Google redirect virus(please help)

Please attach the requested logs:
SAS
MBAM
C:\MGLogs.zip

 

If the MGTools folder was created, try running this:
C:\MGtools\GRK64.bat

Does that run to completion?

 

Good, now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:
* C:\MGlogs.zip

 

What browser are you using when this occurs and does it occur in other browsers?

 

Do you have a google toolbar installed?

 

So to be clear, you only have redirects when doing a search in IE or FF if you are searching thru google?

 

You do not have the current version of MGtools. This issue was fixed on 07/14/2010. Please download and run the current version of MGtools

 

Type this into your browser address bar and tell me if it takes you to google. If so, do you still get redirects?

74.125.95.103

 

If you were previously going to google by way of a bookmark, then delete that bookmark. Let me know if you get redirected again.

 

There is nothing wrong with MGTools. It is a false positive from Kaspersky. Are you still having problems?

 

Try uninstalling it, then run CCleaner ( both the cleaner and the registry--> make the backup when prompted) and then reinstall it. See if that works.

 

Is IE the only browser that is giving you re-directs now? Please run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\MGlogs.zip

 

Please Disable Spybot's TeaTimer --> Should have been done as per the R&R instructions!

* Run Spybot and click Mode
* Select Advanced Mode.
* Then click Tools and select Resident.
* Now in the right window pane, uncheck TeaTimer.
* Also while this is open, in the left column now select IE Tweaks
* and then in the right pane make sure all the Miscellaneous locks are unchecked.
* Now quit Spybot!

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Please check these instructions for resetting your proxy settings ( delete them ):
Change Proxy Settings.

Now download and install Firefox to see if that also gives you redirects:

Get it here: Mozilla FireFox

Tell me how that goes.

 

Actually it is routers that are being infected since they have the ability to provide DNS functions.

If you have a router hooked up then you need to follow the instructions for your hardware and reset it to factory default settings. Normally there is a recessed push button type switch that needs to be held down for some number of seconds to do this. After resetting to factory defaults on your router, you will need to reconfigure the router for your network if you have made any changes to the default network setup.