I hate to hit you guys up twice in a row, you might think I'm irresponsible with my computer use (thanks for the fix, nasdaq) but now my LAPTOP is infected.
Alright, I'm flying overseas in a couple weeks and I'm looking for a domestic flight on a particular airline in the Philippines. That's when I start noticing some really weird behavior on Chrome:
First a search I typed into Google looked a little off and I noticed I'd been redirected to Yahoo! I never use Yahoo! Ergo, search engine hijack. Didn't duplicate when I reloaded and reentered the search terms.
Second, I start seeing successive search engine hijacks, this is only a few minutes later. Mind, I am nowhere near any torrent sites (think I picked up the trouble on my desktop at one of those looking for a Japanese program which I couldn't find how to buy, and the Google translator extension only works on text, not text within images) nowhere near any porn sites, nowhere near anything with a reputation for malware. I'm looking for a ticket on CebuPacific.
So, after several search engine hijacks, I try typing the airline website name directly into the address bar. THIS results in Yahoo! popping up twice. On the third attempt, I got http://www.clickvalidator.net/?cid=1494322636002200013 No, I didn't give it any info.
After that, an ordinary Google search actually worked.
Now, the desktop is connected directly to the cable modem via CAT5 cable. The laptop connects through a wireless router to the same cable modem. There shouldn't be any network sharing and without both computers operating through the same router, there should even BE a network. The last few weeks, the only thing I've done with the laptop is listen to YouTube podcasts while cooking and print a few forms (d'oh! the flash drive).
Ok, I have a possible vector for infection. I've already scanned the laptop with the Farbar tool. How do I scan the flashdrive? Keep in mind that, whatever this is, the virus was undetectable to both Malwarebytes and Avast!
The Farbar logs are below. Post for desktop computer is: https://www.bleepingcomputer.com/forums/t/645718/unstopaccesscom-browser-hijack/