When ever I run a search on Google (or any search engine), if I click on a link I get redirected to a dif site that has junk and malware on it. I follow the directions for cleaning up the hosts files but did not help. Tried using NPE, did not find anything. Clicked on link for next step in the help process but the site will not open. The site is:
When ever I run a search on Google (or any search engine), if I click on a link I get redirected to a dif site that has junk and malware on it. I follow the directions for cleaning up the hosts files but did not help. Tried using NPE, did not find anything. Clicked on link for next step in the help process but the site will not open. The site is:
Using Norton INS 2012, no infections found, have even tried Norton Power Eraser. running WinXPpro, on a Intel CoreDuo machine btw, All updates installed on both. Makes no dif if I run the search in InEx 8, FireFox, or Opera Same thing happens with all three.
You might want to try running a full system scan with the free Malwarebytes' Anti-Malware (MBAM) scanner. MBAM will occasionally detect malware missed by a NIS full system scan.
During your MBAM installation, decline the 15-day trial offer to use the advanced Pro features, since this might activate the real-time protection mode in MBAM, and it's never a good idea to have more than one security program trying to handle real-time protection on your system. MBAM might find some old registry entries and PUPs (potentially unwanted programs), which are often just inert files on your hard drive left over from uninstalled toolbars, etc., and these types of detections often aren't a cause for concern.
------
Windows Vista Home Premium 32-bit SP2 * NIS 2011 v. 18.6.0.29 * IE 9.0 * Firefox 8.0.0 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Since 3 browsers are involved here and you have already tried some scans, I would recommend a visit to one of the free malware removal sites. They can give you the proper scans and tools to help clean up your machine if it's infected. They work with you 1 on 1 which can not be done here. Please register with one of them and describe your problem to them. Please let us know which one and how you are making out. Once they start helping you, we can't, but you can give us an update..
Please go to one of these free Forums for help in removing your bad malware or rootkits.
Ran the Malwarebytes, found one item, it fixed it. Then ran spybot, it found 3 more, fixed them. Problem still there I also think the seach results are being hijacked. Going to try the others on the list next and see if that nasty little bugger can be found. Will let you know what results I get Thanks again to everyone for thier help.
Since the NIS, MBAM and Spybot S & D scans don't seem to have solved problem, all of the links that floplot listed in message # 7 to malware removal forums come highly recommended. I've used the WhatTheTechVirus, Spyware & Malware Removal forum myself (see their instructions here for posting HijackThis, OTL and DDS logs in their forum) and I was assigned a tech expert that worked with me one-on-one until the problem was resolved.
Is it possible you had Spybot S & D TeaTimer module running on your PC in real-time protection mode at the same time as NIS 2012? There are several reports in the forum of malware being able to get past NIS and other Norton products because of a conflict with the real-time protection from another security program.
--------
Windows Vista Home Premium 32-bit SP2 * NIS 2011 v. 18.6.0.29 * IE 9.0 * Firefox 8.0.0 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Yesterday, Mountain_Cougar reported here that NIS had blocked an intrusion attempt from the malicious Couch Potato adware, and that the attacking site was reported as liveupdate.symantecliveupdate.com. I noticed that HeyDoubleT is reporting here that the re-direction is associated with http://sitedirector.symantec.com/......nbrt.
Do you know if there is any way for a user to determine if malware is simply spoofing the Symantec servers or if they're actually being infected when they connnect to the Symantec site (e.g., during an automatic LiveUpdate)? --------- Windows Vista Home Premium 32-bit SP2 * NIS 2011 v. 18.6.0.29 * IE 9.0 * Firefox 8.0.0 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Had this same problem. Norton Internet Security said it blocked something but that didn't stop the problem. And a full scan revealed nothing. Norton Power Eraser found nothing but Malwarebytes found three items. Erased those and the problem appears to have been fixed. Bit worrying that a free program can do what NIS and NPE couldn't.
Had this same problem. Norton Internet Security said it blocked something but that didn't stop the problem. And a full scan revealed nothing. Norton Power Eraser found nothing but Malwarebytes found three items. Erased those and the problem appears to have been fixed. Bit worrying that a free program can do what NIS and NPE couldn't.
Welcome,
Malwarebytes free scanner is a great compliment to your Norton product. They look at things a bit differently and so tend to catch some of the things that slip through the cracks. Yes, there are cracks, no security product is perfect nor can any one of them stay ahead of the creators of the 'nasties'.
I keep Malwarebytes free scanner on my desktop and makes sure that it stays current so it's ready when I need it. I also hold NPE in reserve as it is a powerful tool and can cause some problems. Using the two, NIS and MWB, regularly is the best insurance you have against infections. Should one find you we'll be here to help squash it.
Good advice. And it seems I spoke a bit too soon. The problem seemed to be fixed after I ran Malwarebytes but now I'm getting misdirected about 50% of the time, usually to a page called Infomash. Ran MWB again and it found one more file but I'm still getting misdirected some of the time. I'll try some of the things suggested earlier in this thread but if you have any new suggestions I'd like to hear them.