So, lately, when I google, I am getting a lot of advertising and commercial sites. I’ve run AdAware, AVG, and Hijack THIS, and I am still getting the commercial sites instead of the answers I wanted. Comments? Advice? HELP?!?
What are you trying to search, and how are you trying to search it?
I use Mozilla Firefox, on Windows XP Home, and I am searching for answers to various riddles. It’s not one particular riddle, it’s a group of them. Also, when I just did a vanity search on Google, I found that many of the same sites are listed as the last time, but clicking on a link will redirect me to a commercial page, trying to sell me insurance or whatever.
I’d suggest downloading and running malwarebytes from http://malwarebytes.org jus to make sure your computer is clean.
When you ran hijackthis, did you analyse the log by eye, or did you use this web page?
While I’m sure its something innocuous, it almost sounds like something I happened to read in last month’s Wired.
I don’t know enough about what they were talking about in the article to comment intelligently but maybe someone can come along and explain it better.
I recently had a malware issue that was inseting bogus sites into the top results of google searches. Malwarebytes killed it, but it was pretty nasty in that it installed stuff into my system restore points…so I had to kill off the old restore points.
Also, this was on my work computer that sees the web through a nannyware proxy server that won’t allow access to known trojan sites, much less porn and such, so it didn’t come in via the usual vectors. The proxy server was what clued me into the problem…the top google search results kept getting blocked.
Sounds like a redirect or even a schnide Google page - are you sure it really is Google? there is at least one emulator out there.
Get Spybot Search & Destroy and use the advanced tools. Use the Immunize function, the resident `Tea-Timer’ and download the hosts file from Spybot S&D (Safer Networking)
If it isn’t to late, lock the homepage for IE against hijacking.
Get SuperAntiSpyware (free) and run it.
Also grab Avast! and install it, run a boot scan.
I am running Malwarebytes right now.
I usually use the Google thingy on the upper right corner of my browser, I’ll try typing it in by hand next.
I almost never use IE, I use Firefox.
I looked at the Hijack This list by eye, and will try looking at that website when MWB is done.
I have up-to-date versions of AdAware and AVG.
I will try the other websites, too, if this doesn’t work.
THANK YOU for your help and suggestions.
I never thought a virus would dare to attack your computer Lynn.
Hope you get it killed. The virus that is.
I really need to get back down there and give you a hard time. 
Gus
I had something like this happen to me, Lynn, about 12 months ago. Google searches appeared to give good results, but clicking on any of the first half-dozen or so hits would hijack me to spam sites (XXX! Girls Girls Girls! Viagra!). I ran all the proper tools, and never did track down the problem, and eventually reinstalled Windows. Good luck!
If you get really stuck and can’t get rid of whatever’s ailing you consider heading to Support.com, I know they’re good because my SO works for them… 
They use remote access to rip out whatever malware, crapware and virus you might be harboring, up to and including some extremely nasty rootkits. It’ll cost you, but if they can’t fix it, it’s free.
Is it all searches that return spammy results, or just some? If it is some, can you give us an example that we can try and replicate?
I did too, on my laptop. (Using my desktop at the moment.)
Results
Objects Scanned: 118242
Objects Infected: 0
Time: 53 min 59 seconds
But it is
Currently Scanning : C:\WINDOWS\Installer\MSIB.temp
And it’s apparently hung up, with an hour glass poised over the window.
I’ll probably abort the scan or close the window—unless someone here suggests I do something else—like emailing the mfr, which I also did.
Bleeping Computer indicates that that particular file is a sign of an infection. I’d close Malwarebytes and then delete the file.
If it doesn’t delete, reboot in safe mode and try it.
Definitely malware. Google will put some sponsored ad results at the top, but they’d never hijack that many results, that inconspicuously.
If it is not a problem at your level (i.e. not malware), it could be at the ISP’s DNS level. It’s a long shot, though, but it could happen.
DNS Servers work as relays, on the assumption that every website is accessible within several “hops”, similar to the “six degrees of separation” theory. When you type in anything other than an IP address, like “google.com”, your computer contacts your ISP’s DNS server and asks “what is ‘google.com’'s IP address?”. If your ISP knows, great. If not, it will reply “I’ll get back to you. In the meantime, I’ll ask [another IP]”.
With this sort of attack, a hacker (or cracker) might gain access to the DNS server of an ISP and alter their records so that the DNS server “knows” where “google.com” is, but is not actually correct! For all intents and purposes, until the DNS server checks with another server (all DNS servers have backups, this is why your router connects to two), google.com could point to a faulty IP.
At least, this is how I see it.
Same thing happened to me last week and I tried a bunch of antivirus programs, first AVG Anti-Virus, then Spybot Search & Destroy, AdWatch and Malaware.
Firefox was fixed early in the process but IE was fixed only after using Malaware (the fourth program by that point). So keep trying one anti-virus program after another until it works, and make sure their virus definitions are up to date.
I get crap like this. I tried running a search for mercury + bullets, as the topic came up and I was poking about for info, and I get descriptions that match, but the web page links don’t match.
Ran Stopzilla, SD&D, AVG, and Malwarebyte. No clue what’s happening.
I got nailed by AntivirusPro2009 before Thanksgiving, and had a hell of a time trying to peel it off my system, but AFAIK it and all the malware/spyware it uploaded is gone.