My web browser keeps redirecting
I had a virus on my laptop that popped up fake antivirus software. I have since run:
Smitfraudfix, MalwareBytes, SuperAntispyware, CCleaner, and Hijackthis.
It has cleaned up the fake antivirus software but every time I do a search through Google or Bing etc... it shows the search results but when I click on a link it redirects me to another site advertising something
Quite often www.com.au flicks up in the address bar before it goes off to some random site.
I have tried resseting IE.
Ant Clues?
Andrew
Smitfraudfix, MalwareBytes, SuperAntispyware, CCleaner, and Hijackthis.
It has cleaned up the fake antivirus software but every time I do a search through Google or Bing etc... it shows the search results but when I click on a link it redirects me to another site advertising something
Quite often www.com.au flicks up in the address bar before it goes off to some random site.
I have tried resseting IE.
Ant Clues?
Andrew
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Well if you can live with the possibility of this happening again in the future you can try looking at
http://www.microsoft.com/security/pc-security/browser-hijacking.aspx
http://www.microsoft.com/security/pc-security/browser-hijacking.aspx
It exists (203.2.75.99) and it is hosted at "vweb.optusnet.com.au". Look in your 'hosts' file and see if there is a redirect there that matches that. You can also "Request Attention" and get the anti-virus and malware zones added to your question.
Used Kaspersky's TDSSKiller:(try renaming the file if it doesn't run on first go)
http://support.kaspersky.com/viruses/solutions?qid=208280684
Also check out these articles on google search redirects.
"Google Hijack" - Google Search Gets Redirected:
https://www.experts-exchange.com/A_3299.html
"Infected Router - Google Search Redirects Even on a Clean System"
https://www.experts-exchange.com/A_5327.html
If TDSSKiller is blocked try these:
Symantec's FixTDSS.exe http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe
Eset's OlmarikTDL4Cleaner.exe
http://download.eset.com/special/EOlmarikTdl4Cleaner.exe
TDL4 removal tool from BitDefender:
http://www.malwarecity.com/community/index.php?app=downloads&showfile=25
http://support.kaspersky.com/viruses/solutions?qid=208280684
Also check out these articles on google search redirects.
"Google Hijack" - Google Search Gets Redirected:
https://www.experts-exchange.com/A_3299.html
"Infected Router - Google Search Redirects Even on a Clean System"
https://www.experts-exchange.com/A_5327.html
If TDSSKiller is blocked try these:
Symantec's FixTDSS.exe http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe
Eset's OlmarikTDL4Cleaner.exe
http://download.eset.com/special/EOlmarikTdl4Cleaner.exe
TDL4 removal tool from BitDefender:
http://www.malwarecity.com/community/index.php?app=downloads&showfile=25
That's an Australian site, when I go there it takes me to OptusNet, but it doesn't realy matter which site you are redirected to, you just need to stop the redirects.
Does it work normally if u enter the website directly without searching?
Is there any difference if you use the search box in the browser vs go to main page of search engine and use the search box there? Try use IP address (e.g. 98.137.149.56 to access www.yahoo.com) and use the search web box there.
Beside, u may also check correctness of DNS server address and any Proxy setting in browser.
Is there any difference if you use the search box in the browser vs go to main page of search engine and use the search box there? Try use IP address (e.g. 98.137.149.56 to access www.yahoo.com) and use the search web box there.
Beside, u may also check correctness of DNS server address and any Proxy setting in browser.
I had this problem on several clients computers. The EASIEST way that I've found was to use Hitman Pro. Do the "one time scan", as opposed to the full install.
After scanning and removing with Hitman Pro, it was gone. You can get it from their website below. Hope that works for you, it did for me.
http://www.surfright.nl/en/hitmanpro
After scanning and removing with Hitman Pro, it was gone. You can get it from their website below. Hope that works for you, it did for me.
http://www.surfright.nl/en/hitmanpro
HitmanPro can remove some variant to TDSS rootkits but it's not that good when there are patched files involved.
Also note that it can sometimes render the system unbootable.
I think you will be better served to use the targeted TDSSKiller tools described in this comment:
http:#a36340590
Also note that it can sometimes render the system unbootable.
I think you will be better served to use the targeted TDSSKiller tools described in this comment:
http:#a36340590
ASKER