Jump to content


  • Posts

  • Joined

  • Last visited

Posts posted by Ruinous

  1. Greetings all!

    I'm a little comforted (not overly) that I am not the only one to have been plagued by the google search redirect malware. After digging through what little information seems to be out there for this problem I attempted to remove it myself.

    I'm a regular user of:

    Kaspersky IS 2k9 (however my license recently expired, so no more DB updates).

    MalwareBytes Anti-Malware


    A little background on my problem... I had recently been infected with a bogus anti-malware program which littered my screen with fake pop-ups claiming that I had infected files.. it was incredibly troublesome due to it immediately closing task manager on me as well as blocking any anti-virus and anti-malware from opening. I eventually was able to kill the main process and run MalwareBytes to clean it from my system, and all seemed well enough after that - until I noticed a lingering effect after it was gone.

    I had been struck with the google search redirect hijack. I was not getting any strange pop-ups, however clicking on any google search links would bring me to random junk websites every so often. My about:config page in firefox was altered to use some search-star.net website, and any attempt to change it was reversed upon closing and re-opening firefox. I researched the problem heavily on forums such as this and eventually found a recommendation to use ComboFix which cured the problem for one user. I ran it and it seemed to clean a few infected files that MalwareBytes had missed, however the problem in firefox remained. I tried altering all of my user.js files to remove the pointer to the search-star website with little success. Eventually I deleted all of the extension folders in firefox's application data section and it seemed to cure my problem - though now another problem has arose from what I did next.

    Through my searching I had also seen TDSSKiller mentioned, and decided to give it a try. It scanned my PC and found 2 more infected files which I instructed it to delete. After doing so, I've experienced consistent BSoD's whenever I try running TDSSKiller again. It scans my PC and finds nothing, however after closing the program it gives me an immediate BSoD without any .dll referenced. Also, I occasionally have windows hang at "Windows XP" loading screen (the loading bar moves VERY slowly and doesn't go anywhere from there) - and now I can't seem to boot into Safe Mode either, as it hangs at a certain driver as well.

    So, long story short I guess... is it worth trying to recover my system files that were damaged though this foolish and unadvised process of malware removal? Also, should I be confident that my system is actually clean now? I don't seem to have the redirect any more however when windows loads, my desktop background pops up but it seems to hang for longer than normal before all my icons appear. I'm a little concerned that there may still be something lurking on my PC that shouldn't be there.

    Thanks in advance!


    P.S. the HijackThis log file is current. The attached TDSSKiller log file is from the run I made which deleted the 2 files the first time, leading (I believe) to my current BSoD issues. Subsequent TDSS logs contain no detected files in it. Both mbam logs are from the day I was infected with Antimalware Doctor - just to show what was detected and removed. Subsequent scans result in no detections.





Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.