Solved

ODD HIJACKER

Posted on 2012-04-04
5
465 Views
Last Modified: 2013-12-06
Have an odd hijacker situation. I have two users who are affected and they do exchange files etc.
Both are win 7 and outlook 2010 and 64 bit systems

We use SharePoint that is housed in Asia
These two users can log on and sometimes go to another page in SharePoint but then it either redirects to a avg.com search page or a cannot connect page.
They can go anywhere in the internet they want it is only happening with SharePoint. No one else in the office is affected. I tired Firefox and it has same issue but just display error page

I have Checked the Host file it looks the same as mine.
I check the DNS they are all set for detected automatically
I check interconnect there is no proxy checked.
I ran Windows Defender, AVG, Malabyte, Spy doctor, TDSkill, ISPFIX, Spybot nothing seems to find anything. I disable most add in also.
It has to be hidden in the registry is my feeling but then it does not take a reboot to come back.
My issue is The President is one of these and he is going to Asia Saturday morning. He accesses SharePoint all the time

Can anyone help me.
0
Comment
Question by:ssaver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 6

Accepted Solution

by:
livanescu earned 500 total points
ID: 37808947
is there a chance they have AVG installed and some script in SharePoint (custom - jquery, ajax etc) would trigger AVG safe-shield (whatever would be the name) to interpret as an attack or a false response because it doesn't get/understand SharePoint in far-eastern language. If so, disabling the feature for the site would probably fix the issue...
0
 
LVL 1

Author Comment

by:ssaver
ID: 37809077
livanescu
If i understand you correctly we do use AVG.
would uninstalling AVG on my system here also have the same results? If so, I will uninstall it on one of the systems in the AM and see if that make a difference.

My only questions why all of a sudden we have beeen using it for a year now with no issue. unless they just installed it.
0
 
LVL 6

Assisted Solution

by:livanescu
livanescu earned 500 total points
ID: 37809354
continuing on the wild goose chase:

how to disable the AVG LinkScanner Surf-Shield
http://forums.avg.com/us-en/avg-forums?sec=thread&act=show&id=113239

More on the way the LinkScanner works:
http://forums.avg.com/us-en/avg-forums?sec=thread&act=show&id=174304#post_174304

They also mention the issue shows up in IE and FF; try  it in Chrome
0
 
LVL 1

Author Comment

by:ssaver
ID: 37810503
livanescu
Thanks for the help although it turned out to be DNS issue which he would not have discovered if it was not for you asking about installing new Ajax etc. which he said nothing new.  They were on a holiday and what you said made him especially when it started to happen to his users in TW (all VIPs) since it was a holiday. Murphy's Law what you going to do.
The server and IT are in SZ office.
He said this: I got a same issue from TW this morning. After checked, it seems our Domain Service Provider has some problem last night. Please let me know if US still have a problem. By the way, we didn't install any software in SP server recently.  
Even though it was not what we thought I am awarding you the points you made him look at things which is a tough thing to do they are never wrong you know. LOL.
Oh well a few more grey hairs will not hurt me.
0
 
LVL 1

Author Closing Comment

by:ssaver
ID: 37810513
Even though it was not what we thought I am awarding you the points you made him look at things which is a tough thing to do.
It was thier Domain Service Provider had some problem last night
0

Featured Post

Get Actionable Data from Your Monitoring Solution

Your communication platform is only as good as the relevance of the information you send. Ensure your alerts get to the right people every time with actionable responses. Create escalation rules that ensure everyone follows the process and nothing is left to chance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question