+ 0 Votes Have you tried.... NotSoChiGuy 6 years ago ....logging onto the PC as a different user, and seeing if it still happens?I bring this up, because your problem sounds very similar to one we encountered not too long ago (about 8 or so days). All of the typical scanners found nothing (even tried a couple rootkit scanners). However, there was definitely something wrong.Once someone else logged onto the PC, the same issues didn't occur. We copied the user's data, blew away the old profile and created a new one, and it was golden.We're still in the process of going back through the Websense logs to the start date of the issue, to see if we can determine anything other than something must have been dropped into the IE cache (problem didn't occur with FireFox). However, it was a laptop user, so it could have easily happened outside our perimeter.Never have seen anything like it that wasn't detected by any tool at all. + 0 Votes Some thoughts GMPont 6 years ago Are you running an "Internet Security" package like Norton's or McAfee's? I've seen them hose connections many a time and I know Norton redirects to 127.0.0.1 to filter your web traffic. If you have one of these packages, turn off the firewall and get rid of their proxy settings. If you still have the installation files or CD, it may be easier to remove the package temporarily to see if it resolves the problem.If that doesn't work or doesn't apply, I would recommend checking your DNS settings, proxy settings, and HOSTS file.You seemed to have tried most of the anti-malware software that I would recommend, but I would also try CoolWebShredder.If none of this resolves your issue, you may have to slave your hard drive on another PC running a clean (and secure) OS to run scans. I would definitely try more than one AV engine, as they all miss stuff these days. Bitdefender, Panda, Trend Micro, and a bunch of others offer free scans via their web-site(s). + 0 Votes Rootkit installed as a device driver cookspc 5 years ago I'm sure you have it solved by now but it is usually a rootkit installed as a device driver named TDDSxxxx.sys. The key to removing it is using device manager to disable it. You have to select "show hidden devices" to see it then disable it... DO NOT UNINSTALL it will just be reinstalled. After it is disabled run you malware removers and they can remove it. Until it is disabled it cannot be removed. The antivirus program must have rootkit detectors to be able to see and remove it. I have used AVG 8 and Malwarebytes to detect and remove, after disabling. Others may work.