?
Solved

ODD HIJACKER

Posted on 2012-04-04
5
Medium Priority
?
466 Views
Last Modified: 2013-12-06
Have an odd hijacker situation. I have two users who are affected and they do exchange files etc.
Both are win 7 and outlook 2010 and 64 bit systems

We use SharePoint that is housed in Asia
These two users can log on and sometimes go to another page in SharePoint but then it either redirects to a avg.com search page or a cannot connect page.
They can go anywhere in the internet they want it is only happening with SharePoint. No one else in the office is affected. I tired Firefox and it has same issue but just display error page

I have Checked the Host file it looks the same as mine.
I check the DNS they are all set for detected automatically
I check interconnect there is no proxy checked.
I ran Windows Defender, AVG, Malabyte, Spy doctor, TDSkill, ISPFIX, Spybot nothing seems to find anything. I disable most add in also.
It has to be hidden in the registry is my feeling but then it does not take a reboot to come back.
My issue is The President is one of these and he is going to Asia Saturday morning. He accesses SharePoint all the time

Can anyone help me.
0
Comment
Question by:ssaver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 6

Accepted Solution

by:
livanescu earned 2000 total points
ID: 37808947
is there a chance they have AVG installed and some script in SharePoint (custom - jquery, ajax etc) would trigger AVG safe-shield (whatever would be the name) to interpret as an attack or a false response because it doesn't get/understand SharePoint in far-eastern language. If so, disabling the feature for the site would probably fix the issue...
0
 
LVL 1

Author Comment

by:ssaver
ID: 37809077
livanescu
If i understand you correctly we do use AVG.
would uninstalling AVG on my system here also have the same results? If so, I will uninstall it on one of the systems in the AM and see if that make a difference.

My only questions why all of a sudden we have beeen using it for a year now with no issue. unless they just installed it.
0
 
LVL 6

Assisted Solution

by:livanescu
livanescu earned 2000 total points
ID: 37809354
continuing on the wild goose chase:

how to disable the AVG LinkScanner Surf-Shield
http://forums.avg.com/us-en/avg-forums?sec=thread&act=show&id=113239

More on the way the LinkScanner works:
http://forums.avg.com/us-en/avg-forums?sec=thread&act=show&id=174304#post_174304

They also mention the issue shows up in IE and FF; try  it in Chrome
0
 
LVL 1

Author Comment

by:ssaver
ID: 37810503
livanescu
Thanks for the help although it turned out to be DNS issue which he would not have discovered if it was not for you asking about installing new Ajax etc. which he said nothing new.  They were on a holiday and what you said made him especially when it started to happen to his users in TW (all VIPs) since it was a holiday. Murphy's Law what you going to do.
The server and IT are in SZ office.
He said this: I got a same issue from TW this morning. After checked, it seems our Domain Service Provider has some problem last night. Please let me know if US still have a problem. By the way, we didn't install any software in SP server recently.  
Even though it was not what we thought I am awarding you the points you made him look at things which is a tough thing to do they are never wrong you know. LOL.
Oh well a few more grey hairs will not hurt me.
0
 
LVL 1

Author Closing Comment

by:ssaver
ID: 37810513
Even though it was not what we thought I am awarding you the points you made him look at things which is a tough thing to do.
It was thier Domain Service Provider had some problem last night
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question