Sign in to follow this  
Followers 0
theignorant1

Redirect Malware

11 posts in this topic

Before you ask, I've already searched and tried all of the possible solutions I could find...

In general, I try to take good care of my system. I used Norton 360 as my main virus protection, falling back on Malware Bytes if all else fails. This usually works, but lately I've been having a serious problem, and neither of them are finding anything. Basically, I've got some sort of malware that's causing IE9 to redirect me to 'livesearchnnow.com,' and god knows what else. It doesn't affect any other browsers on my system, but it still concerns me, not only because IE9 is my browser of choice, but because I don't know what else it's doing.

Besides Norton, I've ran Malware Bytes, SpyBot, and TDSS Killer (someone suggested that) to no avail. It's still hapenning, and none of them are finding anything out of the ordinary. Does anyone have any suggestions of what else I can try, I really hate to do a full system restore if I can avoid it, even if it does take a little more time.

Share this post


Link to post
Share on other sites

Its probably a browser add-on go to manage add-ons and disable it there (you can get its file path from the more information button)

Cloud also be a hosts file or dns redirect

Share this post


Link to post
Share on other sites

Read here on the details of the virus and removal instructions...

http://blog.teesuppo...com-completely/

Regards

Thanks for trying to help, but all of the file names it mentions are just [random]. They could be anything - how do I pick those out from normal system files (digging into the guts of software tends to reveal a lot of gibberish filenames)? I tried the video on that site, but it's talking about something else.

Share this post


Link to post
Share on other sites

Thanks for trying to help, but all of the file names it mentions are just [random]. They could be anything - how do I pick those out from normal system files (digging into the guts of software tends to reveal a lot of gibberish filenames)? I tried the video on that site, but it's talking about something else.

Try the removal tool designed for this specific piece of malware...

http://cleanspywaren...val-how-to.html

Btw, is this a typo "livesearchnnow.com" or does your malware have this exact name, with two N's?

Edit: Also try removing via Superantispyware

Share this post


Link to post
Share on other sites

Try the removal tool designed for this specific piece of malware...

http://cleanspywaren...val-how-to.html

Btw, is this a typo "livesearchnnow.com" or does your malware have this exact name, with two N's?

Edit: Also try removing via Superantispyware

Yeah, I'm sorry, that's a typo :blush:

But anyways, I'll try the spyware link you sent me. And just to clarify, I'm not having any of the scareware effects the links mention, like the fake AV. Just the redirects, and even then only in IE, and only in search engines. If I do a search and click on a link, about 50% of the time I get sent to a random IP address (they're different most of the time, or I would try blocking them), and then redirected to the LiveSearchNow site. This doesn't happen outside of a search engine, and I've checked and I have no unusual plugins or toolbars :(

I really hope I can get this straightened out, I really appreciate that you're trying to help, it's just that I'm trying everything and nothing can find it.

Share this post


Link to post
Share on other sites

This might go without saying but, have you checked under Addons if livesearchnow.com didn't add an entry into Search Providers?

Edit: Have you also ran Ccleaner?

Share this post


Link to post
Share on other sites

This might go without saying but, have you checked under Addons if livesearchnow.com didn't add an entry into Search Providers?

Edit: Have you also ran Ccleaner?

Yep, done and done :( I'm in the process of running some of the spyware software you sent me, I'm doing full scans so it'll take a whole, and it's getting late here, so I'll let you know how it goes in the morning. I kind of wonder if its just a partly functional remnant from a larger infection (this started last night, but I was certain I had removed it until this afternoon). Do you think that only the redirect part could still be running? On the other hand, the sites it redirects to are full of ads, so maybe it's just a scam to get ad views, since there's no ransom ware going on here. Thanks so much for trying to help me and being patient!

Share this post


Link to post
Share on other sites

Yep, done and done :( I'm in the process of running some of the spyware software you sent me, I'm doing full scans so it'll take a whole, and it's getting late here, so I'll let you know how it goes in the morning. I kind of wonder if its just a partly functional remnant from a larger infection (this started last night, but I was certain I had removed it until this afternoon). Do you think that only the redirect part could still be running? On the other hand, the sites it redirects to are full of ads, so maybe it's just a scam to get ad views, since there's no ransom ware going on here. Thanks so much for trying to help me and being patient!

I'm far from the most savvy computer user here, but I can hold my own. Hopefully @BudMan or @sc302 will get you in the right direction, considering they're security experts.

Share this post


Link to post
Share on other sites

Have you tried running IE with addons disabled? Also make sure your DNS servers haven't been tampered with. You might also want to try a scan with hitman pro.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.