Google redirect virus HELP!

Welcome to Major Geeks!

If you have done the Read and Run First instructions you would know to attach the requested logs:
SAS
MBAM
ComboFix
C:\MGLogs.zip

 

After you have done those, then I want you to run this:
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  Vista/Windows 7 users right-click and select Run As Administrator.
• If TDSSKiller does not run, try renaming it.
• To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
• Click the Start Scan button.
• Do not use the computer during the scan
• If the scan completes with nothing found, click Close to exit.
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
• A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_14.17.05_log.txt) will be created and saved to the root directory ( usually Local Disk C ).
• Attach this log to your next message

 

You should have started a separate thread for the desktop computer, otherwise things could get confusing.

If you hard wire your computers to the modem, bypassing the router, are you still redirected?

It is possible that your router is infected, so you need to reset it to factory settings. (Find the little red recessed button on the bottom and hold it in for 3 seconds.) You will have to change the configuration if you had anything previously configured in the router.

In the meantime, on the desktop, do this:

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Now copy just the bold text below to notepad (Do not include any space above the word REGEDIT). Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You can just right click and delete the reg. fix.

Have you checked to see if other users that are on this router are having the same issues as you? I am not seeing any malware in your desktop logs and your laptop logs where clean. So the only thing that could be the cause is the router.

It would be very easy for you to plug the laptop directly into the modem and see if you are still being redirected.

 

Do check to see if anyone else is having this issue. It is more than likely the router, but I can't be sure unless you can test it by bypassing it. Perhaps you know someone who you can borrow an ethernet cable from.