Please please helpe me! VG i hope you could tell me where did u finally find the drive saf was talking about cuz i can't find it...and saf please help me! i got to non-plug and play drives but i don't have the drive u were talking about!!

Hello Gunshot
I have the same problem.
I get redirected only when I search on Google.
How did you solve it?
Any help is appreciated.

Using Malwarebytes worked for me. My situation was slightly different in that all search engine searches would return a proper "sounding" title, but the URL actually pointed to a site other than what it link said. So for a Google search, it would return a page that looked very much like google but there were differences. Google has sponsored links at the top and down the right side of the page, but with the rootkit running there were no sponsored links and there was a lot of white space on the page.

Malwarebytes found a Rootkit.Agent on C:\Windows\System32\sysaudio.sys. After removing it, all of my searches returned to normal function.

Thanx for the suggestion to the malware bytes removal app. It found the file that you mentioned(audio.sys) and it removed it. I also used the antispyware one and it found other stuff but didnt help with the problem. I hate these damn spyware crap.

Thanx bro.

It think this is probally spyware but i'm not 100% sure but if you do get avast and it will remove it

Saf, I love U! hahahahaa! after wasting a lot of time to solve the problem, I finally found this site. And your advice worked. Thank you soooo much. May the force be with you man. take care

Download and use this: You can use it one time for free.
Is solves the problem.



http://www.virusalert.nl/?c=spicylemon

Hi all....thankyou for the help...I downloaded malwarebytes...and it fixed the problem straight away...thankyou all so much..your the best!

Malwarebytes' Anti-Malware as a suggested solution solved my pain in the @$$ problem. Time is money. This free solution could not have been found at a better time.
Here is the long list of problems I had prior to finding the solution above:
Problems in Windows XP system restore, it did not fix or clean the registry. I Could not update lavasoft ad-aware, as it did not find the problem, even after a full scan. AVG anti-virus and Avast! anti-virus would not execute the updates or identify the problem. Frustrated, I even set up my home page to the microsoft windows update only to be redirected to google. With the Malwarebytes' Anti-Malware program I invested 5 minutes of my time. The reward could not be matched by any other program. Thank You. May the good Karma you have spread today come back to reward you for this kind act.

Saf disabling 'tdssserv.sys' worked thanks

If your having the issues described then this is the EASY fix. Make sure you look at symptoms as there are different problems out there.

How to fix Google search results redirect redirected

I am using Windows XP and Mozilla Firebird as browser with NoScript add-on<<<the add-on just helped me with issue till I got fix.

Also affects all users names on computer.


IF you are being redirected to random ad sites then this is the fix that I got after 3 days. Have tried AdWare, S&D, MalWareBytes, SmitFraudFix, 7770Finder, ESET NOD32, CCleaner and a few other scrubs and probably a few I cant remember.

HijackThis did nothing and showed nothing as you can see from ppls post above. NOT to say its not good cause in the past it has worked. Just thik for one this is to new and two its in the registry.

Symptoms: Do a Google search in an actual browser window, NOT THE TOOL BAR %&*$. I would get the results I was looking for with the correct URLs under each result. Like searched Microsoft and it would come up with addresses from microsoft like: www.microsoft.com/ - 76k or www.microsoft.com/DOWNLOADS/en/default.aspx - 44k -

BUT when clicking a link I would usually get the page that it said the first time but when going back to the search results the next link would be some ad site with usually no WWW at the beginning. And this would last about 4 clicks. That is, by going to stupid ad site then back to results 4x then finally getting the page it was suppose to show.

Reason I am giving you whole speal is because there are alot of so similar ones out there.

Heres the fix. Wish I could give thanks to where I found it but cant find page now. Can remember the guy found it on his own and his last words are something like "kick the computer, format the drive, tell landlady she aint gettin money" or something like that .

Never mind found it with what I said above about his quote in Google that now works correctly. Maybe it did not fix his and thats the reason he said it. But it gave me the direction to fix it, after days of trying everything. [url="http://emptees.com/posts/14105-f-ing-gogoogle-redirection-malware-problem-resolved"]http://emptees.com/posts/14105-f-ing-gogoo...roblem-resolved/url

So DLed the TR software [url="http://www.simplysup.com/"]http://www.simplysup.com//url it came up with this registry key with the Kungs...thing.

IF YOU SCREW UP AND MESS SOMETHING UP IN THE REGISTRY YOU CAN HOSE THE WHOLE COMPUTER. SO IF YOU DONT UNDERSTAND OR KNOW WHAT YOU ARE DOING GET SOMEONE THAT DOES.

Heres the key it came up with:
HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603

And the values that were bad:
kungsfaswwqlmq.sys and tdssserv.sys

Now two different ways to do this, you can either delete the key or just he values. "Delete the key. To prevent keeping a history altogether, right click ACMru/Permissions/Deny all users and groups listed." This is from another website: [url="http://www.kellys-korner-xp.com/xp_tweak_bookmarks.htm"]http://www.kellys-korner-xp.com/xp_tweak_bookmarks.htm/url AND even has a script to do above for you: [url="http://www.kellys-korner-xp.com/ClearRecent.Exe"]http://www.kellys-korner-xp.com/ClearRecent.Exe/url

I really hope this helps. Honestly could not find this anywhere. I guess its something new.