?
Solved

Browser hijacked

Posted on 2013-01-16
13
Medium Priority
?
605 Views
Last Modified: 2013-12-06
Most of the time when I do a Google search or other search, my browser will be redirected to some other website. The redirect happens after I click on a search result, and it goes to some where else other then where it is supposed to go to.  I have Win 7 ultimate 64bit, and I have ran malwarebytes and Norton 360, and neither one of them find anything.

Thanks for any help!
0
Comment
Question by:needafix
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 3
  • +3
13 Comments
 
LVL 6

Expert Comment

by:RaithZ
ID: 38785127
Open IE in "No Addon" mode (you can do this by opening the start menu and typing Internet into the search box, you should see a shortcut for Internet Explorer (No Addons).  Does this still happen? IF not an addon is to blame for your problem.

Once IE is open, click tools, manage addons, and disable any addons you think might be the problem (you can't break anything by doing this, as you can always re-enable an addon if you think you need it at a later time).  

This will likely fix the problem you are having, but the software causing this is still installed and should be removed, once it is identified.
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 38785207
In addition to the above, check the settings in Norton 360 carefully. Try disabling for a few minutes and see if the problem goes away. Norton 360 likes to protect you by denying connectivity and I recommend Norton Internet Security as a better choice for individuals.

Also look in your HOSTS file and make sure all the entries in the file are comments.

c:\windows\system32\drivers\etc\hosts

... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38785342
needafix--You may still have malware.  Perhaps try some the following suggestions
http://productforums.google.com/forum/#!category-topic/websearch/unexpected-search-results/HFtuLSsxVZM

http://en.kioskea.net/forum/affich-24363-search-result-redirecting-to-another-site

To what site are you being redirected?
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 18

Expert Comment

by:web_tracker
ID: 38785785
0
 

Author Comment

by:needafix
ID: 38785935
And I've disabled all add-ons, my main browser is Firefox.
0
 
LVL 97

Expert Comment

by:Experienced Member
ID: 38786702
@needafix - You havent't answered the question about the HOSTS file. However, your system seems to be very badly infested with malware. If the suggestions to elminate malware are not working, then you should back up your system carefully, delete all partitions (to get rid of rootkit malware), format a new partition and reinstall Windows from the Recovery DVD or from the Windows 7 DVD. .... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38788178
needafix--That site to which you are being redirected
http://63.209.69.107/search/web/happens+water+vacume/6678_a10/46573-178852-1351-27681/v5
has problems.  It also has misspellings.  
I suspect you still have malware on the PC.  
Have you tried the suggestions in http:#a38785342  ?
0
 
LVL 18

Expert Comment

by:web_tracker
ID: 38790400
download roguekiller with another computer here is the softwere creators website, Go to the website with another compurer downloan it to a memory stick then bring it to the infected computer and run it. www.sur-la-toile.com/RogueKiller/
0
 

Author Comment

by:needafix
ID: 38791243
It appears to me that all the entries are in comments, in the Host file. Also, that is not the only website it sends me to, its just the most common one.  
Here are some other websites it sends me to:
http://www.local.com/results.aspx?keyword=water&cid=274279

I did a search on bubbles just to get an example and I was able to grab this redirect before it changed:

http://78177.a77800.489828.myspecdirect.com/rw/ABAAOqpDlCukvx3c8ktOxC-59tRHmTm-BOTaPWs5r3CPvEDUjyN-fTXltQY633KfHB7x9J5ORfRp_-_I9pCww217aBnJHCPMzHBn5DQhvUU4nhhL
0
 
LVL 97

Accepted Solution

by:
Experienced Member earned 360 total points
ID: 38792680
It appears to me that all the entries are in comments, in the Host file

If you cannot fix your HOSTS file (delete bogus entries) and scanning for malware is not correcting the problem, then you probably will save time by reinstalling Windows. Back up first, of course.

... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38793875
needafix--I suggest you try the antimalware suggestions in http:#a38785342 first.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 360 total points
ID: 38878670
I've had to clean up malware many times before and have never found one app that does it all. I always use at least two. Although my real arsonal includes the list below for real bad situations.

These utilities should be run in the following order.
1. Rougue Killer http://www.bleepingcomputer.com/download/roguekiller/

2. Combo Fix http://www.bleepingcomputer.com/download/search/?keyword=combofix

3. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/

4. Malwarebytes http://www.malwarebytes.org/

5. SuperAntiSpyware www.superantispyware.com

6. Go to start and type SFC /scannow and hit enter
This checks system files. If it finds a system file that's been modified, it will ask you to insert the Win 7 CD. If you don't have it, you should be abale to click IGNORE and continue.

There isn't much that get's past this battery of tools.

Please note: I'm not an AV expert, but I've learned to clean systems up through experience. These tolls have worked very well for me.
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction If you're like most people, you have occasionally made a typographical error when you're entering information into an online form.  And to your consternation, the browser remembers the error, and offers to autocomplete your future entr…
In threads here at EE, each comment has a unique Identifier (ID). It is easy to get the full path for an ID via the right-click context menu. However, we often want to post a short link within a thread rather than the full link. This article shows a…
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question