Google Redirect Infection
Posted on 2011-03-10
At one of our clients, all workstations have contracted an infection that redirects all links on a search (Google, Yahoo) to webpages such as flurrysearch.com.
It has infected PCs with operating systems ranging from XP, Vista and Windows 7. All these workstations have different Antiviruses including AVG, Symantec Endpoint, and Norton 360.
We performed scans with the following programs:
Combofix, SDFix, Malwarebytes, Sophos AntiRootkit, TDSSKiller, Super AntiSpyware, McAffee Stinger, Hitman Pro, and Immunet. None of these scanners found anything on these systems.
However, when I cleared all temp files, and reset the Internet Explorer settings, the redirecting stopped temporarily. After a few minutes, I reopen Internet Explorer and it's redirecting again.
I have also done the following: delete the hosts file, flush the dns, restart the pc, and clear the Macromedia Shared Objects.
As an added sidenote, Bing does not redirect.
Outside of full reinstalls for all workstations which is not our first choice, we are at a loss. Any insight on the matter would be greatly appreciated.