We help IT Professionals succeed at work.

I am suffering from a web redirect problem. Adelphia says this is "malware" but I can't go to yahoo.com, instead ie and netscape take me to www.thebestse.com

filibuster1015
on
Medium Priority
1,866 Views
Last Modified: 2010-04-11
Recently, internet explorer and netscape stopped taking me to my homepage of www.yahoo.com. Instead of directing me to the appropriate site I am directed to www.thebestse.com. What is wierd about this experience is the fact that my browser's url bar still reads www.yahoo.com. This problem occurs when I go to www.msn.com and www.google.com. I have yet to discover other site addresses with this problem.

I first called adelphia and they suggested I install adaware. Although adaware found 341 different spyware programs and the like, it did not solve the problem. They had no other ideas but to have me call Dell. Dell was unable to solve my problem either. So I'm looking to you all...

What is going on here? Is this in fact malware? How can I get rid of this problem?

Any advice is greatly appreciated!

Phil
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2007
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Another good one that can fix you up is Spybot Search & Destroy.  www.security.kolla.de

Commented:
go to run type gpedit - this will open the group policy editor

drill down to user configuration/administrative templates/windows components/windows messenger/ and on the rite pane - do not allow messenger to be run - rite click and on properties change to enable,

this will stop this sucker from running completely

then in outlook express/ go to options/ and uncheck logon to messenger under general and hilite only go directly to my inbox that will make oe start in a jiffy

Commented:
Hijack This and BHODemon and Browser Hijack Blaster

Hijack This http://www.spywareinfo.com/~merijn/files/hijackthis.zip | Written by a member of our support forums and based on our Hijacked! article, this program scans the locations in your computer system that may be modified by browser hijackers and fixes any problems found. An easy-to-understand tutorial is available at TomCoyote.org.

http://www.spywareinfo.com/downloads.php?cat=sp#det
BHODemon http://www.spywareinfo.com/downloads/bhod/ | Think of BHODemon as a guardian for your Internet browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. This program is my choice for BHO detection and is highly recommended.

Browser Hijack Blaster http://www.wilderssecurity.net/bhblaster.html | Running silently in the background, Browser Hijack Blaster only springs into action when an attempt is made. It watches and protects the following items: IE Homepage, IE Default Page, IE Search Page, BHOs. Whenver one of the above items is changed, or a BHO is added, you are immediately provided with information on the item, along with the option to keep the change, or revert to your previous settings.
==========================


Could be malware has installed itself on your system that is the causing this. The following utilities can help you find and remove most known malware. The first two are free and I would suggest to use both of them because neither is 100% in finding malware but using both together helps find what the other may have missed.

spybot here
http://www.safer-networking.org/
Download
http://spybot.safer-networking.de/index.php?lang=en&page=download

AdAware
http://www.lavasoftusa.com/

Spycop:
http://www.spycop.com/

General and overall information about Spy/Adware
http://www.cexx.org/adware.htm

Author

Commented:
thank you to everyone who responded... webshredder did the trick. thank you sir bounty. my kind regards to you and to everyone who posted. I now believe that I am free of the "malware".

hopefully it will not come back!

Commented:
If by chance the above spyware removal tools still don't work for you, you may want to try flushing your dns cache.  To do this go to the command prompt and type "ipconfig /flushdns".  Note that this only works on 2000 and XP.  This may remove any improper domain name resolutions that your computer has stored.  

Good luck.

Commented:
Posted while I was typing! Please disregard the last post ;)
Have you looked into you HOST FILE?
It’s under \system32\drives\etc\
--------
Look there, some spy ware software adds entries there to redirect you to the sites they want you to go to.
This is done by manipulating the local DNS of the pc your using.

Example:
127.0.0.1            localhost
216.109.118.65      www.yahoo.com
216.109.127.30      yahoo.com

Now if some software changed this to lets say:

149.174.130.216      www.yahoo.com

What would happen here is every time you try to go to: www.yahoo.com
It will take you to aol.com
Name:    aol.com
Addresses:  64.12.187.24, 149.174.130.216, 205.188.145.213
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.