Spyware, Viruses, & Security forum

Resolved Question

Can't get rid of a google redirect trojan/virus.

by Jennifer1510 / November 27, 2012 12:18 PM PST

I am having issues with google redirect. To be more specific, when I google something, and then click a link, I will be sent to a very obvious spam website instead of the link I clicked. If I click the back button, I will get to the link I wanted in the first place.

I have run multiple scans with AVG, eSet, Malwarebytes, and Hitman. Eset is the only thing that found anything. It found these items:

C:\$RECYCLE.BIN\S-1-5-21-785293973-1187815849-3269181308-1000\$R9TFSQT.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-785293973-1187815849-3269181308-1000\$RQH0ION.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\andyandjenni\AppData\Local\Temp\013aa5a58c11.exe a variant of Win32/Kryptik.ANVZ trojan cleaned by deleting - quarantined
C:\Users\andyandjenni\AppData\Local\Temp\ICReinstall\cnet2_Greenshot-INSTALLER-0_8_0-0627_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\andyandjenni\AppData\Local\Temp\ICReinstall\cnet_ComboFix_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\andyandjenni\AppData\Local\Temp\is1598539481\BuzzdockSetup-Silent.exe multiple threats cleaned by deleting - quarantined
C:\Users\andyandjenni\AppData\Local\Temp\is1598539481\zgInstaller.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\andyandjenni\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\111004132821909.rsc multiple threats deleted - quarantined
C:\Users\andyandjenni\Downloads\cnet_ComboFix_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\andyandjenni\Downloads\defragsetup.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined

but afterwards I am still having the redirect problem. I reran the eset scan and now it doesn't find anything. I'm ready to try anything and follow directions explicitly if anyone knows what to try. I'm running Vista. Let me know what else you need.

Jennifer1510 has chosen the best answer to their question. View answer
Answer This Ask For Clarification
Discussion is locked
You are posting a reply to: Can't get rid of a google redirect trojan/virus.
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Can't get rid of a google redirect trojan/virus.
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Clarification Request
Some of those?
by R. Proffitt Forum moderator / November 28, 2012 9:32 AM PST
Collapse -
by Jennifer1510 / November 30, 2012 6:19 AM PST
In reply to: Some of those?

Do you see a specific toolbar in that list? I'm not aware that I have any.

Collapse -
Give yourself time.
by R. Proffitt Forum moderator / November 30, 2012 9:20 AM PST
In reply to: Toolbars

I've run into new users that call them APPS or add ons and the list is far too long. Your post revealed one so I put a laser focus on it but now I worry that you are in need of a personal computer tech.

Collapse -
by Jennifer1510 / December 4, 2012 11:12 PM PST
In reply to: Give yourself time.

I'll uninstall the toolbar. Which of those items is it? Need a name or something.

Collapse -
I supplied. Buzzdock.
by R. Proffitt Forum moderator / December 5, 2012 1:58 AM PST
In reply to: clarification

I also supplied a link discussing it. Some of these HIDE under other names.

I am not at your PC but you could uninstall one toolbar after another until you get it. IE and browsers work fine without these.

All Answers

Best Answer chosen by Jennifer1510

Collapse -
Got my answer elsewhere
by Jennifer1510 / December 9, 2012 11:12 PM PST

Wanted to mark this question as resolved, but I didn't get it resolved here. Another website forum was able to pinpoint my problem.

Collapse -
Thanks for letting us know..
by Carol~ Forum moderator 2 / December 10, 2012 1:06 AM PST


In some cases, it's best to post at a Malware Removal forum. You already found out it can be a tedious process, depending on what the problem is - and where.

Sometimes it's as simple as running a couple of scans. Sometimes it's not. When it's not, the Malware Removal forums will work with you "one on one", until the problem is resolved. As they did with you over this past week. Time constraints permit us from doing the same.

Glad to hear .. all is well.


Collapse -
I read @Alternate Data Stream.
by R. Proffitt Forum moderator / December 10, 2012 1:34 AM PST

Lovely, deep, and wonderful issue. At times I wonder if ADS should be removed from this OS.

Collapse -
An Additional Thought
by Carol~ Forum moderator 2 / December 5, 2012 3:53 AM PST
Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions

CNET Holiday Gift Guide

Looking for great gifts under $100?

Trendy tech gifts don't require a hefty price tag. Choose from these CNET-recommended useful and high-quality gadgets.