Spyware, Viruses, & Security forum

General discussion

Having Trouble Getting Rid of Google Redirect

by bauwau2u / November 4, 2009 8:46 AM PST

I am running Windows XP and using Internet Explorer. Have downloaded Malwarebytes Anti-Malware and SuperAntiSpyware, and run them both. Also ran ASquaredFree. Quarantined what was found, but still have the redirect virus (not all google searches get redirected).

I am not a high tech person but can follow fairly straight-forward instructions. Am a bit intimidated by what I have read on some of the other sites with posting logs. I would appreciate suggestions or to be pointed to the right place to try to get rid of this.

Also curious if I can change my browser (e.g.from IE to Safari) to solve the problem or whether I really have to fix the guts of the computer system to fix this.

Discussion is locked
You are posting a reply to: Having Trouble Getting Rid of Google Redirect
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Having Trouble Getting Rid of Google Redirect
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Can you see....
by Marianna Schmudlach / November 4, 2009 10:33 AM PST

1. Select Show Hidden Devices under Hardware Device Manager in your Windows Control Panel.
2. Search for "TDSSserv.sys" right click Disable. Do not select Uninstall otherwise the infection will reappear once the computer is restarted.
3. Reboot the pc.

Update your Anti Virus software and AntiMalware program and run again a scan.

Is the "redirection" now gone?

Collapse -
Google Redirect - TDSSserv.sys
by bauwau2u / November 4, 2009 11:28 AM PST
In reply to: Can you see....

Thanks for getting back so quickly.
I got as far as Control Panel>System>Hardware>Device Manager> then View and Show Hidden Devices. I opened up all the '+' but I did not see anything that looked like TDSSserv.sys there (none of the items were in a format with a ".sys" ending). Am I in the right place or was I supposed to do a different search?

Collapse -
by Marianna Schmudlach / November 4, 2009 11:41 PM PST
Collapse -
Re-ran the scans but still getting redirected
by bauwau2u / November 5, 2009 6:35 PM PST
In reply to: Right......

I uninstalled the Malwarebytes Anti-Malware and downloaded, updated, and ran the full scan (previously had run the quick scan). Came up clean. I also uninstalled, and then downloaded superantispyware free edition. This showed tracking cookies, which were then removed.

I then ran Eset Online Scan (but not from the link you provided since it was in czech - I ran it from their website. That showed nothing.

But I am still getting redirected.

Collapse -
Then I would suggest...
by Marianna Schmudlach / November 5, 2009 10:38 PM PST

downloading HJT from here:


Trend Micro HijackThis is a free utility that generates an in depth report of registry and file settings from your computer. HijackThis makes no separation between safe and unsafe settings in its scan results giving you the ability to selectively remove items from your machine. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer.






Good Luck !
IMPORTANT: HijackThis does not determine what is good or bad. Do not make any changes to your computer settings unless you are an expert computer user.

Run a scan and post your log at ONE of the following HJT forums:

Collapse -
On to the next step...
by bauwau2u / November 5, 2009 11:48 PM PST

Thank you for your time and advice, including warnings not to delete anything without expert instruction. I took a look at those sites even though it looks complicated and I will try to muddle through following instructions closely. I appreciate the effort spent trying to help those of us who are still knuckleheads when it comes to this stuff.

Collapse -
Do NOT worry.....
by Marianna Schmudlach / November 6, 2009 12:04 AM PST
In reply to: On to the next step...

The helpers at the HJT forums know what they are doing and will tell you exactly what to do.

You Are Very Welcome.

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.