Hi, I've just gotten some nasty redirect to onclkds.com.
The symptoms is that all the browsers in my machine are redirecting google ads to onclkds.com when the page requested is not in a https connection.
I digged a bit more and discovered that the virus is actually making any request to:
return the following javacript:
and http://go.oclasrv.com actually redirects to onclkds.com
(so, it's easy to see that I'm infected)
As a current workaround I've turned on the adblockers and it doesn't appear anymore, but I know the virus is out there serving me onclkds.com in the place of google ads.
As a note, I tried it without a browser too -- using python:
I've tried avast, hitman pro (portable), rogue killer (portable) and they didn't find anything. Any tips on how to get rid of that?