Solved

Browser hijacked

Posted on 2013-01-16
13
595 Views
Last Modified: 2013-12-06
Most of the time when I do a Google search or other search, my browser will be redirected to some other website. The redirect happens after I click on a search result, and it goes to some where else other then where it is supposed to go to.  I have Win 7 ultimate 64bit, and I have ran malwarebytes and Norton 360, and neither one of them find anything.

Thanks for any help!
0
Comment
Question by:needafix
  • 3
  • 3
  • 3
  • +3
13 Comments
 
LVL 6

Expert Comment

by:RaithZ
ID: 38785127
Open IE in "No Addon" mode (you can do this by opening the start menu and typing Internet into the search box, you should see a shortcut for Internet Explorer (No Addons).  Does this still happen? IF not an addon is to blame for your problem.

Once IE is open, click tools, manage addons, and disable any addons you think might be the problem (you can't break anything by doing this, as you can always re-enable an addon if you think you need it at a later time).  

This will likely fix the problem you are having, but the software causing this is still installed and should be removed, once it is identified.
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 38785207
In addition to the above, check the settings in Norton 360 carefully. Try disabling for a few minutes and see if the problem goes away. Norton 360 likes to protect you by denying connectivity and I recommend Norton Internet Security as a better choice for individuals.

Also look in your HOSTS file and make sure all the entries in the file are comments.

c:\windows\system32\drivers\etc\hosts

... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38785342
needafix--You may still have malware.  Perhaps try some the following suggestions
http://productforums.google.com/forum/#!category-topic/websearch/unexpected-search-results/HFtuLSsxVZM

http://en.kioskea.net/forum/affich-24363-search-result-redirecting-to-another-site

To what site are you being redirected?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 18

Expert Comment

by:web_tracker
ID: 38785785
0
 

Author Comment

by:needafix
ID: 38785931
0
 

Author Comment

by:needafix
ID: 38785935
And I've disabled all add-ons, my main browser is Firefox.
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 38786702
@needafix - You havent't answered the question about the HOSTS file. However, your system seems to be very badly infested with malware. If the suggestions to elminate malware are not working, then you should back up your system carefully, delete all partitions (to get rid of rootkit malware), format a new partition and reinstall Windows from the Recovery DVD or from the Windows 7 DVD. .... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38788178
needafix--That site to which you are being redirected
http://63.209.69.107/search/web/happens+water+vacume/6678_a10/46573-178852-1351-27681/v5
has problems.  It also has misspellings.  
I suspect you still have malware on the PC.  
Have you tried the suggestions in http:#a38785342  ?
0
 
LVL 18

Expert Comment

by:web_tracker
ID: 38790400
download roguekiller with another computer here is the softwere creators website, Go to the website with another compurer downloan it to a memory stick then bring it to the infected computer and run it. www.sur-la-toile.com/RogueKiller/
0
 

Author Comment

by:needafix
ID: 38791243
It appears to me that all the entries are in comments, in the Host file. Also, that is not the only website it sends me to, its just the most common one.  
Here are some other websites it sends me to:
http://www.local.com/results.aspx?keyword=water&cid=274279

I did a search on bubbles just to get an example and I was able to grab this redirect before it changed:

http://78177.a77800.489828.myspecdirect.com/rw/ABAAOqpDlCukvx3c8ktOxC-59tRHmTm-BOTaPWs5r3CPvEDUjyN-fTXltQY633KfHB7x9J5ORfRp_-_I9pCww217aBnJHCPMzHBn5DQhvUU4nhhL
0
 
LVL 93

Accepted Solution

by:
John Hurst earned 90 total points
ID: 38792680
It appears to me that all the entries are in comments, in the Host file

If you cannot fix your HOSTS file (delete bogus entries) and scanning for malware is not correcting the problem, then you probably will save time by reinstalling Windows. Back up first, of course.

... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38793875
needafix--I suggest you try the antimalware suggestions in http:#a38785342 first.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 90 total points
ID: 38878670
I've had to clean up malware many times before and have never found one app that does it all. I always use at least two. Although my real arsonal includes the list below for real bad situations.

These utilities should be run in the following order.
1. Rougue Killer http://www.bleepingcomputer.com/download/roguekiller/

2. Combo Fix http://www.bleepingcomputer.com/download/search/?keyword=combofix

3. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/

4. Malwarebytes http://www.malwarebytes.org/

5. SuperAntiSpyware www.superantispyware.com

6. Go to start and type SFC /scannow and hit enter
This checks system files. If it finds a system file that's been modified, it will ask you to insert the Win 7 CD. If you don't have it, you should be abale to click IGNORE and continue.

There isn't much that get's past this battery of tools.

Please note: I'm not an AV expert, but I've learned to clean systems up through experience. These tolls have worked very well for me.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Do you come here a lot? Are you lazy like me and don't want to go through the "trouble" of having to click your Dock's Safari icon and then having to click your Experts Exchange Favorites bookmark to get here? Well then this article is for you.
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question