Apparently I've been attacked by a nasty virus/spyware/adware/malware/rootkit/cookie/what-cha-ma-call-it/piss-me-off-like-crazy. As far as I can tell it's something that had/has hijacked my access to google.
When I type in "google.ca" (same as regular google but because I'm in Canada it automatically uses .ca) it comes up with what looks like the "real" google search page. It is NOT though.
What comes up is very similar to a google search page, search box, logo and all. When I would type in a search, say "hats" and click "search" it would bring me to a page that also looked like the google search results page except it was in a mix of English and a foreign language (backwards letters and foreign words). Also the google logo in the side bar (see picture, it's in the upper left) was weird.
See image below, you can click on it to enlarge - It had a blue defect in the "Google" image, right above the blue lowercase "g" as if the image had been clipped out. Possibly somewhere where there had been two google images/words one above the other. It looks as if the lowercase blue "g" of the word/image "google" above the other was still in the image. Hard to explain but it was definitely NOT correct authentic Google.
After receiving the weird results (see example above, click image to enlarge) I re-typed in "google.ca" and up came the google search page including the normal search box and options. I decided I would take a closer look at it. Below the search box section there was a copyright date but it was not current. The copyright year was 2009 and I highly doubted that google would have an old copyright date on their main page (turns out I am right). That was clue #2 that I was hacked.
Clue #3 was that when I clicked on "advanced search" I automatically got redirected back to the same google search page. I decided to try the other links on the page and sure enough they did the same.
Clue #4 - I decided I needed to find out what I was dealing with so I used an alternate search engine (ask.com) to search for info on the problem I was having. I sifted through the results and every page that came from "google" automatically redirected me to the "fake" google search page. I couldn't get access even to the google help forums because they are all similar to something like this - "http://www.google.com/help" and because it has the "www.google.com" part it automatically redirected me back to the "fake" google search page.
Clue #5 - In the search box as I typed the automatic search suggestions feature was not on. Regular google has a GREAT feature I use quite regularly that automatically gives you search suggestions and helps sometimes when I do not know the correct spelling of a word/place.
The situation was so VERY frustrating! Round and round I went.
Solution - Who knows......
I have not completely found out the solution. Apparently it is back to normal now. I am able to view what I believe to be the correct google with out any problems. I am also (well, as you can tell) able to access blogger (if you don't know, it is a google operated site).
I used AVG Free first (which I do like and have used for years). If found nothing when I ran the virus scan and the "rootkit scan".
I then decided that maybe it was a potential compatibility problem between Internet Explorer 8 and the newer version of IE 9 because I had been instructed to upgrade recently but had not yet done so. I upgraded it and still....same problem.
(**To note - I HATE the new version. They made some silly changes to where the tabs are and it's actually quite difficult to use....boo IE9! I may try and go back to the previous version**)
Next I thought it might be an issue with Internet Explorer (maybe a hack on IE rather than my computer). I decided to download and see what would happen with Mozilla Fire Fox. I really like Mozilla Fire Fox but had decided to stick it out and try using IE8 because it was what came on my computer when I got it. After downloading it I tried "google.ca".....same problem!
After doing some research (without the help of any "google" related sites ie. google help forums) I ended up downloading 4 programs/scanners to try and "find" the "THING".
I downloaded a free program from Kaspersky. Ran it, and it found nothing. (seems like a decent "freebie" though but I do not know where I found the actual link to the download because I've deleted all my history etc).
Next I downloaded and tried "spybot" a program my Dad had recommended a while ago. I had it on my old computer and I have absolutely no idea if it worked. It is considered "shareware" and is kind of hard to work/understand. I ran it and tweaked the scan settings to be like a "fine toothed comb"......still nothing!
I downloaded a third scanner (can't remember the name, possibly HitMan Pro)...still found nothing.
I then downloaded a free program from Microsoft. Don't know how I came across it (I think it was in my computer setting). It took quite a while for it to download, install and then update to the most recent databases. I ran the program but by this time I was so tired I could barely see. I went to bed letting the program run.....
....In the "morning" I checked to see what the result was. 12 hours later it was still running with ZERO problems found. About 45 minutes later up came an error message that the program could not finish scanning and that I should update the database to the most recent one available. PURE FRUSTRATION at this point. I had thought this one would be a thorough scan and that it would work smoothly. WRONG....well, to a point. I updated the database and ran it again. This time it went faster (possibly because my computer was on and not in sleep mode) BUT....NOTHING FOUND!
Finally I decided to call my Dad. I had been pulling my hair out and had tossed and turned all night with this.
My Dad recommended another program called "MalwareBytes". I downloaded it, updated the database and ran it. Can you guess what happened?
NOTHING! It found absolutely NOTHING!
By this point I was so stressed and pissed right off. After MANY hours of downloads, scans, computer restarts, tweaks to my settings, clear-outs of cookies and cache....STILL NOTHING! What on earth was on my computer!? I finally said "F-it!" and got dressed (yes, it was way past noon by the time I got dressed for the day but I was totally consumed with fixing my computer). We headed outside for some fresh air and a much needed break.
After coming inside (it was after dark) I decided to check to see if google was still weird. I opened an Internet Explorer browser window and typed in "google.ca". Can you guess what happened now?
?
?
?
?
It worked!
Can you believe it?
For some reason it has worked now for quite a few searches. I've typed it in at the very least 10 times now and it has come up correct every time and has given me the typical google style search and results with the correct logos etc. The copyright date is 2011 (which one would expect from a big company like Google) and all the links work. I also have complete access to Blogger again. The only hiccup is that some of my sites I normally visit (like blogger) are having difficulties with the fact that my security settings are higher and are not allowing cookies etc to be "planted into my computer" without my knowledge or consent.
I have NO idea what happened, if it is fixed, if it is hiding or what.
One of the most frustrating parts of this was that I had absolutely ZERO access to contact Google or access to their help pages/forums. I could not contact them to ask for help and I could not get to the info provided by others and their google techs on their forums to figure this out. In the past I have had problems with the Google ran "Picasa Web Albums" and found their forums to be extremely helpful/useful. I was able to see that others had had the same problem I had and the issue was resolved fairly easily (I mean in comparison to this "THING").
Oh, by the way, do you know how many cookies your computer gets each day and how much of your info gets sent out? It's kind of creepy how many cookies our everyday sites "plant" into our computers. Sites like Facebook, Blogger, Google, Youtube....seemingly everyday sites we all use....kind of scary.
I'll definitely update this "Google Saga" as things progress (hopefully for the good). I now have to run two more scans....it's late and I can only hope they will run thoroughly but quickly so I can go to beddy-by! I'm also (while it's working) will be searching the google help forums and might contact a google tech to find out what I might have had or still have and what the solution should be etc. Wish me luck!
Definitely more to come.....pictures too! It's been a beautiful spring here and we really have been enjoying the weather!
Hope you are well!
~M~
Added - Now that I have access to "real" google, I've found this link on Redirect issues in their help forum - CLICK HERE.
Also from the help forum -
Malware Removal Forums
www.bleepingcomputer.com/
www.dslreports.com/forum/
www.geekstogo.com/forum/
http://gladiator-antivirus.
www.lavasoftsupport.com/index.
http://www.malwarebytes.org/
http://forums.spybot.info/ >>>>> (Spybot Search & Destroy)
www.spywareinfoforum.com/
www.techsupportforum.com/
http://forums.majorgeeks.com/
And here is another site to regarding "Badware" - Stop Badware
Ugh, I could go on and on....there are so many products, links, sites, forums, instructions....ugh. I am so confuse and frankly pissed off. I hate this. I sure hope that this problem does not come back but I am not at all convinced I have solved this issue.
