Hardware Canucks

Hardware Canucks (http://www.hardwarecanucks.com/forum/)
-   O/S's, Drivers & General Software (http://www.hardwarecanucks.com/forum/o-ss-drivers-general-software/)
-   -   google search malware (http://www.hardwarecanucks.com/forum/o-ss-drivers-general-software/59768-google-search-malware.html)

tangrisser February 19, 2013 05:33 PM

google search malware
 
I have some sort of malware installed on my laptop which forwards my Google search results to be pushed to another some what relevant web site.

I googled about this and it just said to try running malware protection software and catch whatever the malware is. It's been really annoying and I have run combo fix, malwarebytes and couple other malware protection software and nothing seems to be able to catch this.

I really don't want to have to format my laptop since I don't have my desktop at the moment. Anyway to do something about this?

PS.
And yes I know. I gotta stop watching p0rn. :ph34r: :bleh: :shok: :ph34r:

supaflyx3 February 19, 2013 05:53 PM

Wait, how did you google it if it's being routed to another website? o.o
On a serious note, have you tried running MSE.

grinder February 19, 2013 07:17 PM

sounds like your hosts file has been compromised. I would recommend creating a second user with admin access and opening up the hosts file in notepad [launch notepad with admin rights and nav to C:\Windows\System32\Drivers\etc].
open the hosts file and make sure the last three lines look similar to this


Code:

# localhost name resolution is handled within DNS itself.
#        127.0.0.1      localhost
#        ::1            localhost


if not... nuke everything below the above pasted code

Perineum February 19, 2013 07:30 PM

also make sure you're not running a proxy in your internet settings.

Nodscene February 19, 2013 08:26 PM

There are some good suggestions so far. You might want to try Norton Power Eraser as it's pretty good at finding rootkits. You might also want to try aswmbr and "fix" the mbr (unless of course you are dual booting or the like) as that could potentially be the issue.

enaberif February 19, 2013 08:32 PM

Quote:

Originally Posted by Nodscene (Post 691657)
There are some good suggestions so far. You might want to try Norton Power Eraser as it's pretty good at finding rootkits. You might also want to try aswmbr and "fix" the mbr (unless of course you are dual booting or the like) as that could potentially be the issue.

Combofix.. I won't recommend anything "Norton"

tangrisser February 19, 2013 11:28 PM

Quote:

Originally Posted by supaflyx3 (Post 691615)
Wait, how did you google it if it's being routed to another website? o.o
On a serious note, have you tried running MSE.

If I click on it the first time then it re-routes but if I go back or click on it the 2nd time then it sends me to the correct link. So it doesn't make Google unusable but it's really annoying.

Quote:

Originally Posted by Perineum (Post 691643)
also make sure you're not running a proxy in your internet settings.

Nope, no proxy here.

I've already tried ComboFix and it didn't catch anything. Checked host file and only lists localhost.

Perineum February 20, 2013 12:58 AM

One time I found a real bastard of a hack job that installed a virtual machine on your computer, then it bound your machine's ethernet card through the virtual machine. Everything tunneled through the virtual machine and it did the proxy work.

Nodscene February 20, 2013 06:22 AM

He already tried combofix and it didn't work. I can't stand Norton myself but this is just a standalone rootkit/virus scanner and a very effective one at that. So unless you have another suggestion you aren't helping his situation at all and in fact, possibly preventing him from fixing his issue. I've had a couple instances where Norton Power Eraser was the only program to get rid of the virus completely.

Quote:

Originally Posted by enaberif (Post 691660)
Combofix.. I won't recommend anything "Norton"


Perineum February 20, 2013 04:10 PM

This works pretty good: Anti-rootkit utility TDSSKiller


All times are GMT -7. The time now is 07:43 AM.