Redirect/hijack bug in Google searc

Dell / INSPIRON 9300
March 23, 2009 at 08:17:26
Specs: Windows XP SP3
Help!!! Firefox and IE have been hijacked with the redirect bug from the google search bar. I have read some other posts and tried a couple of things. Now I need help. Once I install the malware software the bug will not let them open or access the internet. Where can I go and remove these things? Help please.

See More: Redirect/hijack bug in Google searc

Report •

March 23, 2009 at 08:18:03
What have you tried?


Report •

March 23, 2009 at 08:25:45
HJT won't load because I can't get past the registration page. Malware bytes installs and won't load. It does nothing. Adaware does the same thing. Nothing can connect to the internet. I did download Combofix, but I am scared of it. Thanks for the fast reply.

Report •

March 23, 2009 at 12:18:12

I appreciated that you would like help from anyone possible, but since Jennifer SUMN has already started to assist you in this thread, I will hold off on giving advice.

However, if you would like to run some normal scans to see what we might be dealing with, we can.

Please read through these instructions and print them out if needed. If you have any questions, please ask them before starting this procedure. Please do the steps in the order that they are listed for the best results. Also, although it may seem like the infection is cleaned after performing these steps, please stay with me until I let you know that your machine is "all-clear" for best results.

Here is what I need you to do. First of all, download DDS from here and save it to your desktop.

Next, download GMER from here. Be sure to click the button marked "Download EXE" to download GMER as a randomly named .exe file. This is needed as some rootkits look for and hide from GMER or prevent it from running.

Once you have both of those downloaded, please disable any script blocking program you might have and run DDS.scr. When it is done, DDS will open two (2) logs. They are named DDS.txt and Attach.txt. Please save both reports to your desktop.

Then run GMER. If it gives you a warning about rootkit activity and asks if you want to run on NO. In the right panel, you will see several boxes that have been checked for you. Please Uncheck the following boxes: Sections, IAT/EAT, any Drives/Partitions other than the Systemdrive (typically C:\), and Show All (be sure not to miss this one!) Now click on the Scan button and wait for it to finish. Once it is done scanning, click the "Save..." button and in the file name area type in gmerscan.txt.

Please copy and paste the contents of the dds.txt log to this thread.

While I normally ask for the Attach.txt and gmerscan.txt files to be sent to me as an Email attachment, please post them as separate responses to this thread. This will allow Jennifer SUMN to view them and help you out as well.

These logs will allow us to better determine what the next step should be.

If you have any questions, please let me know.

MOS Master Certified
MCP Certified
CCNA Certificate Pending
A+ Certificate Pending

"I have gone to find myself. If I get back before I return, please tell myself to wait." :

Report •

Related Solutions

March 23, 2009 at 14:35:17

Report •

March 23, 2009 at 14:36:24

Report •

March 23, 2009 at 14:39:33
Thanks for the help I received. I did fix it elsewhere with HJT, MBAM, ATF, SAS, & Root Repeal. It was nasty and held on for dear life.

Report •

Ask Question