IE8 Google redirected to Qandas.com How to get rid of it?

Topic

New Reply

When I click on the results of a Google search I am redirected to Qandas.com. How do I get rid of this?

Reply | Quote

Replies

Try downloading Malwarebytes antimalware and / or SuperAntiSpyware and have them scan your computer.

Reply | Quote

Thanks, I ran Malwarebytes and that did not fix it. Now I will try SuperantiSpyware. I have also sent the information to Google support in hopes that they might fix it. I think I will abandon IE and try another browser.

Reply | Quote

Once you are done, check to see what search provider IE is using, if SuperAntiSpyware does not solve it.

Reply | Quote

Try clicking on Tools>Manage Addons and see if you find any reference to Qandas in Toolbars and Extensions or in Search Providers. If you do, disable it.

Jerry

Reply | Quote

These are redirects FROM Google search results. It’s a virus, not just a changed search provider. Try Microsoft’s Malicious Software Removal Tool.

Bruce

Reply | Quote

Does it just happen with Google Search Results or when you click on any web page link?
If this just started recently, you could try a System Restore to a date prior to the problem.

Jerry

Reply | Quote

SuperAntiSpyware did not fix it. Manage AddON does not show it. Google is the derault search provider and the only enabled provider. It only happens when I click on any of the Google search results. I switched to Google Chrome and it happens there as well. I will not try Malicious Software Removal Tool. I really appreciate all of your suggestions and I will keep trying them. I have not heard from Google support.

Reply | Quote

SuperAntiSpyware did not fix it. Manage AddON does not show it. Google is the derault search provider and the only enabled provider. It only happens when I click on any of the Google search results. I switched to Google Chrome and it happens there as well. I will not try Malicious Software Removal Tool. I really appreciate all of your suggestions and I will keep trying them. I have not heard from Google support.

Try searching with startpage.com. See if the problem exists there as well.

Startpage is basically a Google search with all identifying info about you stripped out (an anonymous search engine).

To get rid of the malware, try Windows Defender Offline or some other scanner which runs before Windows loads.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

To get rid of the malware, try Windows Defender Offline or some other scanner which runs before Windows loads.

I should probably try that. Best suggestion I’ve seen. As for now, I just pulled that computer and replaced with spare. I had decided it was probably cheaper to put in new Hard Drive than keep looking for solutions. I didn’t see any other solutions in this thread.

thanks –

Reply | Quote

Another option is to start Windows in Safe mode (or Safe mode with Networking), and run a scan there. Safe mode is when Windows is stripped down to the bare minimum, with just enough functionality to allow you to get in and do some maintenance. Since most of the functionality is not present, many time malware isn’t able to run, because it needs the functionality which is not present.

If you start in Safe mode with Networking, you can then get antivirus updates, do online scanning, get Windows updates, etc. Very helpful when you’re trying to fix problems.

Safe mode doesn’t always solve it, but it often does.

Not directly related to this post, but if you need to defrag your hard drive, Safe Mode is a great way to do it, because very little is running. The more that is running when you defrag, the longer it takes.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

To get rid of the malware, try Windows Defender Offline or some other scanner which runs before Windows loads.

I tried WDO, only to find out that you have to be online to use WDO. Out here in the boonies, my internet connection is a usb, cell modem. I don’t have a hardwired network. I was hoping to try out WDO and report back on whether or not it worked.

Yes, I know all antiviruses have to updated, but I just downloaded and built the cd, assumed it would have latest definitions. IMO, it should run with old definitions as that is better than nothing. CD should be built with today’s definitions. WDO is great idea IF it works OFFLINE.

Reply | Quote

Surprisingly, there aren’t many references to this malware. I can only find sites which don’t seem incredibly reliable and offer tools to fix the issue, which I would not download.

It is also rather surprising that top rated tools such as Malwarebytes or Superantispyware can’t fix this. I would probably try Emsisoft’s Emergency Kit Scanner, too.

Reply | Quote

Microsoft Malicious Software Removal tool did not remove it. All of my google search results are still being redirected to various ad sites. The only way I can use Google results is to copy the URL and paste it into the address line. Still no response from Google support.

Reply | Quote

I have the ghetto free AVG for protection. I haven’t had any problems until this Saturday! My husband or my little Cousin was using my laptop while I was at work. When I got it back there was the Virus redirect B**S 😡 but of course nobody knows what happened & they swear they didn’t download anything.
I’m happy to see that the list has been narrowed down a bit for me. The last thing I think I should do is start downloading different things trying to fix it 🙁

MR.WINDOWS SECRETS GUY PLEASE HELP ME FIX THIS!!! I really really dont want to have reinstall my windows to get rid of this thing(LOL thats what I do when I have a problem I cant figure out or fix . . I just hold down the Handy Dandy Zero button while powering on my laptop ) Shoot I dont even know if that really fixes problems or if it just makes it so I cant tell the problems there anymore!!

Anywho .. . I am using Windows 7 Internet Explorer 9 PLEASE HELP 🙂

Thank you for your time 🙂

Reply | Quote

I am sorry you have this problem as well. I have not been able to get rid of it and I have tried all the suggestions. I don’t know what else to try except rebuilding my system. I really dread that.

Reply | Quote

None of the top antimalware protection software seem to solve this.

The sites where I have seen info about removing this, to be honest, seem all pretty shady to me. I saw a suggestion to use TDSSKillerto solve the problem. Maybe try it.

Reply | Quote

Ok I have a few questions. What if I (or we) cant find a way to remove or fix this thing? Is this thing slowly destroying my computer?

Is it on my computer for a reason,like to steal my info??

If I was to reset my computer using the “Hold down Zero while powering on my computer” to put it back to factory settings .. . . Would that remove it? Fix it? Or would that just cover up the problem??

Reply | Quote

What do you know about a site called Fixredirectvirus.org? They claim they can fix the problem for $29.95. They also give instructions for a manual fix that looks pretty hairy to me. They mention files starting with TDSS.

Everything I have read calls this a rootkit and that it is the most difficult pc infection to fix. I guess the ultimate fix is to reload Windows from a cd. I am running XP SP3 but my cd is pre SP3. It will take days if not weeks to rebuild my system! What a bummer!!

Reply | Quote

Sounds like a rootkit. Don’t re-install windows or format the hard disk, it won’t help ! TDSSKiller worked for me.

Reply | Quote

Thanks for the reply. I am getting ready to do a clean install of Windows 7. I am running XP on a old Dell desktop that I have upgraded the ram to 3 Gig and Microsoft advisor claims that I have enough system to run 7. I plan on purchasing the Windows 7 Home Premium on disk. That means I will be installing a new Windows 7 after wiping out all my files and the old Windows XP. Are you saying that won’t get rid of the rootkit????

Reply | Quote

Have you tried all the scanning progs you mentioned in Safe Mode? I’m not saying it will cure the problem, but certainly worth a try.

http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx?mfr=true

Reply | Quote

I just ran TDSSKiller, didn’t get rid of the problem. Ironically now the Google search results send me off to an add for Norton Online Security!! Sense of humor?

Reply | Quote

This comprehensive article may help: http://www.pcstats.com/articleview.cfm?articleID=1579

Reply | Quote

If its not a virus or malware then I would run one of the free rootkit’s found here. http://antirootkit.com/software/index.htm

Reply | Quote

Thanks for all of your replies. I am working my way through the pcstats.com article. I am learning far more about the innards of browsers and operating systems etc. etc. than I ever imagined.

Reply | Quote

Found another possible solution worth investigating…..Norton Power Eraser…….has anyone used this? Norton also offers a virus removal service for a fee but if it works it may be worth it.

Reply | Quote

I wouldn’t pay an unknown site to fix it. I found a few sites, all repeating the same basic info, that didn’t seem that reliable. I think you run the risk of ending with 2 problems – the one you have and spending money to stay like that, with the additional risk of providing your cc data to an unknown entity (at best).

Check this: http://www.mywot.com/en/forum/23872-fixredirectvirus-org

Reply | Quote

This is the site offering virus fix. I believe it is a “known” site. I keyed in the URL and did not get it from a search. I am thinking of trying Power Eraser after I have copied some important data files to DVDs. I have been usuing Norton as my security software for several months. Has anyone used Norton’s Power Eraser?

Reply | Quote

No I haven’t used Norton power eraser but I have heard good things about it. I hope you have good luck with it 🙂
Could you please let me know if doing a factory reset is the same as using a disk to redo your windows?? Or would I have to use a disk in order to reinstall??

Reply | Quote

Three options:

1. Uninstall Malwarebytes’ and reboot into “Safe Mode with Networking”. Download a fresh copy of Malwarebytes and update it. Run a FULL scan while still in Safe Mode.

2. Remove the Hard Drive and temporarily install it as a 2nd drive in a known clean computer. Run a full scan using a fresh installation of Malwarebytes’ plus whatever that computer has for a virus checker.

3. Download Windows Defender Offline using a known clean system and install it on a CD. With the HDD back in the original computer, boot from the CD and run a full scan. It will need Internet access to get the latest database, so make sure your Network cable is plugged in before you boot so that the program will recognize it correctly.

Swampster

Reply | Quote

Another option is to ask for help over at http://www.bleepingcomputer.com, a search for “google redirect” there gets lots of similar hits. From reading those it’s not a quick fix, but if you simply follow the directions from a support volunteer there you could be fixed up in a few days. To me, an OS reinstall is way more work with all the drivers and applications. Also if this is a rootkit that hides well, an OS reinstall may not get it unless you actually re-write the place it’s hiding( MBR, etc.).

SysInternals also has a root-kit revealer over at: http://technet.microsoft.com/en-us/sysinternals/bb897445
It’s not a fix, but may help identify what your dealing with.
Note: it specifies ” It runs on Windows XP (32-bit) and Windows Server 2003 (32-bit)”

Best of luck!
Brino

Reply | Quote

The instructions on this page seem to have worked well for many people over the last 2.5 years: Remove Google redirect virus

Bruce

Reply | Quote

Thanks Bruce. There is a lot of information there. I will look at it too.

Reply | Quote

This is still an on going problem for lots of people. Did no one fix it? No one reported back what they did to fix the problem. Please let us know if you fixed this problem on your computer.

For me, search results redirect happens wheter the search engine is yahoo or google and the browser is IE8 or Chrome. I’ve tried Superantispyware and Malicious software removal tool. Nothing works.

any advice?

thanks

Reply | Quote

If you have faithfully followed all the links that have been provided over the course of this discussion and STILL have no resolution, then maybe it is time to take it to a trusted professional.

Reply | Quote

I went through the entire WDO process myself about a month and a half ago. The infected PC was offline, and WDO came with the latest definitions as of the day I created the CD.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

I went through the entire WDO process myself about a month and a half ago. The infected PC was offline, and WDO came with the latest definitions as of the day I created the CD.

Thanks. Being certain WDO told me I had to update my definitions, I went to the WDO site and read the FAQ. It agreed with you. Ok. Maybe my date/time is off.

So I tried again with the same results. WDO tells me I have to update my definitions. Running a scan is not an option. However, this PC is Win XP SP2 and the specs say WDO requires SP3. Now there can be no compelling reason a pgm running from cd in this manner would require SP3 and not run with SP2. But at this point I can find no other problem with my set up. My date/time are correct.

I do have exactly 512mb ram, which WDO says is the minimum.

Whatever, thanks for the time you’ve invested in this.

Reply | Quote

Now there can be no compelling reason a pgm running from cd in this manner would require SP3 and not run with SP2. But at this point I can find no other problem with my set up. My date/time are correct.

I do have exactly 512mb ram, which WDO says is the minimum.

Whatever, thanks for the time you’ve invested in this.

Actually, Microsoft (and others) are more and more requiring that you have a minimum of SP3 if you are running XP. So I would believe the specs in this case.

If you want to continue to use this computer as-is, you really should install SP3, since it is so often required. Download it to a CD from another computer, and then install it off-line from the CD on the infected computer. Then try again with WDO. I’m sure it will work after you install SP3.

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote