win 7 all search engines are redirected. (virus?)

#1
Win 7 IE 9 using google or any other search engine (Yahoo, etc) the search does bring up links for the web sites requested. However clicking any link redirects the request to a page "Get hot link.com" or a job search page. I have run the MS Malware removal tool, McAfee, IObit Malware fighter pro and all find nothing. Does anyone know where to find this malware and get rid of it?
 


Mitchell_A

Essential Member
#2
Welcome to Windows7Forums :)

Please download and run MalwareBytes Antimalware and run a quick scan, remove any threats and reboot.
Next, open the Network and Sharing Center and select "change adapter settings" in the left hand pane. Right click your active connection and select properties. Now, under IPv4 click properties. Ensure both radio boxes are selected to "obtain automatically" and save. Finally, reset your winsocks by opening Command Prompt as an administrator and typing the following two commands "netsh reset winsock catalog" press enter, then type "netsh int ip reset reset.log hit". Hopefully, these few things will resolve the issue.

Your thread has been moved to Windows 7 Support.
 


#3
Mitchell,Sorry to be so late to reply. I was away for a week or so.

I followed your suggestion to the letter to no avail. Everything ran as it should have and the command prompt actions completed after which I rebooted. Unfortunatly all my search engines are redirected to other sites than the one clicked on. Thus I am still where I started.
Any other ideas? This is a problem and all I can see is formating the hard drive and starting over. I hate to do that, it takes all day to reinstall everything if I even have all on backups.

Dave
 


Trouble

Noob Whisperer
#4
Check you hosts file here C:\Windows\System32\Drivers\etc
it should look pretty much like this
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
Anything beneath that may be a redirector and you should probably delete everything not proceeded by a pound symbol "#"
You may need to right click the file and remove the read only attribute in order to edit it and then remember to reset it to read only when done.
Other than that use Control Panel-> Internet Options to reset Internet Explorer back to its' default state Button is located under the "advanced" tab
 


Saltgrass

Excellent Member
Microsoft Community Contributor
#5
It could be something as simple as an add-on you could check and disable.

Also, Browser Helper Objects might be involved, and the only way I know to find them is HijackThis. If you decide to try it, you would be looking for a BHO that might be related to that site. I have a general understanding of the logs, but I cannot pick out particular entries that might need to be removed. But if you get the log, zip it and attach using the paperclip on the advanced reply window.

I suppose you could also search your registry for that site name.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.