Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafemuddy

Post to this Thread - Sort Descending - Printer Friendly - Home


Tech: Google links hijacked

pavane 12 Nov 10 - 08:23 AM
Nick 12 Nov 10 - 09:34 AM
GUEST,Ed 12 Nov 10 - 09:37 AM
pavane 12 Nov 10 - 10:17 AM
Amergin 12 Nov 10 - 09:53 PM
pavane 13 Nov 10 - 04:03 AM
pavane 16 Nov 10 - 04:25 AM
pavane 16 Nov 10 - 07:07 AM
GUEST,Ed 16 Nov 10 - 07:19 AM
The Fooles Troupe 16 Nov 10 - 07:22 AM
pavane 16 Nov 10 - 07:28 AM
The Fooles Troupe 16 Nov 10 - 07:30 AM
GUEST,Ed 16 Nov 10 - 07:31 AM
The Fooles Troupe 16 Nov 10 - 08:35 AM
The Fooles Troupe 16 Nov 10 - 08:39 AM
pavane 17 Nov 10 - 08:31 AM
pavane 17 Nov 10 - 08:32 AM
pavane 17 Nov 10 - 08:37 AM
The Fooles Troupe 17 Nov 10 - 09:56 PM
pavane 18 Nov 10 - 04:05 AM
Simon G 18 Nov 10 - 02:01 PM
The Fooles Troupe 18 Nov 10 - 11:29 PM
The Fooles Troupe 18 Nov 10 - 11:33 PM
The Fooles Troupe 18 Nov 10 - 11:43 PM
The Fooles Troupe 02 Dec 10 - 02:05 AM
Share Thread
more
Lyrics & Knowledge Search [Advanced]
DT  Forum
Sort (Forum) by:relevance date
DT Lyrics:









Subject: Tech: Google links hijacked
From: pavane
Date: 12 Nov 10 - 08:23 AM

I am sure someone here can help with this - Mrs Pavane has picked up some kind of malware which hijacks all her search results on browsers, and send her to somewhere completely different - including porn sites. It doesn't affect favourites, not the field where you type an address dirctly.

Virus scans show nothing, but there seem to be lots of strange programs running in Task Manager.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: Nick
Date: 12 Nov 10 - 09:34 AM

Malwarebytes is a good start

Or one of the sites which will interpret hijackthis log files

Good starting place

I think I have used http://www.spywareinfoforum.com before


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: GUEST,Ed
Date: 12 Nov 10 - 09:37 AM

According to this page running Hitman Pro would seem to solve the problem. It's a free download so might be worth a try.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: pavane
Date: 12 Nov 10 - 10:17 AM

That problem does seem similar to mine - thanks for the help


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: Amergin
Date: 12 Nov 10 - 09:53 PM

I had the same problem recently. No matter what browser I used, when I used a search engine and clicked on a link, I got hijacked. I would run adaware and avast repeatedly, and they always came up with something, but it still occurred....

What I did to stop it is I downloaded Microsoft Security Essentials (for free) and malwarebytes (for free). Then I booted into safe mode and ran both programs. I haven't had an issue since.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: pavane
Date: 13 Nov 10 - 04:03 AM

Thanks Amergin.
I have been reluctant to download anything so far, in case I pick up one of those fake virus "removers" that install even more spyware etc.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: pavane
Date: 16 Nov 10 - 04:25 AM

No, Malwarebytes didn't remove it, though it found a few other trojans (it says). So I still have the problem. It seems there may be more than one bit of malware which causes the same problem?


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked SOLVED
From: pavane
Date: 16 Nov 10 - 07:07 AM

Solved it - and it is a new one to me. The virus was in our wireless router, not on the PCs at all. We found advice online to reset the router to factory settings, and then apply an admin password instead of using the default.

All PCs on the network are now working fine - no sign of any redirects.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: GUEST,Ed
Date: 16 Nov 10 - 07:19 AM

The virus was in our wireless router

I'm sorry, but that's bollocks.

OK, it's not technically impossible, but it's implausible enough to be considered nonsense.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 16 Nov 10 - 07:22 AM

Google "virus in wireless router" ...

The world keeps changing...

:-)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: pavane
Date: 16 Nov 10 - 07:28 AM

Tell my why it cleared when we reset the router then! It was affecting several PCs, and none have the problem now.

It is implausible that it suddenly cleared from 2 laptops by itself when no virus sofware was run on them.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 16 Nov 10 - 07:30 AM

QUOTE

Jan 3rd 2008

A team of researchers at Indiana University have published a paper on how easily malware could spread through a densely populated area, with unprotected routers providing zero resistance, and WEP moderately more, while WPA proved generally unhackable. The spread of the malware was alarmingly similar to a biological virus, and while no such router "WiFi flu" has yet been developed by nefarious types, it's probably only a matter of time before something of its ilk takes a city by storm. In test attacks, after the initial infection phase, 10-55 percent of the routers were infected. We can do better, people. Oh, and to the guy upstairs: thanks for all the WiFi these years, those torrents will probably never be traced back to you, so don't worry.

UNQUOTE

It is now Novemeber 2010 ... :-)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: GUEST,Ed
Date: 16 Nov 10 - 07:31 AM

Google "viru"s in wireless router"

Did that before posting. Things change, but nonsense doesn't.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 16 Nov 10 - 08:35 AM

Well, Ed, you may think it is nonsense, BUT...

I just fixed the 100% cpu utilization and the large amount of traffic on the ADSL link. I did a factory modem reset and changed the default modem password, and now everything is cool - less than 10% cpu - minimal background ADSL traffic. Instant response to reactivating the screen saver.

Still a large amunt of traffic trying hammer its way in though....

Definitely something cleared out. Don't care if you are a 'believer' or not - I'm a pragmatist!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 16 Nov 10 - 08:39 AM

Oh - The default ip address for the LAN had been changed into the 192 range from the 10 rage too... which is why I could not talk to the modem anymore....


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: pavane
Date: 17 Nov 10 - 08:31 AM

Best guess from a techie is that the DNS lookup was being intercepted and redirected.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: pavane
Date: 17 Nov 10 - 08:32 AM

Yes - we saw that too. IP addresses going to 192.xx.xx.xxx instead of our usual 168.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: pavane
Date: 17 Nov 10 - 08:37 AM

See here


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 17 Nov 10 - 09:56 PM

So pavane, it looks like someone was building a botnet - taking into account just how much traffic I was seeing, (and the cpu rate - but there is so much MScrap running too that it is difficult to see anything - the botnet internal fragment must have been hidden somehow) it was running flat out. It hammered the firewall for quite some time after I reset the modem. The modem default password had been changed, or at least the modem ip address itself, which would have 'hidden' it.

I used a variety of 'free test versions' tools - one of which eventually found buried deep an anon nasty little bug .... wonder if it was the 'inside man' talking to the botnet ... interesting also how each one inserts its own crap and hides it which the others ferret out and destroy too ...

I think I only got it after that thingy here on MC I complained about that asked me to update flash version stuff for youtube.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: pavane
Date: 18 Nov 10 - 04:05 AM

So that Flash Update message is fake - I saw it too, but I reject anything like that.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: Simon G
Date: 18 Nov 10 - 02:01 PM

malware that runs on a computer on your local network and modifies the setting on your router has been around for 5 years or so, see DNSchanger

Always set the admin password on your router.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 18 Nov 10 - 11:29 PM

How To Protect Your Login Information From Firesheep (a wireless sniffer gadget)
http://techcrunch.com/2010/10/25/firesheep/?cnn=yes


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 18 Nov 10 - 11:33 PM

Oops - forgot this - the tech explanation of what Firesheep is

http://edition.cnn.com/2010/TECH/mobile/11/01/firesheep.wifi.security/index.html?iref=obnetwork


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 18 Nov 10 - 11:43 PM

Some relevant info too at
http://blogs.mcafee.com/consumer

Consumer: Wi-Fi Warning
http://blogs.mcafee.com/consumer/wi-fi-warning

Identity Theft: Botnets Lead to Identity Theft
http://blogs.mcafee.com/consumer/identity-theft/botnets-lead-to-identity-theft

Cyber Security Mum - Australia: Cyber(smart:) guide for families
http://blogs.mcafee.com/consumer/cyber-security-mum-australia/cybersmart-guide-for-families
Cybersmart Guide for Families. This guide is produced by the Australian Government body the Australian Communications and Media Authority (ACMA) and has some great common sense explanations about cyber threats

contact the Australian Communications and Media Authority or checking out their cyber(smart:) website at www.cybersmart.gov.au


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Google links hijacked
From: The Fooles Troupe
Date: 02 Dec 10 - 02:05 AM

Koobface
http://www.nytimes.com/2010/11/15/technology/15worm.html?_r=1&pagewanted=2&hpw


Post - Top - Home - Printer Friendly - Translate
  Share Thread:
More...

Reply to Thread
Subject:  Help
From:
Preview   Automatic Linebreaks   Make a link ("blue clicky")


Mudcat time: 16 August 4:21 PM EDT

[ Home ]

All original material is copyright © 1998 by the Mudcat Café Music Foundation, Inc. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.