Search results forward to spam sites

FoxIX

New member
Member
Local time
5:42 AM
Messages
28
Location
Bristol
I have been having this problem for a few days now and is getting quite annoying. For searches, when I click on a link I am forwarded to a spam site. This is temperamental so I cannot guess when it is or is not going to happen.

This is what I have done so far:

Un-installed and re-installed all browsers (bar IE for obvious reasons)
Run a complete virus scan using AVG
Run Malwarebyte's Anti-Malware - which picked up 7 infections
Noticed that AVG had an install date of the 5th August (when I have had it installed for over 6 months)
Un-installed using Revo uninstaller
Un-installed all programs that were installed in the past 10 days.
Attempted to install MSE but it would not install
Installed Zonealarm Internet Security Suite 2012 and ran full scan. Nothing picked up.
Ran Malwarebyte's Anti-Malware. Nothing picked up.

I am unable to do a system restore as I do not have any restore/backup points on my computer.

Can anyone suggest what else I could try?

TIA
 

My Computer My Computer

At a glance

Windows 7 Home Premium x64Intel Core i3 540 @ 3.07GHz4Gb (2x2Gb Corsair)Nvidia GeForce GT 240
Computer Manufacturer/Model Number
Computer Planet
OS
Windows 7 Home Premium x64
CPU
Intel Core i3 540 @ 3.07GHz
Motherboard
Intel DH55TC
Memory
4Gb (2x2Gb Corsair)
Graphics Card(s)
Nvidia GeForce GT 240
Sound Card
High Def Audio
Monitor(s) Displays
LG W2261 VP
Screen Resolution
1920X1080
Hard Drives
64Gb Kingston SSD
500Gb Generic Drive
Cooling
Just fans
Keyboard
M$ Ergonomic 4000
Mouse
M$ Wireless Laser 5000
Internet Speed
8Gb
You could give Microsoft's Standalone System Sweeper boot disc a try and scan the machine offline to make sure it really is clean before doing anything further (because it sounds like you're still infected, potentially by something you won't be able to remove while Windows itself is online and running).
 

My Computer My Computer

At a glance

Windows 10 Pro x64Intel Core i7 4790K @ 4.5GHz32GB DDR3Nvidia GeForce GTX970
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom
OS
Windows 10 Pro x64
CPU
Intel Core i7 4790K @ 4.5GHz
Motherboard
Asus Maximus Hero VII
Memory
32GB DDR3
Graphics Card(s)
Nvidia GeForce GTX970
Sound Card
Realtek HD Audio
Screen Resolution
1920x1200
Hard Drives
1x Samsung 250GB SSD
4x WD RE 2TB (RAIDZ)
PSU
Corsair AX760i
Case
Fractal Design Define R4
Cooling
Noctua NH-D15
Attempted to install MSE but it would not install

This is a tell tale sign that you are still infected. I'm surprised you were able to install other security software.

MBAM has a forum where volunteers will help clean your computer.
 

My Computer My Computer

At a glance

Win 7 Home Premium x64Intel Core i3-540 3.07 GHz4 GB (2 X 2) Dual-Channel PC-10600 DDR3 @ 665...Integrated Intel H57
Computer Manufacturer/Model Number
HP p6608f
OS
Win 7 Home Premium x64
CPU
Intel Core i3-540 3.07 GHz
Motherboard
MS-7613 (Iona-GL8E)
Memory
4 GB (2 X 2) Dual-Channel PC-10600 DDR3 @ 665MHz (9-9-9-24)
Graphics Card(s)
Integrated Intel H57
Sound Card
Integrated Realtek ALC888S Audio
Monitor(s) Displays
17" SDM-HS73 (a vestige from my old computer)
Screen Resolution
1280 X 1024
Hard Drives
750GB SATA 7200 RPM
PSU
250W
Keyboard
HP USB keyboard
Mouse
HP USB optical mouse
Internet Speed
15Mbps/1Mbps
First off, if this is recent, any chance that you can do a system restore to an earlier time, preferably a couple days before the infection? If not....

Try running these tools while in safe mode and disconnected from the net:

Microsoft Safety Scanner - Antivirus | Remove Spyware, Malware, Viruses Free

This is the SUPERAntiSpyware Portable Scanner, you'll be able to run it from a FD. Please note : The scanner is saved under a random filename so that malware infections won't block the scanner.

SUPERAntiSpyware.com - SUPERAntiSpyware Portable Scanner

Run Malwarebytes again, in safe mode while disconnected from the net.

Norton Power Eraser: For this tool you will need an active internet connection.

Norton Rescue Tools

Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully.
If you're unsure about any file, you can submit it to Norton for further analysis as an option from Power Eraser.

Another option is to run a AV Boot Disk.

http://www.techmixer.com/free-bootable-antivirus-rescue-cds-download-list/

Kaspersky Rescue disk hasn't played well with Windows lately, so you may wish to steer clear of it.
 

My Computer My Computer

At a glance

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
Thanks for all of your replies. It is very much appreciated. I have gone through all of your suggestions and worked through them one by one. Unfortunately nothing was picked up and I am still having the same problems.
 

My Computer My Computer

At a glance

Windows 7 Home Premium x64Intel Core i3 540 @ 3.07GHz4Gb (2x2Gb Corsair)Nvidia GeForce GT 240
Computer Manufacturer/Model Number
Computer Planet
OS
Windows 7 Home Premium x64
CPU
Intel Core i3 540 @ 3.07GHz
Motherboard
Intel DH55TC
Memory
4Gb (2x2Gb Corsair)
Graphics Card(s)
Nvidia GeForce GT 240
Sound Card
High Def Audio
Monitor(s) Displays
LG W2261 VP
Screen Resolution
1920X1080
Hard Drives
64Gb Kingston SSD
500Gb Generic Drive
Cooling
Just fans
Keyboard
M$ Ergonomic 4000
Mouse
M$ Wireless Laser 5000
Internet Speed
8Gb
Hi FoxIX,

You may want to go to this forum which specialises in malware removal:
Bleeping Computer - Computer Help and Discussion

You can sign up for free; you might have to wait for a little until someone helps you since the Bleeping Computer experts are kept on their toes all the time. Read the "Are you new to Bleeping Computer?" section carefully. If you decide to sign up over there, please post your system specs and describe the issues you are experiencing and which troubleshooting steps you have taken so far.
 

My Computer My Computer

At a glance

-
OS
-
Okay, thank you. I will look into that.
 

My Computer My Computer

At a glance

Windows 7 Home Premium x64Intel Core i3 540 @ 3.07GHz4Gb (2x2Gb Corsair)Nvidia GeForce GT 240
Computer Manufacturer/Model Number
Computer Planet
OS
Windows 7 Home Premium x64
CPU
Intel Core i3 540 @ 3.07GHz
Motherboard
Intel DH55TC
Memory
4Gb (2x2Gb Corsair)
Graphics Card(s)
Nvidia GeForce GT 240
Sound Card
High Def Audio
Monitor(s) Displays
LG W2261 VP
Screen Resolution
1920X1080
Hard Drives
64Gb Kingston SSD
500Gb Generic Drive
Cooling
Just fans
Keyboard
M$ Ergonomic 4000
Mouse
M$ Wireless Laser 5000
Internet Speed
8Gb
Check proxy settings in your IE:
Tools/Internet Options/Connections (tab)/Lan Settings.
Make sure your "use a proxy server" is unchecked.

Then you'll want to check your Hosts file:
C:\windows\system32\drivers\etc\hosts (open in notepad)
You can paste your hosts file here so we can take a look.
 

My Computer My Computer

At a glance

7 Pro
OS
7 Pro
The "use a proxy server" is unchecked. The contents of my hosts file is:

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

Thanks.
 

My Computer My Computer

At a glance

Windows 7 Home Premium x64Intel Core i3 540 @ 3.07GHz4Gb (2x2Gb Corsair)Nvidia GeForce GT 240
Computer Manufacturer/Model Number
Computer Planet
OS
Windows 7 Home Premium x64
CPU
Intel Core i3 540 @ 3.07GHz
Motherboard
Intel DH55TC
Memory
4Gb (2x2Gb Corsair)
Graphics Card(s)
Nvidia GeForce GT 240
Sound Card
High Def Audio
Monitor(s) Displays
LG W2261 VP
Screen Resolution
1920X1080
Hard Drives
64Gb Kingston SSD
500Gb Generic Drive
Cooling
Just fans
Keyboard
M$ Ergonomic 4000
Mouse
M$ Wireless Laser 5000
Internet Speed
8Gb
hosts is fine, most likely registry injection at this point.
 

My Computer My Computer

At a glance

7 Pro
OS
7 Pro
Back
Top