Search results getting redirected

June 24, 2011 at 20:24:04
Specs: Windows 7, Pentium (R) dual core / 4 gigs 2.6GHz
How can I stop my google search results from getting redirected. I have malwarebytes and removed a few trojans but it seems its missing the adware doing this. Help?

See More: Search results getting redirected

Report •

June 24, 2011 at 21:21:00
mhowes130 ,

Try the following:

Please download TDSSKiller
Save it to the Desktop.

Double-click* on TDSSKiller.exe to run the program.
Vista/Windows 7 users, right-click the file, and select: Run As Administrator

Click the 'Start Scan' button.

Do not use the computer during the scan

If the scan completes with nothing found, click Close to exit.

When the scan finishes it displays a Scan results screen stating whether or not an infection was found on your computer.

To remove the infection, click on the Continue button.
If it does not say Cure on the results screen, leave it at the default action of Skip, and press the Continue button.

Do not change to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.

Reboot to finish the cleaning process.

If no reboot is requested, click on: Report.

A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller. is created and saved to the root directory (usually Local Disk C:).

>>Please provide the contents of TDSSKiller in your reply.<<

Now, re-start your computer.
Tap the F8 key before Windows starts, to bring up the Windows Advanced Options menu

Use the arrow keys to select Safe Mode with Networking

Press: Enter

In Safe Mode with Networking, download iExplore.exe, which is a renamed copy of RKill:

[If the file does not download, paste the following, >without the brackets<, in the address bar of your browser:

Save the file to the Desktop, and double-click on it.
Ignore any messages, and allow the file to run until the command window closes.

Without a reboot, run Malwarebytes’ Anti-Malware
Vista/Windows 7 users, right-click the file, and select: Run As Administrator

Update the program.
Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the 'Remove Selected' button to get rid of any malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.

>>Please post the >Malwarebytes log< in your reply.<< so we can see where we are at, and plan any additional removal strategy.<<

Retired - Doin' Dis, Dat, and slapping malware.

Report •

June 25, 2011 at 01:52:51
Well, I did everything you said to the tee. Here are my results.

This log file is located at C:\rkill.log. 
Please post this only if requested to by the person helping you. 
Otherwise you can close this log when you wish. 

Rkill was run on 06/25/2011 at  3:56:07. 
Operating System: Windows 7 Home Premium 

Processes terminated by Rkill or while it was running: 


Rkill completed on 06/25/2011 at  3:56:09. 

Malwarebytes' Anti-Malware

Database version: 6923

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

6/25/2011 4:42:46 AM
mbam-log-2011-06-25 (04-42-46).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 416730
Time elapsed: 44 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Report •

June 25, 2011 at 12:55:46
Please download ComboFix:

Save to your Desktop
Double-click ComboFix.exe to run the program

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your Desktop, and if interrupted may leave your Desktop disabled. If this occurs, please reboot to restore the Desktop.

When the scan completes, and it may take a while, a text window with the CF log opens on your Desktop. The CF log is also found at C:\ComboFix.txt

>>Please post this log in your reply to analyze it, and let you know what to do next.<<

However, because of the potential size of this report, please upload ComboFix.txt to the Uploading website:

In: Select files to upload, click 'Browse', and 'Look in' the Desktop.
Select the ComboFix.txt file, and click: 'Open'

You will see the following:
Your file has been uploaded successfully: (Name and size of the file)

Copy the 'Download link' provided, and post it in your reply.

Retired - Doin' Dis, Dat, and slapping malware.

Report •

Related Solutions

June 25, 2011 at 23:40:36
Here is the combofix log. I had to run this twice because you hadn't mentioned that I needed to disable any antivirus/malware software.

I thank you for all your help thus far.

Report •

June 26, 2011 at 08:27:29

Are you still getting redirections?

Did not see any malware in the CF log...

Retired - Doin' Dis, Dat, and slapping malware.

Report •

June 26, 2011 at 10:31:19
It doesnt seem like it, which is weird. I didnt think any of those programs removed anything, although I'm not complaining.

Thanks for your help, and if anything else pops up, ill let you know.

Report •

June 26, 2011 at 10:43:29
Try the computer for a couple of days, and see how it goes.

If you keep having the same problem, post back.

Good luck, mhowes130!!

Retired - Doin' Dis, Dat, and slapping malware.

Report •

Ask Question