Solved

Browser hijacked

Posted on 2013-01-16
13
600 Views
Last Modified: 2013-12-06
Most of the time when I do a Google search or other search, my browser will be redirected to some other website. The redirect happens after I click on a search result, and it goes to some where else other then where it is supposed to go to.  I have Win 7 ultimate 64bit, and I have ran malwarebytes and Norton 360, and neither one of them find anything.

Thanks for any help!
0
Comment
Question by:needafix
  • 3
  • 3
  • 3
  • +3
13 Comments
 
LVL 6

Expert Comment

by:RaithZ
ID: 38785127
Open IE in "No Addon" mode (you can do this by opening the start menu and typing Internet into the search box, you should see a shortcut for Internet Explorer (No Addons).  Does this still happen? IF not an addon is to blame for your problem.

Once IE is open, click tools, manage addons, and disable any addons you think might be the problem (you can't break anything by doing this, as you can always re-enable an addon if you think you need it at a later time).  

This will likely fix the problem you are having, but the software causing this is still installed and should be removed, once it is identified.
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 38785207
In addition to the above, check the settings in Norton 360 carefully. Try disabling for a few minutes and see if the problem goes away. Norton 360 likes to protect you by denying connectivity and I recommend Norton Internet Security as a better choice for individuals.

Also look in your HOSTS file and make sure all the entries in the file are comments.

c:\windows\system32\drivers\etc\hosts

... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38785342
needafix--You may still have malware.  Perhaps try some the following suggestions
http://productforums.google.com/forum/#!category-topic/websearch/unexpected-search-results/HFtuLSsxVZM

http://en.kioskea.net/forum/affich-24363-search-result-redirecting-to-another-site

To what site are you being redirected?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 18

Expert Comment

by:web_tracker
ID: 38785785
0
 

Author Comment

by:needafix
ID: 38785931
0
 

Author Comment

by:needafix
ID: 38785935
And I've disabled all add-ons, my main browser is Firefox.
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 38786702
@needafix - You havent't answered the question about the HOSTS file. However, your system seems to be very badly infested with malware. If the suggestions to elminate malware are not working, then you should back up your system carefully, delete all partitions (to get rid of rootkit malware), format a new partition and reinstall Windows from the Recovery DVD or from the Windows 7 DVD. .... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38788178
needafix--That site to which you are being redirected
http://63.209.69.107/search/web/happens+water+vacume/6678_a10/46573-178852-1351-27681/v5
has problems.  It also has misspellings.  
I suspect you still have malware on the PC.  
Have you tried the suggestions in http:#a38785342  ?
0
 
LVL 18

Expert Comment

by:web_tracker
ID: 38790400
download roguekiller with another computer here is the softwere creators website, Go to the website with another compurer downloan it to a memory stick then bring it to the infected computer and run it. www.sur-la-toile.com/RogueKiller/
0
 

Author Comment

by:needafix
ID: 38791243
It appears to me that all the entries are in comments, in the Host file. Also, that is not the only website it sends me to, its just the most common one.  
Here are some other websites it sends me to:
http://www.local.com/results.aspx?keyword=water&cid=274279

I did a search on bubbles just to get an example and I was able to grab this redirect before it changed:

http://78177.a77800.489828.myspecdirect.com/rw/ABAAOqpDlCukvx3c8ktOxC-59tRHmTm-BOTaPWs5r3CPvEDUjyN-fTXltQY633KfHB7x9J5ORfRp_-_I9pCww217aBnJHCPMzHBn5DQhvUU4nhhL
0
 
LVL 94

Accepted Solution

by:
John Hurst earned 90 total points
ID: 38792680
It appears to me that all the entries are in comments, in the Host file

If you cannot fix your HOSTS file (delete bogus entries) and scanning for malware is not correcting the problem, then you probably will save time by reinstalling Windows. Back up first, of course.

... Thinkpads_User
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38793875
needafix--I suggest you try the antimalware suggestions in http:#a38785342 first.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 90 total points
ID: 38878670
I've had to clean up malware many times before and have never found one app that does it all. I always use at least two. Although my real arsonal includes the list below for real bad situations.

These utilities should be run in the following order.
1. Rougue Killer http://www.bleepingcomputer.com/download/roguekiller/

2. Combo Fix http://www.bleepingcomputer.com/download/search/?keyword=combofix

3. TDS Killer http://www.bleepingcomputer.com/download/tdsskiller/

4. Malwarebytes http://www.malwarebytes.org/

5. SuperAntiSpyware www.superantispyware.com

6. Go to start and type SFC /scannow and hit enter
This checks system files. If it finds a system file that's been modified, it will ask you to insert the Win 7 CD. If you don't have it, you should be abale to click IGNORE and continue.

There isn't much that get's past this battery of tools.

Please note: I'm not an AV expert, but I've learned to clean systems up through experience. These tolls have worked very well for me.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Receipt Printer for web based app 3 109
Annoying Taskbar Popup from Edge 8 38
Internet Explorer question 6 37
mozilla how to book mark to specific book mark folder 10 92
Several part series to implement Internet Explorer 11 Enterprise Mode
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question