Exploding Garrmondo Weiner Interactive Swiss Army Penis

Exploding Garrmondo Weiner Interactive Swiss Army Penis (http://www.gamingforce.org/forums/index.php)

- Help Desk (http://www.gamingforce.org/forums/forumdisplay.php?f=36)

- - Malware issue? (http://www.gamingforce.org/forums/showthread.php?t=39516)

It's a weird one.

Everytime I click a link in a search engine result, it would re-direct me to some other site, completely unrelated to what I was searching. I did a bit of research on it myself and apparently it is some sort of malware issue. I've tried running some anti-virus programs, but it doesn't seem to be helping. The problem seems to be persistent in Firefox and Internet Explorer.

I was hoping that someone might be able to help me with this. It would definitely be appreciated.

Can you check if it persists in Google Chrome as well?

If so, check your HOSTS file.

I've checked both Safari and Chrome and they don't seem to have those problems.

How would I go about checking my HOSTS files and what would I do anyway?

HOSTS is located in C:\Windows\system32\drivers\etc\. It is a plain text file with no file extension, and you can open it with Notepad or Wordpad.

Paste the contents of your HOSTS file here. The standard hosts file should only contain this:

Code:

# Copyright (c) 1993-1999 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

#      102.54.94.97     rhino.acme.com          # source server

#       38.25.63.10     x.acme.com              # x client host



127.0.0.1       localhost

However, since you have no problems with Chrome or Safari, then it may not be a HOSTS issue. I need you to take a few screenshots to diagnose:

1. Start > Run > MSCONFIG > everything under "Services" and "Startup"
2. CTRL+ALT+DEL > everything under "Processes"

As far as the HOSTS file went, it was exactly the same from what you posted.

Large images incoming:

Diagnosis Stuff:

I am suspicious about "Rocketdock.exe", but other than this, I can't see anything wrong >.>

Under "System Configuration", can you also screenshot everything in the "Startup" tab?

Whoops, just noticed I forgot about that part. I'll get you that in a bit.

RocketDock is something I've had installed for ages now. Simple dock program for your desktop.

[ RocketDock ]

[edit] Here's the Startup tab.

Starup:

Looks clean, actually. If you have any kind of malware issue, it's not readily visible.

At this time, I can only advise you to run as many different types of malware scanners as you can. You already have Norton and Windows Defender. Try running Spybot and Ad-aware.

I'll try running those two and I'll give you an update afterwards. I've already tried Malwarebytes' Anti-Malware, but nothing from that after a full scan.

If you still find nothing from those, then quite possibly something's wrong with the browser settings in IE and Firefox. You'll have to diagnose it yourself (Tools > Options > Advanced > Network in Firefox, Tools > Internet Options > Connections in Internet Explorer) since I don't know how you're connected to the internet.

HijackThis - Trend Micro USA

Run this, it will list the some of the processes take a print screen, it might show something hidden.