Google results hijacked

Discussion in 'Windows 7 Help and Support' started by balicea, Nov 12, 2010.

  1. balicea

    balicea New Member

    Joined:
    Nov 12, 2010
    Messages:
    4
    Likes Received:
    0
    I'm sorry for the tone of this e-mail, I cannot take this anymore. I have some sort of virus/intrusion on my machine that WILL NOT allow me to click on a Google search result without re-routing me to an irrelevant result. This is outrageous. I have used SIX different virus/malware programs for purposes of removal and scanned the directory for unusual entires (using HijackThis) but to no avail. I even clean installed Windows 7 (on an ASUS notebook), and on the FIRST search I did, the browser (I tried both IE8 and Firefox) redirected me to an ad site from which I hence cannot escape (once I clicked on the desired result). I cannot find anything, ANYTHING that will remedy this problem. Any help you can provide would be appreciated.


    Thank you for your time,
    Bradly Alicea
     
  2. toddwilson

    toddwilson New Member

    Joined:
    Oct 8, 2010
    Messages:
    92
    Likes Received:
    0
    I also suffer from this "redirect" , but like you, AV programmes and malware removals find nothing
    I hope someone can assist here
     
  3. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    First in IE8 from the tools menu select internet options, then the connections tab, then the LAN settings button near the bottom right. Remove and or uncheck anything in there, ok your way back out close and reopen internet explorer.
    If still no joy, look here
    C:\Windows\System32\drivers\etc
    Open the file called hosts
    Use notepad when prompted, it should look like the following
    Anything additional you pretty much can safely edit/delete (you may need to change the read only properties of the files to safe any edits)
     
  4. toddwilson

    toddwilson New Member

    Joined:
    Oct 8, 2010
    Messages:
    92
    Likes Received:
    0
    Tried all you instructed, still having redirect issues
    Thankyou anyhow
     
  5. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    it's possible that your local DNS cache may be an issue. Try flushing the dns cache.
    Command Prompt and type
    ipconfig /flushdns
    see if that helps
     
  6. MikeHawthorne

    MikeHawthorne Essential Member
    Microsoft Community Contributor

    Joined:
    May 25, 2009
    Messages:
    6,045
    Likes Received:
    300
    This sound like the same fake antivirus trojan that has been going around a lot lately.

    3 of my friends have had it in the last 3 months.
    On these computers I was able to find it by running SuperAntiSpyware from a thumb drive in safe mode.

    On 2 of them it removed it. One had to have Windows reinstalled.

    Also check your LAN settings, in Internet Options, set it back to Automatic if it has been changed.

    Doing a repair install won't get rid of it because the files are still there and it just reactivates itself.

    Here's some info about it....

    How To Remove Antivirus Live and Other Rogue/Fake Antivirus Malware - How-To Geek

    If you aren't running Microsoft Security Essentials try installing and running that.

    Mike
     
  7. balicea

    balicea New Member

    Joined:
    Nov 12, 2010
    Messages:
    4
    Likes Received:
    0
    Thanks for the responses received. I actually found an alternate solution (we'll call it "Operation Rootkit Down"):

    First of all, what is a rootkit? From Wikipedia:
    A rootkit is a software system that consists of one or more programs designed to obscure the fact that the system has been compromised (one of many definitions,
    but this is the most relevant for our purposes).

    AVG (my anti-virus software) searches for rootkits, but couldn't find any infections on my system. After doing some targeted Google searches (copy-and-pasting the links of course) regarding hard-to-detect infections, I found this free program from Kaspersky Labs called TDSSKiller:
    How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?

    Download, unzip, and scan. It should find a rootkit with a suffix of something like "hdl**".
    Reboot your system, and then rerun with TDSSKiller. It should be removed -- for a final test, go to Google, do a search, and you should not be redirected anymore.
     
  8. MikeHawthorne

    MikeHawthorne Essential Member
    Microsoft Community Contributor

    Joined:
    May 25, 2009
    Messages:
    6,045
    Likes Received:
    300
    Thanks for the info, I'll ad this link to my list.

    Mike
     
  9. toddwilson

    toddwilson New Member

    Joined:
    Oct 8, 2010
    Messages:
    92
    Likes Received:
    0
    Thankyou everyone also, I appreciate your assistance
     

Share This Page

Loading...