Anyone get hit with"click.livesearchnow" redirect?

tango29 · Mar 24, 2013

Not sure what my son got into this time, although he swears he wasn't on any funky sites. Either way Everytime I do a search in IE9 using any search engine What ever I click on in the results goes to a redirect site, and it will go to a different one each time you click a link.
I've used Malwarebytes and it picked up some stuff, but didn't put an end to it. I used Superantispyware and same thing, although it claimed to pick up 333 issues. 98% cookies that supposedly Norton missed and Malwarebytes. Right now I am trying Windows Defender offline, but on the quick scan it found nothing, so trying a full scan.
I put a new version of Firefox and I don't have the problem using it, but regardless I want to get rid of whatever is causing it in IE9.
The things I have done are what I found for suggestions on the net, or all ready new to do anyway. Any other thoughts?
Thanks

comintel · Mar 24, 2013

Check your dns settings on your connection and proxy settings in your browser.

Also you could upgrade to IE10 (early release but works fine).

nkhoi · Mar 24, 2013

How to prevent Browser Helper Objects from loading with Explorer.exe

BHOs, most of the time, are created for use with Internet Explorer, and Internet Explorer alone. They don't serve any real function when loaded with a regular explorer window, so it can be useful (for memory reasons and the like) to prevent them from loading with every explorer.exe instance. You really don't need them starting up every time you browse to a folder, or view your Control Panel.

Open Regedit (Start->Run REGEDIT) and browse to the following key:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Browser Helper Objects

You'll see some sub-keys in that particular key in GUID format. The number depends on the number of BHOs you have installed.

For each BHO that you don't want to load with explorer.exe select it's GUID and add a REG_DWORD item named NoExplorer with the value set to 1.

Have we been helpful? Link to us!

Copyright 2004-2008 TweaksForGeeks.com, All rights reserved

note: you add REG_DWORD by right click on space below BHO , new>>DWORD value then double click on its name to change its name to NoExplorer and its value to 1.

tango29 · Mar 24, 2013

Waiting for Win Defender Offline full scan to finish. Into the 3rd hour now, cripes.
Do you think just upgrading to IE10 would get rid of the redirect? Or wouldn't it be passed to the upgrade?
I'm looking at my Win 8 Computer registry now while I wait and I see 4 BHO's. One of them in line 1 under data says URLredirectionBHO. The second line has Noexplorer...reg_Dword....0x000000001 (1)
I have no issues with IE 10 on this computer, so I am assuming that is a normal entry and not a problem BHO.
I also don't do many searches on this computer, only for a finance site on occasion.
Thanks for the help, I am hoping this works.
I may try a system restore next. Otherwise I stick with Firefox from now on.

tango29 · Mar 24, 2013

Hmm just checked my other Win 7 and there is no redirectionbho entry. Now I am wondering if there is something on this one.

tango29 · Mar 24, 2013

Ok, scan over. There is a URLRedirectionBHO, but it has NoExplorer type reg_Dword and 0x00000001 (1).
So if I get what you posted it should be blocked.

iagainsti · Mar 25, 2013

Just had this...roguekiller then quick scans with superantispyware and mbam got rid of it...not sure which of the three got rid of it but no more problems....

newwurldmn · Mar 26, 2013

I got it this weekend as well. Mbam solved it for me.

Two files in $recyclebin

comintel · Mar 26, 2013

Quote from tango29:

....
Do you think just upgrading to IE10 would get rid of the redirect? Or wouldn't it be passed to the upgrade?
......

Not sure but it might at least offer to remove them.

It keeps asking me if it can remove add-ons (ones that I want, so in my case it is very annoying).

"Internet Explorer 10 is designed to provide an add-on free experience."

tango29 · Mar 26, 2013

Holy crap! Wasted an entire night and 3/4ths of the next day. I had used SuperAntispyware, Malwarebytes, and what seemed to nail it was Norton Power Eraser. I had a message on start up about something DLL BrandIE4 signup, so ran Super, and Malware again, and Malwares Rootkit detector, and now I am booting clean and seem to be ok.
Any idea where you guys picked it up? In talking with the family the last person on was the wife, and she was trying to find an answer to something, and thinks she clicked on an answer at ehow.com. After that is when the redirects started as far as I can tell.
MF's who do this and identity theft can hang in the town square and let people do what they want as they walk by these turds.

And thank you for the help!