BleepingComputer.com: Google redirect virus

OK< we can fix this...
Its not unusual to receive such an error after using specialized fix tools.

A "Cannot find...", "Could not run...", "Error loading... or "specific module could not be found" message is usually related to malware that was set to run at startup but has been deleted. Windows is trying to load this file but cannot locate it since the file was mostly likely removed during an anti-virus or anti-malware scan. However, an associated orphaned registry entry remains and is telling Windows to load the file when you boot up. Since the file no longer exists, Windows will display an error message. You need to remove this registry entry so Windows stops searching for the file when it loads.

To resolve this, download Autoruns, search for the related entry and then delete it.

Create a new folder on your hard drive called AutoRuns (C:\AutoRuns) and extract (unzip) the file there. (click here if you're not sure how to do this.)
Open the folder and double-click on autoruns.exe to launch it.
Please be patient as it scans and populates the entries.
When done scanning, it will say Ready at the bottom.
Scroll through the list and look for a startup entry related to the file(s) in the error message.
Right-click on the entry and choose delete.
Reboot your computer and see if the startup error returns.
Credit to quietman7

Done.

Well that's gone now. Where should I go from here?

Edit:
Can you also recommend some good free firewalls for this computer when we're done?
I test different things on here from time to time but this PC usually doesn't have any permanent Antivirus on it.

This post has been edited by VicVegas: 24 January 2011 - 04:31 PM

Ok, this is clean now .. Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:

• Go to Start > Programs > Accessories > System Tools and click "System Restore".
  
• Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.

• Then use Disk Cleanup to remove all but the most recently created Restore Point.
  
• Go to Start > Run and type: Cleanmgr
  
• Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  
• Click the "More Options" tab, then click the "Clean up" button under System Restore.
  
• Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  
• Click Yes, then click Ok.
  
• Click Yes again when prompted with "Are you sure you want to perform these actions?"
  
• Disk Cleanup will remove the files and close automatically.

Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:

• Simple and easy ways to keep your computer safe.
  
• How did I get infected?, With steps so it does not happen again!.
  
• Hardening Windows Security - Part 1 & Part 2.
  
• Configuring Internet Explorer for Practical Security and Privacy - How to Secure Your Web Browser.
  
• Your Guide To Staying Safe Online.
  
• Use Task Manager to close pop-up messages to safely exit malware attacks.

• Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

• Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:

• USB-Based Malware Attacks.
  
• When is AUTORUN.INF really an AUTORUN.INF?.
  
• Please disable Autorun asap!.

As to the firewall, I'd go with Sygate,Zonealarm or Ashampoo from here.
http://www.bleepingcomputer.com/forums/topic366982.html

I run the AVira free AV myself. It's on that list also. In todays Computer world you must run an AV and a firewall.

This post has been edited by boopme: 24 January 2011 - 04:58 PM

Uh. I said that an irremovable file was still on my PC. How should I get rid of it?

Thanks for the info anyway...

Edit:
I'd rather have you're OK on it first, but I could always attack it with fileASSASSIN.

This post has been edited by VicVegas: 24 January 2011 - 08:12 PM

Autoruns did not get that utuku...dll?
Then use File Assassin.

boopme, on 24 January 2011 - 08:44 PM, said:

No this was unrelated to that... But hell, I'll try anyway.

BTW why are a number of the links on that free AV page incorrect?
I checked Wikipedia and this appears to be the proper link to free Avira: http://www.avira.com/en/avira-free-antivirus
Ok nevermind. It's just a thing that asks for your country before taking you to the main site. I feel stupid now...

Anyway, I'm looking for something with low impact on the CPU since this computer is rather old. And I mean old as in it only has half a gig of RAM.

Also, have you ever tried Comodo firewall?

Edit:
Well it killed it whatever the case. I can now access "Local Disk D:/Vics Files" without slowdown. Yippie!

This experience has taught me something. I'll be more secure and be less of an idiot with my PCs from now on.

Ugh... Don't know if my parents will ever follow in turn though.

This post has been edited by VicVegas: 24 January 2011 - 09:17 PM

Cool,that's great news. I couldn't think of another file we missed.

I actually use the Comodo wall.
It has a bit of a learning curve to get used to using it.

Good plan. Did you do the restore point.

You can ask here which firewall is the lightest as I don't know for certain.

AntiVirus, Firewall and Privacy Products and Protection Methods

Yep all done.

Fun Fact: This computer has lasted me a very long time and that's pretty cool, but the people who built this thing were still morons. They gave it two drives, disk C and disk D. Now disk D should be the the main drive as it has the most space available, however (as is traditional with computers) disk C is the main drive. Disk C only has 13.88 GB of space on it... Idiots.

Anyway, I guess we're all good here. I'll be back if the re-direct returns, thanks for all the help.

This post has been edited by VicVegas: 24 January 2011 - 10:44 PM