Browsers redirected to ads sites

Norton Security | Norton Internet Security
1

Hello:

 

Recently each time I conduct a search using any search engine (primarily Google, Yahoo, alltheweb) and click on any link from the search results the browser is redirected to an ad site.   In use Firefox with Noscript and it stops the page from loading but I can't figure out why it's even occurring at all.   I have Norton Internet Security  on my HP system and wife has it on her laptop.  She is experiencing the same thing as she searches in IE.  She is connected wirelessly thru a linksys broadband router  which is connected to our cable modem.  I am physically connected to the router via a cable. 

 

We have very different search habits, but we're still quite cautious.  Here's what's odd, too.   I have another computer that's connected physically to the linksys, but it is a Ubuntu Linux box and when I search via Firefox with it I get the same problem of being redirected to ad sites.

 

Our NIS scans say we're safe yet this browser problem persists on all three machines.  Any answers to this problem will be much appreciated.  Thanks in advance.

 

Semi

2

Can you look at your intrusion prevention logs to see if there are any blocked attacks, and let us know what you find?

3

Does your Internete Browser (eg Internet Explorer) have a common add-on to it that might be redirecting you?

 

With IE check the Menu Bar under Tools / Manage Add-ons to see if there is anything there and if it looks suspicious then disable it. If you don't see the Menu Bar -- File ..... Help -- press the ALT key on your keyboard to reveal it temporarily.

 

Just a thought but see what others suggest since it's not happend to me.

4

Given that all three machines are experiencing this and you are using a LinkSys router, I wonder if you are running into the Cisco Web Assistant (CWA). See the thread about Problems with LiveUpdate for more information.

 

5

Hello: Thank you for the response. In my history I’ve got scores of the same entry that says ‘unauthorized access blocked’ and it’s given medium severity rating. Looking in my wife’s history (the wireless laptop) there are more minatory entries, such as 'unused port has blocked communications inbound TCP connection from 209.160.41.246. There are other entries that give other addresses like 127.0.0.0/ or 255.0.0.0. There is one entry that was given a high severity rating and it was blocked: 91.188.60.234. There are other entries that I am not putting in the response, but I’ll scour through them if you think you’ll need them. I’m not sure what they mean but is seems NIS is being vigilant in its protection, at least on the surface. I’m still puzzled as to why my Linux system is affected. Thank you again for looking into this. I hope I supplied you with what you were asking for.

6

semicroscopist:

 

You are looking at different areas which are all included in "recent history."  If you go to the menu bar where it says recent history, you will see the different sections.

 

The ones that say "unauthorized access"  refer to the security of Norton's own files.  Norton's tamper prevention logs all instances of other applications accessing its files.  This is a notification, not a threat.

 

The ones that mention 127.0.0.0/255.0.0.0 are referring to the firewall activities and are also perfectly normal and refer to your own network.

 

209.160.41.246 would appear to be an address in Washington State and is likely to be an ISP.

 

The one that is more interesting is this one 91.188.60.234, but as it was blocked, it isn't a threat either.

 

Scrolling through the different areas of history will be more helpful to you in terms of understanding what the different parts are doing.