Yahoo Answers is shutting down on May 4th, 2021 (Eastern Time) and beginning April 20th, 2021 (Eastern Time) the Yahoo Answers website will be in read-only mode. There will be no changes to other Yahoo properties or services, or your Yahoo account. You can find more information about the Yahoo Answers shutdown and how to download your data on this help page.

Trending News

Promoted
Anonymous
Anonymous asked in Computers & InternetSecurity · 10 years ago

Malware redirecting search engine results help?

A few weeks back my computer got a virus which keeps redirecting my search results. I've tried Malwarebytes anti malware amongst other things and nothing is working. Can someone please help me. Thanks

7 Answers

Relevance
  • Mike S
    Lv 7
    10 years ago
    Favorite Answer

    Removal instructions for the Google redirect virus.............

    http://deletemalware.blogspot.com/2010/02/remove-g...

  • ?
    5 years ago

    2

    Source(s): Industry Top Antivirus Software - http://moveantivirus.com/?oIMP
  • Anonymous
    10 years ago

    Firstly, boot your computer to the Safe Mode menu screen. You do this by repeatedly pressing F8 as soon as you boot up. Once there, use the arrow keys to highlight Safe Mode with Networking. Continue to boot from there.

    If that's successful, download and run TDSSKiller.exe from Kaspersky Lab. It's tiny, and takes just a minute to run. It hunts down and kills a specific family of rootkits. Here's a link:

    http://support.kaspersky.com/faq/?qid=208280684

    Regardless of the results, download the free version of Malwarebytes' Anti-Malware. Install it, get updates and run a full scan (still in Safe Mode). Here's a link:

    http://www.filehippo.com/download_malwarebytes_ant...

    After that, boot normally and run another full scan with MBAM. It will detect any malware that wasn’t running in Safe Mode.

    Hope this helps.

  • Arfenundred
    Lv 7
    10 years ago

    You have more likely than not got a Rootkit.

    A complete pain to get rid of.

    this generic attack on the infection should put things right.

    First

    click on Start > Run.

    Type in the following into the open box.

    devmgmt.msc

    then Click on OK.

    This will run Device Manager.

    In Device Manager,

    click on View > Show Hidden Devices.

    expand all the devices by clicking on the "Plus" sign.

    Now try to find

    TDSSserv.sys or clbdriver.sys or oUltraf or seneka.sys,

    right click on whatever one you found and select Disable.

    make sure that you do not select the Un-Install option

    otherwise infection will be back once you reboot your computer.

    if none of them are there do not worry,

    it could be something simpler but follow what comes next.

    you will have to enable view hidden folders in, folder options > view.

    Delete everything in the windows temp folder,

    C > Windows > Temp

    Delete all cookies,

    Delete all temporary internet files(not to be confused with windows temp files)

    these are best deleted via your internet browsers.

    it will save you messing about in the the hidden system files

    reset internet explorer,

    tools > internet options > Advanced tab > reset .

    Delete everything in the prefetch folder.

    C > Windows > Prefetch

    Delete the hosts file,

    C > Windows > System32 > drivers > etc > HOSTS

    A clean hosts file will be written by windows when you reboot later.

    Note: if you were using a custom Hosts file

    you will need to replace any of those entries yourself.

    Delete the flash cookies found in the macromedia, #Shared Objects folder.

    c > users > "your name" > App Data > Roaming > macromedia > Flash player > #Shared Objects

    delete everything you find in the #Shared Objects folder

    last lot to delete,

    navigate to

    c > users > "your name" > App Data > Local > Temp

    delete everything in the Temp folder.

    Run a full scan with this

    Sophos Anti-Rootkit : http://www.sophos.com/products/free-tools/sophos-a...

    and remove everything suspicious it finds.

    Do not have any open windows and shut down all programs when you run it.

    Sophos Anti-Rootkit DOWNLOAD : https://secure.sophos.com/support/cleaners/sar_15_...

    Then run a full scan with this and remove what it finds.

    Super anti spyware Pro : http://www.superantispyware.com/

    Super anti spyware Pro DOWNLOAD : http://downloads.superantispyware.com/downloads/SU...

    this has a tool built in that can reset the URL prefix's, USE IT.

    reset your router to default.

    download then run,Hitman pro : http://www.surfright.nl/en to mop up anything left.

    remove what ever it finds.

    your redirect virus will now be gone.

    .

  • How do you think about the answers? You can sign in to vote the answer.
  • Anonymous
    10 years ago

    Scan your computer with Combofix.

    http://www.bleepingcomputer.com/combofix/how-to-us...

    More information about the redirect virus:

    http://deletemalware.blogspot.com/2010/02/remove-g...

    http://www.google.com/support/forum/p/Web%20Search...

  • jerry
    Lv 5
    10 years ago

    sounds like you may have gotten what is called the "redirect virus". http://download.cnet.com/Hitman-Pro-3-32%E2%80%A6 for 32 bit PC or this 64bit

    http://download.cnet.com/Hitman-Pro-3-64%E2%80%A6

    http://download.cnet.com/Combofix/3000-8%E2%80%A6

    one of these programs should find the virus and remove it. In my case, combo fix did it for me.

  • Anonymous
    10 years ago

    Try this:

    http://support.kaspersky.com/faq/?qid=208283363

    The download link is at the bottom of the page. (zip file)

Still have questions? Get your answers by asking now.