A relative of mine in the Raleigh area needs her computer worked on.

She has a Dell Inspiron Desktop. The machine has a virus and/or malware/spyware. The machine had constant pop-ups, redirected on google search results, and had other various problems that made the computer unusable. Programs that weren't installed would randomly show up. I re-imaged the machine with the Dell Factory image, and some of the problems still persists, specifically the redirects on google search results. Since the computer has already been re imaged there is no need to worry about data recovery or collection.

If someone could fix this problem and get the machine in perfectly good running order I can pay $100. It would need to be someone who is willing to drive out to garner (15 - 20 minutes from campus) and work on the computer in house or take it and bring it back.

P.S. If this fix is easier than I expected and is quick and can be easily solved without need of any other tools/software and someone can explain a fix that works to me I will pay $40 via paypal.

10/29/2011 3:23:52 PM

What internet browser are you using? If internet explorer, check in the settings to make sure there is no proxy settings.

In general try a new internet browser such as Google Chrome or Mozilla Firefox. [I recommend Chrome]

Download Microsoft Security Essentials if she doesn't have an antivirus.

If this works I'd like 20 via paypal, but you're kinda under no obligation since I'm just giving you the answer.

10/29/2011 3:44:28 PM

It does this with all browsers I've tried. (and most major search engines google, yahoo, bing, etc. ). I have tried IE 8, IE 9, Firefox, and Chrome and it is the same with all. This is both before and after the reimage. The only time the search engine did not redirect was right after installing IE 9 after the first re-image. The machine then starting having errors referencing HD write errors in the C:\windows\system32 folder.

10/29/2011 3:58:28 PM

Perhaps it's something that has embedded redirects in the hosts file (found under windows\system 32\drivers\etc and simply called 'hosts' without any file extension). That would manage to make the redirect work in any browser.

10/29/2011 4:01:06 PM

I looked there and didn't find anything in the hosts file. I have also messed with security settings in various browsers to no avail.

10/29/2011 4:05:54 PM

Here is that "hosts" file, if it is of any help:
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

10/29/2011 4:09:06 PM

PM sent

10/29/2011 5:15:30 PM

Use Combofix.

http://www.bleepingcomputer.com/download/anti-virus/combofix


/thread

[Edited on October 29, 2011 at 7:54 PM. Reason : ]

10/29/2011 7:54:08 PM