needafix
asked on
Browser hijacked
Most of the time when I do a Google search or other search, my browser will be redirected to some other website. The redirect happens after I click on a search result, and it goes to some where else other then where it is supposed to go to. I have Win 7 ultimate 64bit, and I have ran malwarebytes and Norton 360, and neither one of them find anything.
Thanks for any help!
Thanks for any help!
In addition to the above, check the settings in Norton 360 carefully. Try disabling for a few minutes and see if the problem goes away. Norton 360 likes to protect you by denying connectivity and I recommend Norton Internet Security as a better choice for individuals.
Also look in your HOSTS file and make sure all the entries in the file are comments.
c:\windows\system32\driver s\etc\host s
... Thinkpads_User
Also look in your HOSTS file and make sure all the entries in the file are comments.
c:\windows\system32\driver
... Thinkpads_User
needafix--You may still have malware. Perhaps try some the following suggestions
http://productforums.google.com/forum/#!category-topic/websearch/unexpected-search-results/HFtuLSsxVZM
http://en.kioskea.net/forum/affich-24363-search-result-redirecting-to-another-site
To what site are you being redirected?
http://productforums.google.com/forum/#!category-topic/websearch/unexpected-search-results/HFtuLSsxVZM
http://en.kioskea.net/forum/affich-24363-search-result-redirecting-to-another-site
To what site are you being redirected?
I would try rogue killer. http://www.geekstogo.com/forum/files/file/413-roguekiller/
ASKER
I get taken to this website:
http://63.209.69.107/search/web/happens+water+vacume/6678_a10/46573-178852-1351-27681/v5
http://63.209.69.107/search/web/happens+water+vacume/6678_a10/46573-178852-1351-27681/v5
ASKER
And I've disabled all add-ons, my main browser is Firefox.
@needafix - You havent't answered the question about the HOSTS file. However, your system seems to be very badly infested with malware. If the suggestions to elminate malware are not working, then you should back up your system carefully, delete all partitions (to get rid of rootkit malware), format a new partition and reinstall Windows from the Recovery DVD or from the Windows 7 DVD. .... Thinkpads_User
needafix--That site to which you are being redirected
http://63.209.69.107/search/web/happens+water+vacume/6678_a10/46573-178852-1351-27681/v5
has problems. It also has misspellings.
I suspect you still have malware on the PC.
Have you tried the suggestions in http:#a38785342 ?
http://63.209.69.107/search/web/happens+water+vacume/6678_a10/46573-178852-1351-27681/v5
has problems. It also has misspellings.
I suspect you still have malware on the PC.
Have you tried the suggestions in http:#a38785342 ?
download roguekiller with another computer here is the softwere creators website, Go to the website with another compurer downloan it to a memory stick then bring it to the infected computer and run it. www.sur-la-toile.com/RogueKiller/
ASKER
It appears to me that all the entries are in comments, in the Host file. Also, that is not the only website it sends me to, its just the most common one.
Here are some other websites it sends me to:
http://www.local.com/results.aspx?keyword=water&cid=274279
I did a search on bubbles just to get an example and I was able to grab this redirect before it changed:
http://78177.a77800.489828.myspecdirect.com/rw/ABAAOqpDlCukvx3c8ktOxC-59tRHmTm-BOTaPWs5r3CPvEDUjyN-fTXltQY633KfHB7x9J5ORfRp_-_I9pCww217aBnJHCPMzHBn5DQhvUU4nhhL
Here are some other websites it sends me to:
http://www.local.com/results.aspx?keyword=water&cid=274279
I did a search on bubbles just to get an example and I was able to grab this redirect before it changed:
http://78177.a77800.489828.myspecdirect.com/rw/ABAAOqpDlCukvx3c8ktOxC-59tRHmTm-BOTaPWs5r3CPvEDUjyN-fTXltQY633KfHB7x9J5ORfRp_-_I9pCww217aBnJHCPMzHBn5DQhvUU4nhhL
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
needafix--I suggest you try the antimalware suggestions in http:#a38785342 first.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Once IE is open, click tools, manage addons, and disable any addons you think might be the problem (you can't break anything by doing this, as you can always re-enable an addon if you think you need it at a later time).
This will likely fix the problem you are having, but the software causing this is still installed and should be removed, once it is identified.