Redirect issues.

[techb]

I am trying to help a friend troubleshoot his searches. No matter the browser, google links redirect to other "unknown" sites. It is only Google that does this; Bing, Yahoo, Dogpile, etc does not redirect.


I have tried ComboFix, Malwarebytes, hard reset all browsers, Max Security scan (F-secure product), and all in safe-mode.


Any other suggestions? I was going to have him run a HighJackThis and look at the logs, but if you guys could throw something in there I haven't tried yet would be great.


Haven't done a system restore yet and suggested that today. Windows 7.

[Daemon]

I had the same problem on xp awhile back...trying to remember exactly what I did to removie it...

When you ran mbam did you do it in safe mode? I want to say that's how I fixed mine, I put mbam install file on a usb as well as firefox install both downloaded on another ccomputer. Then I made sure to delete firefox and mbam from my computer, after that I booted in safe mode, reinstalled mbam and found the virus then installed firefox.
Mbam is malwarebytes btw.

Ill look into it some more tonight, dig up those memories for ya. If their still needed that is...

And come to think of it, I may not have reinstalled ff. That could've been.from a diff problem at a diff time...shite I need to buy a voice recorder >.<

[techb]

I had the same problem on xp awhile back...trying to remember exactly what I did to removie it...

When you ran mbam did you do it in safe mode? I want to say that's how I fixed mine, I put mbam install file on a usb as well as firefox install both downloaded on another ccomputer. Then I made sure to delete firefox and mbam from my computer, after that I booted in safe mode, reinstalled mbam and found the virus then installed firefox.
Mbam is malwarebytes btw.

Ill look into it some more tonight, dig up those memories for ya. If their still needed that is...

And come to think of it, I may not have reinstalled ff. That could've been.from a diff problem at a diff time...shite I need to buy a voice recorder >.<

All scans, etc where done in safe mode. I think the real problem is that I didn't do it myself, going off of what someone told me... I REALLY think a restore would fix the issue. As said before though, going off what your saying, un-installing firefox and re-installing it wont help because it is cross-browser. As in it effects more than fire fox.


Again, this is troubleshooting a friend. I have to go off of what he says. I tried to get him to join, but no luck as of yet. Just looking for input, and thank you Daemon, IDK why your not VIP yet.

[Daemon]

All scans, etc where done in safe mode. I think the real problem is that I didn't do it myself, going off of what someone told me... I REALLY think a restore would fix the issue. As said before though, going off what your saying, un-installing firefox and re-installing it wont help because it is cross-browser. As in it effects more than fire fox.


Again, this is troubleshooting a friend. I have to go off of what he says. I tried to get him to join, but no luck as of yet. Just looking for input, and thank you Daemon, IDK why your not VIP yet.

Hmm...interesting...and yea realized the ff comments were off haha. I don't think a restore will help though, the restore always leaves certain things alone and it's always the ones you need changed lol. But might as well give it a shot i suppose. Im thinking it has to be a registry value somewhere...im on it techb!

And yea, me either

edit* ugh, some stuff came up and im not going to be able to look for it tonight. i hope you find it before tomorrow, but if not then when i have some free time ill keep looking.
 

[p_2001]

A restore is unlikely to fix it if it is a malware...
Most infect them too

[ca0s]

- Have you looked at the hosts file?
- Look at the browser's executable modules (.exe, .dll) last modify date.
- Look at the loaded modules and compare them with those loaded in a clean system.
- Look at the traffic. See if there's something extrange, some "unwanted" coneections.