Question

Locked

Why is Google search redirecting to spam?

By wompai ·
Hey guys

Okay, I've got a computer with a little bit of a problem: It's search results are redirected to spam. It started of as a kind off innocent problem because you could just press F5 to refresh the page and it would just redirect correctly. Now, the problem got out of hand. When I tried to start AVG to search for the infection, the services couldn't start succesfully. This happened with AVG, but also with Avast! and Avira. Now, it gone so far that I haven't even got internet connection on that pc. I have now got Avira up and running succesfully and it's spamming me the whole time about a malware that's been found, I click 'remove' and moments later it's back. It has not moved at all. Can somebody explain to me what this is and/or what I can do to get rid of it?

Thanks in advance!

This conversation is currently closed to new comments.

13 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Restart in "Safe Mode"

then run your Avira, maybe MalwareBytes, and let them clean it up. Once they have
it cleaned up, then restart in "Normal" mode.

Collapse -

Well, of course you've got a malware infection

by robo_dev In reply to Why is Google search redi ...

Many of these packages simply laugh in the face of the major AV packages. Malware such as Vundo, and others have a 'watcher process' that automatically downloads and reinstalls if you remove it.

In some cases you get lucky and Windows System Restore is working....you simply restore to a pre-infection state, and you're done.

In some cases the MBAM Malware Bytes app can remove these buggers successfully.

There's a site called 'PCHell' which offers specific malware removal advice.

What exact malware is being reported by AVG on your PC?

Collapse -

Reponse To Answer

by markp24 In reply to Well, of course you've go ...

LOL Robo_dev You beat me by 3 min?? wow this is too funny. i have to try and beat you to the next one.

Collapse -

yes sounds like your are infected

by markp24 In reply to Why is Google search redi ...

I agree with the prior post, you may want to also boot for a TRK (Trinity rescue CD) or UBCD4win and run the scanners from those live cds.

also check you Internet connection properties under connections make sure there no proxy selected, as well as you hosts and lmhosts files to ensure there are no inappropriate entries (or just delete them as a test)

Collapse -

I smell a rootkit!

by Kenone In reply to Why is Google search redi ...

Try TDSSKiller or Unhackme or any reputable online scanner if you can get it back online.

Collapse -

Same Here..

by srikanthwinsome In reply to Why is Google search redi ...

I am facing the same issue. When I click on any link in the search result redirecting to spam websites. It is happening only in Chrome.

Collapse -

Wut?!

by wompai In reply to Why is Google search redi ...

Okay, I tried Malwarebytes, but because I don't have internet connection on that pc it couldn't update the database. Is this enough to make it completely non-responsive?! Because it became completely non-responsive... The mbam.exe won't launch and it's services react really strange when i try to scan my computer. When I install the program (that's right, I reinstalled it a couple of times) it's UI pops up with 3 scan options. When I click ''full scan'' it starts the scan for a few seconds and then it's gone. It's not scanning anymore. What could this possibly be and how can I fix it?

Collapse -

Reponse To Answer

by mistercrowley In reply to Wut?!

It is because scammers are now aware of MBAM and are taking steps to ensure that you can't use a tool that can oust their junk on your machine. Safe mode or from a cd-based boot... Look for processes that you don't recognize and search the registry and remove the entry and the files. That is how I removed my first virus - I was running 98 and did not have AV at the time...

Collapse -

Reponse To Answer

by asotelo In reply to Wut?!

You need to do it in SAFE mode, otherwise it won't work. One trick that I have used is to go to the malwarebite's folder, find the executable, and rename it something else.exe.

Collapse -

Beware trojans on video codec sites (amongst others)

by agena In reply to Why is Google search redi ...

This sort of persistent malware hit my daughters laptop after she foolishly accepted a download from a site to access more free videos. Because I had accidentally left logging enabled on my wifi router I spotted that the PC was accessing one particular site every time it was booted. One month after the first access of this site - while it spread the infection all through the disk - it started doing all sorts of strange things, every google request rerouted, etc. Antivirus had missed it, I think it downloaded a way to evade it. Even installing a new AV - didn't work because on each reboot, it assembled a new trojan from parts scattered across the disk. In the end I had to pop the disk out and plug it into another computer using a USB to SATA adapter - AVG free found it no problem then. To be on the safe side, I also deleted the 1000's of files created / modified in the couple of hours after the original infection. Simply using windows restore might not be enough!

Back to Malware Forum
13 total posts (Page 1 of 2)   01 | 02   Next

Security Forums