Ask a question Report

Search result redirecting to another site [Solved]

gunshot - Latest answer on Dec 12, 2012 11:38PM
Hello,
I am really frustrted.Can someone plz help? I got infected with the Antivirus XP 2008 today. I removed it. But now having a problem. When i search using google and i try to click on a search result i am not able to open it.instead it is redirected to another site. How can it be fixed? Any help will be much appreciated.
Thanx.
Read more 
Answer
+29
moins plus
Follow these instructions exactly and you will get throught this easily. This is the easiest way to
get rid of the problem. the process is easy. the instuction look long but i wrote them assuming the
reader has no computer experience. enjoy

1. start another IE window along side this one to quickly and accurately review instructions (ctrl+n)

2. copy and paste the URL below directly into the address bar then press ENTER
DO NOT CLICK THE URL. YOU MUST COPY AND PASTE OR YOU WILL BE REDIRECTED!

*the tdss (go.google) redirect virus recognizes all instances of "Malware, Mbam, etc...
this will get around that. DO NOT CLICK THE URL. YOU MUST COPY AND PASTE OR YOU WILL BE REDIRECTED!

www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

3. under "features" use drop down menu and select Ver. 1.32, this will cause screen to refresh

4. click "download latest version"

5. a yellow Active X control should show just under your tab in the window. It will say
"To help protect your security, IE blocked.........and so forth"

6. left click and select download file

7. select SAVE, in file name field replace "mbam-setup.exe" with "setup.exe"

8. when complete, select "open folder" and double click setup.exe and then run

9. Proceed through till you are prompted to select destination location. to make it easier
just copy and past what I have below into the name bar

C:\Malware\Malware

10. name start menu folder Malware (usesless but do it) do not create shortcut

11. deselect (uncheck if checked) option to create desktop icon or quick launch, continue through confirmation

12. It will take between 15 to 60 minutes (it will appear frozen, it is not. just let it be)

13. IMPORTANT!!! deselect UPDATE MALWARE AND LAUNCH MALWARE (THE VIRUS WILL SHUT YOU DOWN IF NOT UNCHECKED) click finish

14. right click start, select explore and locate "Local Disk (C:)", expand view (click [-}, should be folder name "Malware" below

15. double click folder, locate mbam.exe and rick click to rename "Mban.exe" then double click Mban.exe to run

16. do not worry about updating, you wont be able to, select scanner tab and Perform quick scan

17. will take awhile depending on computer ~approx 10-20 minutes

18. will find around 8-20 files. here is a copy of my log for example:

************************************************************************
Malwarebytes' Anti-Malware 1.33
Database version: 1654
Windows 5.1.2600 Service Pack 3

1/15/2009 3:52:36 AM
mbam-log-2009-01-15 (03-52-36).txt

Scan type: Quick Scan
Objects scanned: 51044
Time elapsed: 5 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\TDSSbrsr.dll (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\TDSSoiqh.dll (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\TDSSriqp.dll (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\TDSSxfum.dll (Trojan.TDSS) -> Delete on reboot.
C:\WINDOWS\system32\drivers\TDSSpqlt.sys (Trojan.TDSS) -> Delete on reboot.
C:\Documents and Settings\Owner\Local Settings\Temp\TDSScbec.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSSlxwp.dll (Rootkit.Agent) -> Delete on reboot.
C:\WINDOWS\system32\TDSStkdu.log (Trojan.TDSS) -> Delete on reboot.
************************************************************************

19. remove all items as prompted, some will require reboot to remove, this is normal

20. allow computer to reboot after cleaning. You are now free from your nightmare.
Ali- Nov 25, 2012 05:28AM
I tried this, but couldn't find any malware and problem still persist. What am i doing wrong?
Reply
Add comment
Answer
+11
moins plus
Hi I was able to solve the problem after 5 hours of gruelling work . I used SuperAntiSpyware and Malwarebytes to remove the Malware. if you need more help google for go.google.com malware and loads of information would come up. Incidentally the Malware will not allow you to install any of the software so you will have to rename the files and then try to install. Start with Super Anti Spyware

Enjoy
Abhi
Argh- Jan 17, 2010 11:44AM
Thank you so much! Malwarebytes worked like a charm! I can finally browse again! Thank you Thank you Thank you.
Reply
meeee- May 5, 2011 05:17AM
thanks for the hint!!!
Reply
Add comment
Answer
+4
moins plus
For those who couldn't find that process starting with "t"....I disabled a process with "IEEE" which was labeled with yellow tag....
After that you should be able to browse the internet ....
Add comment
Answer
+3
moins plus
Saf, I love U! hahahahaa! after wasting a lot of time to solve the problem, I finally found this site. And your advice worked. Thank you soooo much. May the force be with you man. take care
Add comment
Answer
+3
moins plus
Hi,
Had same problem with firefox and IE, I tried forefox reinstallation but didn't worked.
Then i went to option and removed all add-on, clicked on security and check warn me when need to install new addon. removed check box when there was automatic install addon checked. also removed java toolkit addon, which was the main thing.
restart firefox, solved.......
Add comment
Answer
+1
moins plus
Using Malwarebytes worked for me. My situation was slightly different in that all search engine searches would return a proper "sounding" title, but the URL actually pointed to a site other than what it link said. So for a Google search, it would return a page that looked very much like google but there were differences. Google has sponsored links at the top and down the right side of the page, but with the rootkit running there were no sponsored links and there was a lot of white space on the page.

Malwarebytes found a Rootkit.Agent on C:\Windows\System32\sysaudio.sys. After removing it, all of my searches returned to normal function.
Add comment
Answer
+1
moins plus
I had this problem as well (Firefox browser search being redirected to other sites, mostly advert sites/search results).

I solved this problem using Eset Security Center computer scan. This program found the virus and after it was deleted/quarantined I was able to use my Firefox browser search bar and Mozilla search page without being redirected.

I used to have Eset Nod32 Antivirus but it never found the virus. I also tried McAfee Total Protection 2009 and it didn't find it. Other things I tried was Malwarebytes, SuperAntispyware, AdAware, and Spybot Search & Destroy... none of these programs found it.

So get Eset Security Center 4 and use the computer scanner to scan all your files (I think it was found in one of Firefox folders. I think the name of the file was chrome.manifest. I can't remember for sure.)
Add comment
Answer
+1
moins plus
Solved the search results' redirecting problem with Hitman 3.5 downloaded frm CNET
Add comment
Answer
+1
moins plus
ok if you click start and type: ''C:\WINDOWS\system32\drivers\etc\HOSTS'' then save as notepad then delete the websites that are under the hosts then restart your computer and BAM its problems solved any problems just contact me at bbcpark2000@gmail.com
Ali- Nov 25, 2012 05:31AM
dont see any entries in the hosts file and it appears the deafult entries.
Reply
Add comment
Answer
+1
moins plus
EASY solution for Google redirects to other sites or ads. Tried Malwarebytes, AntiSpyware, Spybot Search and Destroy and several other programs. Looked at lots of forums. Finally one said to download Hitman Pro 3.5 for free at cnet. com as that's the only thing that worked for him...It worked for me too!
Ali- Nov 25, 2012 05:32AM
Tried Hitmn Pro 3.6 -- latest version. Didn't find any malware but problem still persists
Reply
Add comment
Answer
+1
moins plus
I have a problem with google search redirected results. I have used AVG, malware bytes, Microsoft security essential but no luck. I have tried hitman pro 3.5 and it help me to resolve the problem.
Thanks to people who suggest to use such easy program
Add comment
Answer
+0
moins plus
were you able to solve the problem .... I have same issue
saf- Nov 22, 2008 05:49PM
no, i dont think so, i have the same problem, i used super anti.... and it didnt work, i dont know wat to do..
Reply
gribbin- Feb 24, 2009 06:24AM
Hi saf, im having the same problems but on Windows Vista. I cant show hidden files they way you descibe any info would be great.
Reply
Add comment
Answer
+0
moins plus
Thanks to the link for malwarebytes. I was having this same problem and at a loss how to get this off my computer. It worked great!
Add comment
Answer
+0
moins plus
Thanx for the suggestion to the malware bytes removal app. It found the file that you mentioned(audio.sys) and it removed it. I also used the antispyware one and it found other stuff but didnt help with the problem. I hate these damn spyware crap.

Thanx bro.
Add comment
Answer
+0
moins plus
it think this is probally spyware but i'm not 100% sure but if you do get avast and it will remove it
Add comment
Answer
+0
moins plus
hi all....thankyou for the help...I downloaded malwarebytes...and it fixed the problem straight away...thankyou all so much..your the best!
Add comment
Answer
+0
moins plus
Malwarebytes' Anti-Malware as a suggested solution solved my pain in the @$$ problem. Time is money. This free solution could not have been found at a better time.
Here is the long list of problems I had prior to finding the solution above:
Problems in Windows XP system restore, it did not fix or clean the registry. I Could not update lavasoft ad-aware, as it did not find the problem, even after a full scan. AVG anti-virus and Avast! anti-virus would not execute the updates or identify the problem. Frustrated, I even set up my home page to the microsoft windows update only to be redirected to google. With the Malwarebytes' Anti-Malware program I invested 5 minutes of my time. The reward could not be matched by any other program. Thank You. May the good Karma you have spread today come back to reward you for this kind act.
Add comment
Answer
+0
moins plus
i had the same problem...
i already had symantac on my computer, but it didn't recognize the virus, so i downloaded avast (the free edition) and ran a full scan. It found two pieces of malware and took care of them. I then went into my document and settings and deleted all of my cookies. I then went into firefox,tools then options and deleted all private data and also unchecked "accept third-party cookies."

This whole process took about 30 minutes (because the full scan takes so long) and my problem is completely gone.
good luck!
fee- Apr 8, 2009 04:47PM
can you tell me what the name of the malware you found was? i seem to have the same problem and thought i could just uninstall and reinstall the browsers but am stuck now with IE that never stays open.
Reply
Add comment
Answer
+0
moins plus
saf disabling 'tdssserv.sys' worked thanks
Add comment
Answer
+0
moins plus
After hours of messing around with these so called fixes i eventually went through HiJackthis and it removed it.............


ONLY TO COME BACK AGAIN!

I thought, forget this, and went to www.fixedlikemagic.com whihc a friend had recommended to me and had them fix it.. not only is the problem gone but the computer is running soo much faster thanks to their tune up service. i recommend them 100%
Ali- Nov 25, 2012 05:34AM
what did you used actually as it gives so many options of antispyware and am confused hich on you have used. pls provide more info
Reply
Add comment
1 2 Next
This document entitled « search result redirecting to another site » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.

Not a member yet?

sign-up, it takes less than a minute and it's free!

Members get more answers than anonymous users.

Being a member gives you detailed monitoring of your requests.

Being a member gives you additional options.