Internet browser redirectingSolved/Closed

Question

Hello,

I followed all of your instructions to get the desktop background off and I deleted all of the files, but now when I go on the internet and try to google anything or go to any site, I get redirected to other weird sites that are obviously part of the virus. Also, my computer has started freezing up all the time to the point that I can't do ANYTHING! Please help!System Configuration: Windows XP
Internet Explorer 6.0

Dessy · Accepted Answer

Everyone is always going too far with things like these....

THE ONLY WAY TO DO THIS IS....

Start > All Programs > Accessories > System Tools > Disk Cleanup.... Delete all automatically ticked items and then delete all those files.

This will delete all un-needed files from your computer especially malware or spyware, as they mostly like to hang out in the Temp folder.

So dont waste your time with download more viruses or spyware or malware.

Do it the easier way!

Good luck!

jnmac · Answer

I suddenly had google searches closing IE7, but could still do google search imbedded in, say, Comcast home page.  Also, Microsoft Update website was suddenly "unavailable."
I installed avast! antivirus and it found 8 trojans on the first scan.  I deleted all infected files, and shazam - the browser and google returned to working fine.
I think a good anti-virus program is your solution.

jnmac

robertguero · Answer

If your having the issues described then this is the EASY fix. Make sure you look at symptoms as there are different problems out there.

How to fix Google search results redirect redirected

I am using Windows XP and Mozilla Firebird as browser with NoScript add-on<<<the add-on just helped me with issue till I got fix.

Also affects all users names on computer.


IF you are being redirected to random ad sites then this is the fix that I got after 3 days. Have tried AdWare, S&D, MalWareBytes, SmitFraudFix, 7770Finder, ESET NOD32, CCleaner and a few other scrubs and probably a few I cant remember.

HijackThis did nothing and showed nothing as you can see from ppls post above. NOT to say its not good cause in the past it has worked. Just thik for one this is to new and two its in the registry. 

Symptoms: Do a Google search in an actual browser window, NOT THE TOOL BAR %&*$. I would get the results I was looking for with the correct URLs under each result. Like searched Microsoft and it would come up with addresses from microsoft like:  www.microsoft.com/ - 76k  or www.microsoft.com/DOWNLOADS/en/default.aspx - 44k -

BUT when clicking a link I would usually get the page that it said the first time but when going back to the search results the next link would be some ad site with usually no WWW at the beginning. And this would last about 4 clicks. That is, by going to stupid ad site then back to results 4x then finally getting the page it was suppose to show.

Reason I am giving you whole speal is because there are alot of so similar ones out there.

Heres the fix. Wish I could give thanks to where I found it but cant find page now. Can remember the guy found it on his own and his last words are something like "kick the computer, format the drive, tell landlady she aint gettin money" or something like that .

Never mind found it with what I said above about his quote in Google that now works correctly. Maybe it did not fix his and thats the reason he said it. But it gave me the direction to fix it, after days of trying everything. [url="http://emptees.com/posts/14105-f-ing-gogoogle-redirection-malware-problem-resolved"]http://emptees.com/posts/14105-f-ing-gogoo...roblem-resolved[/url]

So DLed the TR software  [url="https://www.simplysup.com/"]https://www.simplysup.com/[/url]  it came up with this registry key with the Kungs...thing.
 
IF YOU SCREW UP AND MESS SOMETHING UP IN THE REGISTRY YOU CAN HOSE THE WHOLE COMPUTER. SO IF YOU DONT UNDERSTAND OR KNOW WHAT YOU ARE DOING GET SOMEONE THAT DOES.

Heres the key it came up with:
HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603

And the values that were bad:
kungsfaswwqlmq.sys and tdssserv.sys

Now two different ways to do this, you can either delete the key or just he values. "Delete the key.  To prevent keeping a history altogether, right click ACMru/Permissions/Deny all users and groups listed." This is from another website: [url="http://ww11.kellys-korner-xp.com/xp_tweak_bookmarks.htm"]http://ww11.kellys-korner-xp.com/xp_tweak_bookmarks.htm[/url]  AND even has a script to do above for you: [url="http://ww25.kellys-korner-xp.com/ClearRecent.Exe?subid1=20201215-0132-3587-a652-1a02152b98eb"]http://ww25.kellys-korner-xp.com/ClearRecent.Exe?subid1=20201215-0132-3587-a652-1a02152b98eb[/url]

I really hope this helps. Honestly could not find this anywhere. I guess its something new.

pog · Answer

Yahoo Anti Spy helped me out. Try it! It find out hundreds of cookies with the "com" extension. And all of them are advertising company links. Remove these cookies and you are done.

myself404 · Answer

May be atapi.sys (windows/system32/drivers) ist corrupted.
Look here:

https://www.broadcom.com/support/security-center

If this rootkit has finished its installation, the only noticeable sign of it is a slight binary difference between your atapi.sys and a valid one - date,time and size are equal (beyond the google redirect) . So it was on my system.

Repair:
Boot with Linux or a Part Pe CD, change the file atapi.sys for a valid one (note: there are at least two of them in your system), reboot - the google redirect was gone on my system. No guarantee it will be the same on your system.
Greets and good luck.

I'maPC · Answer

I recently just started having this problem for the first time and I work in IT and am pretty hot on the internet security thing. My problem started after I downloaded IE8 and only when using google search. But the site I was directed to tried to fool me into thinking I had viruses all over my PC and to download a file to fix them. I didn't of course..that file would have destroyed the browser settings for sure. I have since installed a dedicated browser hijacking software blocker - in addition to my existing antivirus and firewall (which did not prevent the original hijacks) and that seems to have stopped the problem. I regularly do disk cleanup anyway and clear internet cookies. The hijackers use this as a way to avoid antivirus and firewall software obviously and as long as you don't download any files they prompt you to then it should be simple to stop/ get rid of.

lungsucker · Answer

two things. 
1) in IE, go to tools, internet options , select the connections tab, then click on LAN settings, now uncheck everything in there, everything!!
(unless you know you user proxies.)

2) Go to control panel, select network connections, select the local area connection icon and double click on it.  Now find internet protocol IP/TCP in the box and double click on it.  Make sure the radio buttons saying " Obtain an ip address automatically are selected. both of them. (of course this is assuming u use dhcp, if u use static ip addresses, then make sure the dns server address is correct for what u use. 

these are the two places I have found that rogue spyware change addresses to redirect you.  
Also possible that they have changed url in the registry too.

someone · Answer

I tried about everything mentioned above. They didn't work.  Someone recommended TDSSkiller. I downloaded it and it worked.

Internet browser redirecting

8 responses

Similar discussions

Subscribe To Our Newsletter!