Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE Redirect problem.


  • Please log in to reply
1 reply to this topic

#1 Gatslov

Gatslov

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 23 December 2009 - 03:12 PM

Hey All,

Long-time system tech / admin, have performed hundreds of removals. Unfortunately, I've run into a redirect issue in IE that's truly baffling.

It appears to happen most often when clicking on links generated from google search results. The sites I'm redirected to are dubious, but they don't appear to outright malicious.

I've tried just about everything I can think of: ComboFix, MalwareBytes, Spybot, Adaware, HiJackThis, Avast, AVG, SuperAntiSpyware, etc, etc. I've even resorted to using Filemon and ProcessExplorer, but they haven't revealed anything. I've reset IE back to defaults, I've "reinstalled" IE, I've disabled all add-ons / toolbars / extensions / etc. I've removed the drive and scanned from different machines, I've worked through a lot of the IE related registry keys by hand. In short, I've done just about everything I can think of, but I simply can't find what's causing these redirects. It's hyper annoying to say the very least.

I believe it's the exact same issue being experienced by this gentleman: http://www.bleepingcomputer.com/forums/t/278464/malware-removal-request-google-redirect-problem/

So.... anyone have any suggestions? Any tools to try?

BC AdBot (Login to Remove)

 


#2 Gatslov

Gatslov
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:12 AM

Posted 23 December 2009 - 05:49 PM

Update:

AutoRuns not showing anything. Svchost analyzer not showing anything. Drilled through hundreds of IE related keys (again), but no positive leads. The redirection happens in FireFox and in IE, but it's much more prevalent in IE than FF. Note that this machine had a fairly heavy infection prior to this happening. Currently, when scanning, everything is coming back as clean (ComboFix, MB, SB, AW, HJT, HJTFree, SAS, etc).

Oh well, as you were.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users