Author Comment

by:oliviajones
ID: 36590752
Malawarebytes found a trojan in my registry. What do I do now?????
malwarebite-trojan-find.JPG
0
 

Author Comment

by:oliviajones
ID: 36590777
If the picture is small, the threat found is Trojan BHO
0
 

Author Comment

by:oliviajones
ID: 36590792
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7783

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

9/23/2011 8:40:36 PM
malwarebytes mbam-log-2011-09-23 (20-39-03).txt

Scan type: Full scan (C:\|D:\|E:\|G:\|K:\|L:\|)
Objects scanned: 542725
Time elapsed: 1 hour(s), 52 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
0
 

Author Closing Comment

by:oliviajones
ID: 36590817
suggestion of using Malwarebytes found virus. so now I have a new question
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Curious about the latest ransomware attack? Check out our timeline of events surrounding the spread of this new virus along with tips on how to mitigate the damage.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question