Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

I am infected with scour.com redirect virus. My McAfee is not finding and addressing it. How do I get rid of the scour.com redirect virus?

  • 23 cavab
  • 1624 have this problem
  • 3 views
  • Last reply by jbaldwin

more options

When I do a google search, I get a bunch of results. However, when I click on a link, it goes to a different webpage - not the one shown on the search page. Sometimes it comes up at scour.com.

I looked up scour.com on Wikipedia, which states that there is a "redirect virus" that is infecting my computer. It cited "Mozilla Support." So, I am asking the Mozilla Forum - How do I get rid of the virus? McAfee is not finding and removing it, and neither is Malware Bytes anti-malware software. Any suggestions?

When I do a google search, I get a bunch of results. However, when I click on a link, it goes to a different webpage - not the one shown on the search page. Sometimes it comes up at scour.com. I looked up scour.com on Wikipedia, which states that there is a "redirect virus" that is infecting my computer. It cited "Mozilla Support." So, I am asking the Mozilla Forum - How do I get rid of the virus? McAfee is not finding and removing it, and neither is Malware Bytes anti-malware software. Any suggestions?

Modified by hetchhetchy

All Replies (20)

more options

Perhaps it could be one of your add-ons.

First, make a backup of your computer for safekeeping. To back up Firefox, see Backing up your information.

Next, try starting Firefox in Firefox Safe Mode. Be careful not to "reset" anything permanently if you didn't back up.

Does that fix it? If not, try creating a new (blank) profile: Managing profiles.

If none of that helps, then most likely it is an external program.

more options

computing.net suggests that this set of redirects are caused by hosts file poisoning. You can read more and find instructions to fix by reading that post.

more options

I was infected with it too. Hitman Pro 3 fixed the problem for me. You can download a trial version at http://download.cnet.com/Hitman-Pro-3-32-bit/3000-2239_4-10895604.html

more options

I had a similar problem with a computer I was repairing. Browsing would be hijacked to scour.com and even some porn sites. Turns out it was a rootkit - Win32.TDSS (Alureon). I found it with TDSSKiller from Kaspersky Labs, but TDSSKiller couldn't get id of it. I was able to successfully remove it with ComboFix (http://www.combofix.org/download.php). Be careful with it's use, though. It is a very powerful program. Cheers,

more options

Hello,

I have been experiencing this same problem for a couple of months now (started December 2010) and just simply ignored the redirect (and refreshed the page) as a workaround.

Problem Description: When clicking a link from google.com (usually the first search result), I would be redirected to scour.com and various browser hijacking sites.

Browsers affected: Internet Explorer 8 (32-bit, 64-bit, and 'no add-ons' versions), Mozilla Firefox 3.6.13, and Google Chrome 9.0.597.98

Resolution:

  1. Make sure your Windows updates are up to date!
  2. Download/Install "ComboFix" from the following link: http://www.bleepingcomputer.com/downl.../combofix
  3. Save the file to your desktop (or where ever you prefer to save temp files).
  4. Close ALL APPLICATIONS (browsers, chat programs, email, etc)
  5. Run ComboFix. It may look like the application has frozen at launch, this is expected behavior, let it run! It will eventually launch a DOS command-prompt (blue background) and run through a series of steps (25-ish if I remember correctly) which take about 10 minutes (time may vary based on the specs of your machine).
  6. Once the steps are complete, it will automatically reboot your machine.
  7. Once your machine boots back up DO NOT OPEN ANY APPLICATIONS. The ComboFix application will automatically launch itself again (blue background DOS window), and run through a few steps.

Once this finishes - you're all set!

Follow-Up/Review: I performed this fix one two machines. One Dell laptop (xps x16) running Windows 7 Home Premium, and a custom-built desktop running Windows XP Professional SP3. I have not experienced the problem AT ALL since running the fix.

There may be other applications out there that can solve your problem, but this has been the best one for 'easy of use' and keeps the user (you) from having to do anything but click on a link, save a file, and run said file.

I give ComboFix a 5-star review!

Hope this helps!

Thanks,

Chris

Modified by wr3kka

more options

ZoneAlarm is reporting this (combofix) as a malicious file. Is this right?

more options

Thank you! I downloaded and ran Combofix, and it took care of my scour hijack problem

more options

Hi all,

Had the same problem. Couldn't run bleepingcomputer.com 's ComboFix tool as I had AVG installed and could not get AVG uninstalled.

Tried a number of virus scans but none picked up the cause of this.

My Fix: 1. Download and run the latest version of sysinternals.com autoruns. 2. Click on 'Options - Verify Code Signatures'. 3. Close and restart autoruns. 4. Goto the 'Everything' tab. 5. Go down the list and deselect all entries where the Publisher is listed as 'Not verified. 6. Reboot pc and test IE - search for 'IE redirect scour'. The link for this site should be near the top. If still infected with the scour bug, this link will not work. 7. From the list that you deselected, re-enable them one by one and reboot after each one and retest IE. 8. Foe me - this process identified the 'Canon BJ Language Monitor MP250 series' as the cause of the redirects. It is listed under 'HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors'. The file is 'cnmlm9w.dll' located in 'c:\windows\system32\'. The Publisher was listed as 'CANON INC.' - this is a misspelling as other Canon software is listed as 'Canon Inc.' Hence the 'Not Verified' status of the Publisher. 9. Remove affected file, reboot and retest again.

Hope this helps some of you.

more options

I've had to use combofix twice recenty, because of the scour redirect. The first time it worked like a charm. I set it aside for future use if necessary, and i'm glad i did. Last night I was hit with the Windows XP Repair virus. It hid my files and locked up everything. It even locked my ol' Inspiron 6000 in safe mode. Im glad to say that i was able to delete every last trace of the virus i could find, but my program directory in the start menu still came up empty. Well i googled it to see if i could find a fix and BAM!! Scour was back.

I ran Combofix again, to get rid of it, and it worked! again! only this time it had the added effect of restoring my programs to their proper place. I'm definitely thankful for this suggestion and will spread the good word.

more options

ComboFix took care of it for me.

ComboFix Download

At least for now. I'd hold on to it for a while just in case.

more options

Careful, my research indicates this "combofix" download may be a scam or virus/malware. All these new posters pushing it makes me even more suspicious.

I had good luck resetting my Internet Explorer settings. I don't know about Mozilla Firefox but it worked for IE.

I have no idea if it will work for anyone else or if I just got lucky but if you're out of other options and don't want to download any sketchy programs, this might be worth a shot.

First back up any Bookmarks or anything in your browser settings you don't want to lose. Click Internet Explorer Tools button (next to the star/favorites in upper right corner). Click on Internet Options. Click Advanced. Click Reset... (at very bottom) It says only do this if computer is in unusable state.

more options

re post

Modified by tips

more options

I tried ComboFix and it did a number on my computer, rendering all shortcuts and virtually all executable files useless. For example, when I tried to run FireFox after using ComboFix it told me FireFox was a virus and slated for deletion, as was every other program except Windows Explorer when launched from Windows Key + E. I can only use that laptop in safe mode now, and I cannot roll back as System Restore is a virus and slated for deletion. I'm double checking my back up before completely wiping the computer and reloading all the software.

more options

We all know you're trying to cash in off unsuspecting users, but what we don't know is ARE YOU THE ONE BEHIND THE VIRUS? Propabably, because if you're not part of the solution you're part of the problem.

Edited for language - Mozilla Support rules and guidelines

Modified by Shawn

more options

Well, I have the same problem for some months already and I haven't found a way. Now I come in here for help and it's confusing because some of you recommended ComboFix, and a few have doubts... Are there any other solutions?

more options

You won't know for sure until you try it. IF you don't want to try ComboFix (as suggested by many users in this thread), try the following:

-> Is my Firefox problem a result of MALWARE ??

-> Do a MALWARE check with these Malware Scanning programs. You need to scan with all programs because each program detects different malware. Make sure that you UPDATE each program to get the latest version of their Databases before doing a Scan. Also, Close All other Applications (softwares) before Starting to Run Scans.

Check and tell if its working.

more options
more options

I followed this process and it worked. It was a little stressful because it found many files to delete, but when it was done, the Scour was dead. hoorah

more options

comment deleted by a moderator. Combo fix worked fine for me. You have to wait a bit while it runs, but it solved the scour redirect issue for me. deleted by a moderator

verbal attacks toward other posters in the forum aren't allowed in this forum - don't personalize your comments

Modified by the-edmeister

more options

I tried the ComboFix but it repeatedly failed, as it couldn't write the files it needed to. I don't know if that's because of AVG or something else, but I am truly miserable...

  1. 1
  2. 2