Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Google search redirect virus help!
New Posts  All Forums:Forum Nav:

Google search redirect virus help!

post #1 of 27
Thread Starter 
This redirect virus is going to be the death of me.

it redirects Google search results, but only occasionally, maybe 1/5th of the time. It tries to go to a "livesearchnow.com" that doesn't exist anymore, and sometime redirects me to some cheesy ad-ridden site.

AVG full scan - Clean
Malwarebytes - Clean
TDSSKiller - Clean
Nothing in task manager
CCleaner performed
Host file normal
Everything shown in HiJackThis seem to be normal.

I have no clue what to do from here.

Update:
Toolbars are clean
flushed dns
ComboFix performed

Still not gone.

EDIT: I don't think this is the same livesearchnow.com virus that articles mentions. This virus is smart, and goes to legit websites sometimes. (ie. I was looking up college info, and it would redirect me to a college survey site; if I googled an item for purchase, it would lead me to shopping sites ect.)
Edited by Lombax - 12/4/12 at 7:42pm
    
CPUMotherboardGraphicsRAM
i5-4690K Asus Z97M-PLUS Sapphire Dual-X R9 290X Kingston HyperX Fury Black 2x4GB  
Hard DriveCoolingOSMonitor
120GB Samsung 840 + 3TB Barricudea Corsair H55 with SP120 Quiet Windows 8.1 Asus VS247H-P 
KeyboardPowerCaseMouse
Rosewill RK-9000BR Cherry MX Brown SilverStone 600W fully modular Corsair 350D Windowed Corsair M65 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5-4690K Asus Z97M-PLUS Sapphire Dual-X R9 290X Kingston HyperX Fury Black 2x4GB  
Hard DriveCoolingOSMonitor
120GB Samsung 840 + 3TB Barricudea Corsair H55 with SP120 Quiet Windows 8.1 Asus VS247H-P 
KeyboardPowerCaseMouse
Rosewill RK-9000BR Cherry MX Brown SilverStone 600W fully modular Corsair 350D Windowed Corsair M65 
  hide details  
Reply
post #2 of 27
toolbars..uninstall all of them.
 
Thuban Powah!
(14 items)
 
 
CPUMotherboardGraphicsRAM
Xeon X5650 Asus P6X58D-E Sapphire HD 7950 G.Skill Trident-X 2600 CL10 
Hard DriveCoolingPowerCase
Samsung 840 pro Bong cooler / RASA waterblock Rosewill Capstone Gold 750 None 
MouseMouse PadAudio
cheap! Newegg box panel ibeats with onboard. 
CPUMotherboardGraphicsRAM
AMD Phenom II X6 1075T w/2 cores locked @ 4.2+ M4a89GTD-Pro XFX Radeon HD 5870 8gb Samsung ddr3 1600 11-11-11-28@ 8-8-8-24 
Hard DriveHard DriveOptical DriveCooling
OCZ Agility2 40gb WD Blue 500GB Lite-On RASA waterblock 
OSMonitorKeyboardPower
Windows & Linux Samsung 1080p 2 ms Dell Thermaltake TR2-800 
CaseMouse
Cooler Master Elite 330 (was) cheap 
  hide details  
Reply
 
Thuban Powah!
(14 items)
 
 
CPUMotherboardGraphicsRAM
Xeon X5650 Asus P6X58D-E Sapphire HD 7950 G.Skill Trident-X 2600 CL10 
Hard DriveCoolingPowerCase
Samsung 840 pro Bong cooler / RASA waterblock Rosewill Capstone Gold 750 None 
MouseMouse PadAudio
cheap! Newegg box panel ibeats with onboard. 
CPUMotherboardGraphicsRAM
AMD Phenom II X6 1075T w/2 cores locked @ 4.2+ M4a89GTD-Pro XFX Radeon HD 5870 8gb Samsung ddr3 1600 11-11-11-28@ 8-8-8-24 
Hard DriveHard DriveOptical DriveCooling
OCZ Agility2 40gb WD Blue 500GB Lite-On RASA waterblock 
OSMonitorKeyboardPower
Windows & Linux Samsung 1080p 2 ms Dell Thermaltake TR2-800 
CaseMouse
Cooler Master Elite 330 (was) cheap 
  hide details  
Reply
post #3 of 27
Thread Starter 
Quote:
Originally Posted by Schmuckley View Post

toolbars..uninstall all of them.

Using Firefox. All add-ons, appearance mods, and plugins are OK.
Nothing in Internet Explorer.
    
CPUMotherboardGraphicsRAM
i5-4690K Asus Z97M-PLUS Sapphire Dual-X R9 290X Kingston HyperX Fury Black 2x4GB  
Hard DriveCoolingOSMonitor
120GB Samsung 840 + 3TB Barricudea Corsair H55 with SP120 Quiet Windows 8.1 Asus VS247H-P 
KeyboardPowerCaseMouse
Rosewill RK-9000BR Cherry MX Brown SilverStone 600W fully modular Corsair 350D Windowed Corsair M65 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5-4690K Asus Z97M-PLUS Sapphire Dual-X R9 290X Kingston HyperX Fury Black 2x4GB  
Hard DriveCoolingOSMonitor
120GB Samsung 840 + 3TB Barricudea Corsair H55 with SP120 Quiet Windows 8.1 Asus VS247H-P 
KeyboardPowerCaseMouse
Rosewill RK-9000BR Cherry MX Brown SilverStone 600W fully modular Corsair 350D Windowed Corsair M65 
  hide details  
Reply
post #4 of 27
When you ran Malwarebytes and the like did you do it in safe mode? If you didn't you should try. It sounds like quite an odd virus, have you cleared your cookies (and all browsing data)?
Combat 1.1
(16 items)
 
PAIN
(11 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7 3930K P9X79 PRO GIGABYTE G1 Gaming GeForce GTX 970 Samsung  
RAMHard DriveHard DriveOptical Drive
Samsung  Crucial M4 64GB SSD Seagate Barracuda 1TB ASUS 24x DVD Burner 
CoolingOSOSMonitor
NH-D14 Windows 7 Ultamite 64 bit Arch Linux ASUS VW246H Glossy Black 24" HDMI Widescreen LC... 
KeyboardPowerCaseMouse
Logitech Combo mk520 Seasonic X Series 650W NXT Phantom 410 Logitech Combo mk520 
CPUMotherboardGraphicsRAM
Intel Core i7 2600K P8Z68-V PRO GEN3 NVIDIA GeForce GTX 560 Ti  Samsung  
RAMHard DriveHard DriveCooling
Samsung  Seagate Barracuda HDD Crucial M4 SSD Corsair H80 
OSPowerCase
Windows 7 Enterprise Seasonic M12II 750w Plexiglass 
  hide details  
Reply
Combat 1.1
(16 items)
 
PAIN
(11 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7 3930K P9X79 PRO GIGABYTE G1 Gaming GeForce GTX 970 Samsung  
RAMHard DriveHard DriveOptical Drive
Samsung  Crucial M4 64GB SSD Seagate Barracuda 1TB ASUS 24x DVD Burner 
CoolingOSOSMonitor
NH-D14 Windows 7 Ultamite 64 bit Arch Linux ASUS VW246H Glossy Black 24" HDMI Widescreen LC... 
KeyboardPowerCaseMouse
Logitech Combo mk520 Seasonic X Series 650W NXT Phantom 410 Logitech Combo mk520 
CPUMotherboardGraphicsRAM
Intel Core i7 2600K P8Z68-V PRO GEN3 NVIDIA GeForce GTX 560 Ti  Samsung  
RAMHard DriveHard DriveCooling
Samsung  Seagate Barracuda HDD Crucial M4 SSD Corsair H80 
OSPowerCase
Windows 7 Enterprise Seasonic M12II 750w Plexiglass 
  hide details  
Reply
post #5 of 27
Thread Starter 
Quote:
Originally Posted by benpack101 View Post

When you ran Malwarebytes and the like did you do it in safe mode? If you didn't you should try. It sounds like quite an odd virus, have you cleared your cookies (and all browsing data)?

Did it in both regular and safe mode. and yes.
    
CPUMotherboardGraphicsRAM
i5-4690K Asus Z97M-PLUS Sapphire Dual-X R9 290X Kingston HyperX Fury Black 2x4GB  
Hard DriveCoolingOSMonitor
120GB Samsung 840 + 3TB Barricudea Corsair H55 with SP120 Quiet Windows 8.1 Asus VS247H-P 
KeyboardPowerCaseMouse
Rosewill RK-9000BR Cherry MX Brown SilverStone 600W fully modular Corsair 350D Windowed Corsair M65 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5-4690K Asus Z97M-PLUS Sapphire Dual-X R9 290X Kingston HyperX Fury Black 2x4GB  
Hard DriveCoolingOSMonitor
120GB Samsung 840 + 3TB Barricudea Corsair H55 with SP120 Quiet Windows 8.1 Asus VS247H-P 
KeyboardPowerCaseMouse
Rosewill RK-9000BR Cherry MX Brown SilverStone 600W fully modular Corsair 350D Windowed Corsair M65 
  hide details  
Reply
post #6 of 27
I had to fix a similar problem(actually a bajillion of them, she's a stereotypical old person using new tech) for a lady at work once. Part of the problem with these types is they also like to disable your ability to download AV software, or flag itself as safe and things of that nature. I would suggest getting on a known clean computer and grabbing multiple anti-virus/malware/spyware programs and loading them to a USB drive. Run them each several times and hope for the best.
post #7 of 27
There's quiet a few results if you search for "google redirect livesearchnow.com". One of them suggests the following:

1. Reset host file to default support.microsoft.com/kb/972034
2. Run "ipconfig /flushdns" in a command prompt

GL thumb.gif
Bandaids
(15 items)
 
  
MotherboardGraphicsHard DriveOptical Drive
Asrock Z77 Extreme 6 GTX 580 WD 10EALX ASUS DRW 
CoolingOSMonitorMonitor
Havik 140 Windows 7 Ultimate ASUS VH228T Toshiba 32RV600A 
MonitorKeyboardPowerCase
Compaq S2021a Microsoft Wired Keyboard 600 Aero Cool Strike X 1100w Asus Antec 
MouseMouse PadAudio
Logitech MX518 Mionix Ensis 320 Creative 2.1 
  hide details  
Reply
Bandaids
(15 items)
 
  
MotherboardGraphicsHard DriveOptical Drive
Asrock Z77 Extreme 6 GTX 580 WD 10EALX ASUS DRW 
CoolingOSMonitorMonitor
Havik 140 Windows 7 Ultimate ASUS VH228T Toshiba 32RV600A 
MonitorKeyboardPowerCase
Compaq S2021a Microsoft Wired Keyboard 600 Aero Cool Strike X 1100w Asus Antec 
MouseMouse PadAudio
Logitech MX518 Mionix Ensis 320 Creative 2.1 
  hide details  
Reply
post #8 of 27
There's always..wipe it and reinstall biggrin.gifwheee.gif
 
Thuban Powah!
(14 items)
 
 
CPUMotherboardGraphicsRAM
Xeon X5650 Asus P6X58D-E Sapphire HD 7950 G.Skill Trident-X 2600 CL10 
Hard DriveCoolingPowerCase
Samsung 840 pro Bong cooler / RASA waterblock Rosewill Capstone Gold 750 None 
MouseMouse PadAudio
cheap! Newegg box panel ibeats with onboard. 
CPUMotherboardGraphicsRAM
AMD Phenom II X6 1075T w/2 cores locked @ 4.2+ M4a89GTD-Pro XFX Radeon HD 5870 8gb Samsung ddr3 1600 11-11-11-28@ 8-8-8-24 
Hard DriveHard DriveOptical DriveCooling
OCZ Agility2 40gb WD Blue 500GB Lite-On RASA waterblock 
OSMonitorKeyboardPower
Windows & Linux Samsung 1080p 2 ms Dell Thermaltake TR2-800 
CaseMouse
Cooler Master Elite 330 (was) cheap 
  hide details  
Reply
 
Thuban Powah!
(14 items)
 
 
CPUMotherboardGraphicsRAM
Xeon X5650 Asus P6X58D-E Sapphire HD 7950 G.Skill Trident-X 2600 CL10 
Hard DriveCoolingPowerCase
Samsung 840 pro Bong cooler / RASA waterblock Rosewill Capstone Gold 750 None 
MouseMouse PadAudio
cheap! Newegg box panel ibeats with onboard. 
CPUMotherboardGraphicsRAM
AMD Phenom II X6 1075T w/2 cores locked @ 4.2+ M4a89GTD-Pro XFX Radeon HD 5870 8gb Samsung ddr3 1600 11-11-11-28@ 8-8-8-24 
Hard DriveHard DriveOptical DriveCooling
OCZ Agility2 40gb WD Blue 500GB Lite-On RASA waterblock 
OSMonitorKeyboardPower
Windows & Linux Samsung 1080p 2 ms Dell Thermaltake TR2-800 
CaseMouse
Cooler Master Elite 330 (was) cheap 
  hide details  
Reply
post #9 of 27
Quote:
Originally Posted by Schmuckley View Post

There's always..wipe it and reinstall biggrin.gifwheee.gif

This and cut down on the internet porn.
Bandaids
(15 items)
 
  
MotherboardGraphicsHard DriveOptical Drive
Asrock Z77 Extreme 6 GTX 580 WD 10EALX ASUS DRW 
CoolingOSMonitorMonitor
Havik 140 Windows 7 Ultimate ASUS VH228T Toshiba 32RV600A 
MonitorKeyboardPowerCase
Compaq S2021a Microsoft Wired Keyboard 600 Aero Cool Strike X 1100w Asus Antec 
MouseMouse PadAudio
Logitech MX518 Mionix Ensis 320 Creative 2.1 
  hide details  
Reply
Bandaids
(15 items)
 
  
MotherboardGraphicsHard DriveOptical Drive
Asrock Z77 Extreme 6 GTX 580 WD 10EALX ASUS DRW 
CoolingOSMonitorMonitor
Havik 140 Windows 7 Ultimate ASUS VH228T Toshiba 32RV600A 
MonitorKeyboardPowerCase
Compaq S2021a Microsoft Wired Keyboard 600 Aero Cool Strike X 1100w Asus Antec 
MouseMouse PadAudio
Logitech MX518 Mionix Ensis 320 Creative 2.1 
  hide details  
Reply
post #10 of 27
Thread Starter 
Quote:
Originally Posted by nooboc2012 View Post

There's quiet a few results if you search for "google redirect livesearchnow.com". One of them suggests the following:
1. Reset host file to default support.microsoft.com/kb/972034
2. Run "ipconfig /flushdns" in a command prompt
GL thumb.gif

Host file was fine. Just did flushdns, crossing fingers. EDIT: Didn't work.
Quote:
Originally Posted by nooboc2012 View Post

This and cut down on the internet porn.

I think it may have been my GTA San Andreas Mod Installer, the majority of mods get flagged by AVG so I usually ignore it, I think one might of had something in it.

I actually am contemplating a clean install. But since it only happens 1/5th of the time or so its not tooo bothering.
Edited by Lombax - 12/2/12 at 9:32am
    
CPUMotherboardGraphicsRAM
i5-4690K Asus Z97M-PLUS Sapphire Dual-X R9 290X Kingston HyperX Fury Black 2x4GB  
Hard DriveCoolingOSMonitor
120GB Samsung 840 + 3TB Barricudea Corsair H55 with SP120 Quiet Windows 8.1 Asus VS247H-P 
KeyboardPowerCaseMouse
Rosewill RK-9000BR Cherry MX Brown SilverStone 600W fully modular Corsair 350D Windowed Corsair M65 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5-4690K Asus Z97M-PLUS Sapphire Dual-X R9 290X Kingston HyperX Fury Black 2x4GB  
Hard DriveCoolingOSMonitor
120GB Samsung 840 + 3TB Barricudea Corsair H55 with SP120 Quiet Windows 8.1 Asus VS247H-P 
KeyboardPowerCaseMouse
Rosewill RK-9000BR Cherry MX Brown SilverStone 600W fully modular Corsair 350D Windowed Corsair M65 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Operating Systems
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Google search redirect virus help!