Browser hijacked

Most of the time when I do a Google search or other search, my browser will be redirected to some other website. The redirect happens after I click on a search result, and it goes to some where else other then where it is supposed to go to.  I have Win 7 ultimate 64bit, and I have ran malwarebytes and Norton 360, and neither one of them find anything.

Thanks for any help!
needafixAsked:
Who is Participating?
 
JohnConnect With a Mentor Business Consultant (Owner)Commented:
It appears to me that all the entries are in comments, in the Host file

If you cannot fix your HOSTS file (delete bogus entries) and scanning for malware is not correcting the problem, then you probably will save time by reinstalling Windows. Back up first, of course.

... Thinkpads_User
0
 
RaithZCommented:
Open IE in "No Addon" mode (you can do this by opening the start menu and typing Internet into the search box, you should see a shortcut for Internet Explorer (No Addons).  Does this still happen? IF not an addon is to blame for your problem.

Once IE is open, click tools, manage addons, and disable any addons you think might be the problem (you can't break anything by doing this, as you can always re-enable an addon if you think you need it at a later time).  

This will likely fix the problem you are having, but the software causing this is still installed and should be removed, once it is identified.
0
 
JohnBusiness Consultant (Owner)Commented:
In addition to the above, check the settings in Norton 360 carefully. Try disabling for a few minutes and see if the problem goes away. Norton 360 likes to protect you by denying connectivity and I recommend Norton Internet Security as a better choice for individuals.

Also look in your HOSTS file and make sure all the entries in the file are comments.

c:\windows\system32\drivers\etc\hosts

... Thinkpads_User
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
jcimarronCommented:
needafix--You may still have malware.  Perhaps try some the following suggestions
http://productforums.google.com/forum/#!category-topic/websearch/unexpected-search-results/HFtuLSsxVZM

http://en.kioskea.net/forum/affich-24363-search-result-redirecting-to-another-site

To what site are you being redirected?
0
 
web_trackerCommented:
0
 
needafixAuthor Commented:
0
 
needafixAuthor Commented:
And I've disabled all add-ons, my main browser is Firefox.
0
 
JohnBusiness Consultant (Owner)Commented:
@needafix - You havent't answered the question about the HOSTS file. However, your system seems to be very badly infested with malware. If the suggestions to elminate malware are not working, then you should back up your system carefully, delete all partitions (to get rid of rootkit malware), format a new partition and reinstall Windows from the Recovery DVD or from the Windows 7 DVD. .... Thinkpads_User
0
 
jcimarronCommented:
needafix--That site to which you are being redirected
http://63.209.69.107/search/web/happens+water+vacume/6678_a10/46573-178852-1351-27681/v5
has problems.  It also has misspellings.  
I suspect you still have malware on the PC.  
Have you tried the suggestions in http:#a38785342  ?
0
 
web_trackerCommented:
download roguekiller with another computer here is the softwere creators website, Go to the website with another compurer downloan it to a memory stick then bring it to the infected computer and run it. www.sur-la-toile.com/RogueKiller/
0
 
needafixAuthor Commented:
It appears to me that all the entries are in comments, in the Host file. Also, that is not the only website it sends me to, its just the most common one.  
Here are some other websites it sends me to:
http://www.local.com/results.aspx?keyword=water&cid=274279

I did a search on bubbles just to get an example and I was able to grab this redirect before it changed:

http://78177.a77800.489828.myspecdirect.com/rw/ABAAOqpDlCukvx3c8ktOxC-59tRHmTm-BOTaPWs5r3CPvEDUjyN-fTXltQY633KfHB7x9J5ORfRp_-_I9pCww217aBnJHCPMzHBn5DQhvUU4nhhL
0
 
jcimarronCommented:
needafix--I suggest you try the antimalware suggestions in http:#a38785342 first.
0
 
Tony GiangrecoConnect With a Mentor Commented:
I've had to clean up malware many times before and have never found one app that does it all. I always use at least two. Although my real arsonal includes the list below for real bad situations.

These utilities should be run in the following order.
1. Rougue Killer http://www.bleepingcomputer.com/download/roguekiller/

2. Combo Fix http://www.bleepingcomputer.com/download/search/?keyword=combofix

3. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/

4. Malwarebytes http://www.malwarebytes.org/

5. SuperAntiSpyware www.superantispyware.com

6. Go to start and type SFC /scannow and hit enter
This checks system files. If it finds a system file that's been modified, it will ask you to insert the Win 7 CD. If you don't have it, you should be abale to click IGNORE and continue.

There isn't much that get's past this battery of tools.

Please note: I'm not an AV expert, but I've learned to clean systems up through experience. These tolls have worked very well for me.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.