Google Search Results Redirect

[nofishfisherman]

So my computer is probably infected with something.

When in IE if I search for something in Google and click on one of the search result links it takes me to some sketchy looking search HSOforum. It seems to take me to one of 5-6 different sites. Its also happened once or twice in Firefox but not much and not recently.

The URL in the search results looks good but the link redirects me to the these other search sites. If I use Bing or Yahoo or another search engine there is no issue.

I've downloaded and run Malwarebytes and it found some stuff but the problem still persists. I've also run SpyBot Search and Destroy with no luck.

Anyone have any other ideas?

[Lowblazah]

Ensure malwarebytes is updated (update tab) then boot to safe mode and re run malwarebytes (full scan)...if that doesnt work...you may have a rootkit..

[nofishfisherman]

I assume when I downloaded Malwarebytes that it was the most current version. I've run full scans both in and out of safe mode.

I'll give this Antirookit thing a shot.

[Nick Kuhn]

Sounds like something linked to IE like those stupid toolbars. Usually those programs catch them. You could try upgrading to IE9 and see if the problem goes away.

[Lowblazah]

Cant upgrade to IE9 if he is running XP. You actually need to update the free Malwarebytes everytime you use it. Check that first.

[nofishfisherman]

I'll update Malwarebytes again and try that first. I'm on windows 7 so I suppose I could upgrade.

I did look at the addons and didn't see anything that looked fishy.

Is there a reason why I wouldn't want to try the Antirootkit things as well?

[Lowblazah]

Malwarebytes is less invasive. where as Anti-rootkits have potential to break system files.

[nofishfisherman]

Oh goodie, anther opportunity to break my computer.

Is there anything I should watch out for if I run the Antirootkit? Things I want to make sure I don't click on, or things I shouldn't accept or delete?

I'm just trying to avoid another trip into General Nanosystems. They've always been good to me in the past but its always nice to fix things on your own.

[Lowblazah]

not really anything to watch out for...I havent ever seen one personally do any damage. Follow the instructions and you shouldnt have any issues.

[upnorth]

Install and run CCleaner and have it set to clean out the prefetch folder(very common place to hide krap for re installation) and all internet files before you do anything. Update your anti virus and scan, like already posted Malwarebytes update and scan, then combo fix scan.

Very potent combination for getting ride of spyware/malware/worms.

[nofishfisherman]

Install and run CCleaner and have it set to clean out the prefetch folder(very common place to hide krap for re installation) and all internet files before you do anything. Update your anti virus and scan, like already posted Malwarebytes update and scan, then combo fix scan.

Very potent combination for getting ride of spyware/malware/worms.

I did what you suggested and ran the CCleaner and then updated and ran a full scan with Malwarebytes but the problem still persists.

Looks like I'll need to run the Anitrootkit thing next.

Any guess as to how harmful this thing is? Is it just redirecting my search results to these other search websites or is it likely that its trying to do something more sinister as well.

I have noticed it seems to take longer for my system to start up after shutting down at night.

[Jim Almquist]

Might want to give SuperAntiSpyware and tdsskiller a try. In our computer support class we had students bring in there infected computer so we could practice fixing them. There was only one that stumped us to the point of reloading the software. Another one to try is Microsoft Security Essentials. It fixed a bug that all the others could not find. Make sure to update to the latest definition when ever you download any of these programs.

[nofishfisherman]

I'll look into those. So far I've tried Malwarebytes, Spybot Search and Destroy, the CCleaner, and my regular Norton Antivirus.

[Lowblazah]

Any guess as to how harmful this thing is? Is it just redirecting my search results to these other search websites or is it likely that its trying to do something more sinister as well.

I'd keep working to rid your machine of it. Its only going to breed new spyware on your machine if you dont get it fixed.

Try Combofix or Sophos next...

Combofix

[Lowblazah]

This is some of the basics you should check as well...not sure if we covered these yet.

Google redirect basic solutions

[nofishfisherman]

I had actually found that site while doing a google search at work on how to fix the issue. I worked through steps 1-6 and the host file was clean (according the the admin, the last 2-3 posts on the comments section are actually from me asking about my host file), also all of the settings they said to check were all correct.

My patience with this is starting to wear a little thin. Fortunately firefox seems uneffected for the most part but a google search in either IE or Chrome (tested Chrome once last night) lead to redirect search results.

[toughguy]

I had this come up a few months ago and I vaguely remember how my IT guy fixed it. He used the TDSSKiller program listed above. First installed it on my computer and then he had to rename it. The file wouldn't even open under its installed name. once he renamed it, it ran fine and cleaned that !#$%!% off my machine. It took hours for him to figure it out. I hope this helps

[nofishfisherman]

I think thats my next step. Nothing else seems to be working.

Step after that is I'll be backing up my docs/photos/music and doing a system restore. Fortunately I don't have a ton of stuff on this computer outside of some music and photos.

[upnorth]

Malwarebytes then combofix. Just ran into a PC this am that had the same issue and it cleaned it up nicely.

[nofishfisherman]

I'll try the combo fix as well. reading through the instruction that Lowblahza posted seems a little daunting but I'll give it a go.

I guess if I screw it up I can fall back to the system restore idea.

[upnorth]

It's easy, ccleaner, malwarebytes and combofix. Ccleaner gets rid of the places it hides in, malwarebytes gets some and then combofix cleans up the rest.

[nofishfisherman]

So I ran CCleaner and Malwarebytes last night but not Combofix. Can I just run combofix now or do I need to do all three one right after another without much of a gap?

After I ran the fisrt two I was on my computer messing around on the internet and then had it shut off over night if that matters.

[upnorth]

I would start over again, about an extra 10 minutes or so.

[nofishfisherman]

Alright, I'll just rerun everything. The CCleaner ran quick enough but the full scan of Malwarebytes took almost an hour to run last night.

[upnorth]

Hmmm....must have a lot O stuff on your PC. I just think in the case of being thorough.