Search Engine Hijacking

Inactive
By lplegacy
Apr 10, 2010
Topic Status:
Not open for further replies.
  1. When I search for something on google and I click on a link it automatically redirects me to a different website. Could someone help me with this?
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the 3 logs for review.

    Please take a little time to review the TechSpot boards. These instructions are at the top of this forum.
  3. lplegacy

    lplegacy Newcomer, in training Topic Starter

    There was a program called Pando Media Booster and I had no idea what it was, so I uninstalled it and everything works fine. Do you still want me to give you the logs?

    Edit: Nevermind, I don't think that was the problem...
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Pando is a file sharing, P2P network. you should follow through with the malware steps.
  5. lplegacy

    lplegacy Newcomer, in training Topic Starter

    Attached the files.

    Attached Files:

  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    You have 3 antivirus programs running- there should only be one:

    C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe


    Multiple antivirus and/or firewalls can leave the system more vulnerable and also slow it down. Pleas decide which you want. You need one AV, one firewall, and can have multiple antimalware programs. IT appears that the Norton Internet Security is the main program and you will have paid for it unless it's a trial version. If the subscription is current and it is up to date, you might want to consider removing Comodo and McAfee. NIS has all the basics and you can add another antimalware programs for sypyware.adware.
    ========================
    Please get control of the Tracking Cookies:
    Reset Cookies
    For Firefox: Tools> Options> Privacy> Cookies> CHECK ‘accept Cookies from Sites’> UNCHECK 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')

    I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
    AdBlock Plus
    Easy List

    For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.
    ==============================
    When you finished with the secuirty programs, please run this:
    Please download ComboFix HERE:
    • With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
      Important! Save the renamed download to your desktop.
    • Please disable all security programs, such as antiviruses, antispywares, and firewalls before you run the program.
    • Double click on the setup file on the desktop to run
    • If prompted to download and install the Recovery Console, please do so.
      (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
    • If prompted to update, please allow.
    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.
    Notes:

    • 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
      2. ComboFix may reset a number of Internet Explorer's settings.
      3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security.
      4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run.
    =======================
    And then this: Run Eset NOD32 Online AntiVirus Scanner HERE
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the Active X control to install
    • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    • Click Scan
    • Wait for the scan to finish
    • Re-enable your Antivirus software.
    • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    Please leave the Combofix report and Eset log in your next reply.
    I would appreciate a better description of the problem also. some members are saying they have a 'Google redirect' when what they describe is something else instead.
  7. lplegacy

    lplegacy Newcomer, in training Topic Starter

    I opened combofix and it shows a bar on my screen (I assume it's installing or something) and when it's about done a window pops up saying that it could not access the file and that I may not have the permissions to access it. I don't even know what file it's talking about :/
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Did you follow the instuctions to rename the file?
    EDIT: With Windows 7, you will likely need to be logged on as the Administrator.
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +32

    Due to inactivity, this thread is being closed. If you need it reopened, please send a PM to your helper.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.