Google redirect, slowdown, logs seem clean

[teejaydub]

I started seeing Google redirects yesterday in Chrome, Firefox, and IE. Ran Malwarebytes full check overnight and it was clean. Today the machine is extremely slow, even after rebooting. ProcessHacker shows 100% system usage, but reports that it's almost all by itself. Booted Windows in Safe Mode and ran GMER; a quick scan indicates a lot of "suspicious" extra copies of the MBR, and then the machine rebooted after running a full scan for a while.

Did the 8-step process today; logs are attached.

Any ideas? Thanks!

 

[Tmagic650]

Do you know what XRefresh is? Google is my friend... XRefresh is a Firefox add-in

Try running the ESET On-Line Scanner:
ESET Scanner

 

[teejaydub]

Don't see the relevance

... of XRefresh.

In any case, I solved this by doing a full disk restore of a weekly backup and then restoring working data from a daily backup, all onto a fresh drive. I'm assuming this is something new that the virus scanners have not yet caught onto.

I'm keeping the old drive around and will keep running scans on it with all the free anti-virus checkers - maybe eventually it'll get found and into one of their databases and I will find out what it was.

 

[Tmagic650]

XRefresh was "flagged" by a Hijackthis analyzer. I found out that is was a "safe" browser add-on. The redirects are usually caused by a backdoor trojan virus that lets in bad stuff

 

[teejaydub]

Oh!

Oh yes, I see - yes, it's a pretty well-known developer add-on and I wasn't concerned about it. Thanks.