Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Lady Spank
Amarr Trillionaire High-Rollers Suicidal Bassoon Orkesta
|
Posted - 2010.10.20 20:52:00 -
[1]
TL;DR, HALP! Some malware or thing is redirecting google search results to unexpected websites.
Hi,
I'm visiting my parents and as part of my duties I am trying to do some maintenance on the family PC. Usually this involves making sure software and windows is up to date as well as scanning with ad-aware and search & destroy for possible malware etc etc.
This time I am stumped. Google search results are randomly (not every time) redirecting to junk sites and I can't pinpoint the issue. I dont entirely trust search results I have made on the subject but I have at least run the following with no success...
spyware search & destroy AVG antivirus (updated to latest version etc) ad-aware free TDSSkiller (kaspersky, based on a blog about removing these random redirects).
If anyone knows how to fix this I will be eternally grateful.
I've been at this for a few hours now and my parents think I'm just farting about on the computer
ISK to the best answer(s) ~_~
|
Kazuo Ishiguro
House of Marbles
|
Posted - 2010.10.20 21:03:00 -
[2]
Consider temporarily using another search engine for your research purposes until you find a definite fix? Also, run HijackThis and post the results (don't go removing things unless you know exactly what they are, though). --- 34.4:1 mineral compression |
Blane Xero
Amarr The Firestorm Cartel
|
Posted - 2010.10.20 21:06:00 -
[3]
Edited by: Blane Xero on 20/10/2010 21:07:52 Check the hosts file (Windows/system32/drivers/etc) Check browser proxy/privacy settings.
_____________________________________ Haruhiist since December 2008
Originally by: CCP Fallout Been there. Done that. Need antibiotics.
|
Hairy Belly
|
Posted - 2010.10.20 21:45:00 -
[4]
I have no interest in helping you solve this, but I can guess what caused it. Karma
|
Grimpak
Gallente The Whitehound Corporation The Chamber of Commerce
|
Posted - 2010.10.20 21:55:00 -
[5]
Spybot can check out the hosts file for bad entries. ---
Quote: The more I know about humans, the more I love animals.
ain't that right. |
Zions Child
Caldari Carthage Industries Dead Terrorists
|
Posted - 2010.10.20 21:56:00 -
[6]
Its possible its a malware rootkit. Have your parents been using any Sony products recently?
Other than that, I haven't any idea...
Originally by: CCP Shadow *snip* Castration successful. Shadow.
|
Zions Child
Caldari Carthage Industries Dead Terrorists
|
Posted - 2010.10.20 22:12:00 -
[7]
If it is a rootkit, by the way, and its one that is operating with System privileges, you'll almost certainly never be able to remove it. However, if you boot up with perhaps a Linux distro, you can move the important files of or cordon them off and reinstall the OS. DON'T DO THIS ON THE AFFECTED SYSTEM WITH THE AFFECTED OS.
Originally by: CCP Shadow *snip* Castration successful. Shadow.
|
Lady Spank
Amarr Trillionaire High-Rollers Suicidal Bassoon Orkesta
|
Posted - 2010.10.20 22:55:00 -
[8]
what is malwarebytes' antimalware ? I found a reference to it in the registry.
Thanks for the replies*
hostfile is fine, proxies are fine. will post hijackthis log later on (its late and I will try again tomorrow).
rootkits annoy the heck out of me and goodness knows what my parents have installed. It's likely because they cant handle any browser other than IE and insist on having a google AND yahoo toolbar on there. Heaven knows what else has been installed....
*also lol at the butthurt alt poster, it's my parents pc numbnuts and dont take eve so seriously ~_~
|
CharmingButIrrational
Roswell Project Victimz
|
Posted - 2010.10.20 23:39:00 -
[9]
Malwarebytes
Know the feeling; glad I convinced my parents to use Ubuntu for what little computer related stuff they need. Luddites on Linux kekekekeke
|
Herzog Wolfhammer
Gallente Aliastra
|
Posted - 2010.10.21 06:46:00 -
[10]
Go get malwarebytes and some info- here
You will also get information on how the malware is redirecting your searches. Basically it has changes your browser settings to use a on-board program as a proxy server, and that's acting like the reverse-filter that hijacking your search terms.
Last time this happened to me, IE and Firefox were affected but not Safari. Not all malware hits all browsers the same. If you have other browsers installed try them.
Good luck
|
|
Chainsaw Plankton
IDLE GUNS IDLE EMPIRE
|
Posted - 2010.10.21 11:45:00 -
[11]
I had something like that a while back
spybot would detect it, but couldn't kill it. guess i was also somewhat lucky as spybot's addition to the hosts file prevented most of the pages it tried to open from loading.
between Hijack this, and Combofix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix I killed it.
|
thatbloke
Gallente
|
Posted - 2010.10.21 12:22:00 -
[12]
also check your DNS server settings, make sure they are correct
Originally by: CCP Shadow I think we'd be better off with a troll shard.
|
Reiisha
Evolution IT Alliance
|
Posted - 2010.10.22 19:42:00 -
[13]
Usually the simplest (and sometimes only) way to deal with a redirect virus is to reinstall the system. And not just reinstall, but format the disk and reinstall completely.
Technically you have to do that every 1-2 years anyway as far as Windows is concerned just to get all the junk out.
"If you do things right, people won't be sure you've done anything at all"
|
Professor Tarantula
Hedion University
|
Posted - 2010.10.23 01:15:00 -
[14]
SOPHOS anti-rootkit
Can use www.startpage.com as a search engine in the meantime, which isn't a bad search engine to use in general for a variety of reasons. You'll probably have to do some searching on the results SOPHOS shows to narrow it down to the specific problem to remove. It's very thorough.
My Warmest Regards. Prof. Tarantula, Esq. |
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |