Weird Google Searches!
Weird Google Searches! A member asked…
All of the sudden every computer, iPad and smartphone in the house is acting strangely. When we do a Google search, Google sends us to Google Australia (we are in the USA), and dodgy-looking websites appear in the search results! Can you tell me what’s going on and how to fix it?
It sounds like your home network’s router has been hacked by some nefarious netizens. What they likely did is accessed your router and changed the settings so that your computers are looking at fake Domain Name Servers (DNS) – which are servers on the internet that translate a website address like https://positek.net into the Internet Protocol (IP) address, like 67.222.42.55 (which happens to be our own IP address). If your problem is only on one computer, skip on down to the browser hijacking section.
So how do you fix this? One obvious choice is to just replace your router. But there is another answer, and along with that I have a recommendation for preventing this from happening in the future.
So your router has a reset button somewhere on it, and you can press (and usually hold) that to reset the router back to the way it was when you first got it. Pretty simple huh? But the location of the button is dependent on the brand and model of router you have, sometimes it’s recessed and needs to be pressed with a pin or paperclip. Sometimes you have to unplug the router, press and hold the button, apply electrical power and then release the button in order to get it to reset.
If you’re not sure which method to use, try various combinations to get it to reset itself. After you’ve done that, restart any computer in the house that connects to the router (wireless or wired), and then you should be back to normal. If not, then it’s possible the hackers replaced the ‘firmware’ that controls the router, which makes it pretty much useless for any but the tech-iest types to deal with. In that case, go back to square 1 and replace the router.
If it does work, or you replace the router, the first thing you need to do is access the router’s control panel and change the administrative account password. Not doing so invites a return visit and future hacking, possibly repeating the same problem you’ve been having. In order to change the password, you need to log into the router from any connected computer. Here’s some general instructions, although your exact procedure will vary by the brand and model of your router.
- From a web browser, type in the IP address of the router. This is usually something like 192.168.1.1 or 192.168.0.1, or //www.routerlogin.net or //www.routerlogin.com. If you got a new router, it’ll have come with a setup instruction sheet or placard. That little document is important! It tells you how to setup the router, lists the URL address, and lists the administrative account and password, which are the defaults the router came with. This is all publicly available information, so it’s easy for anyone to hack into.
- The administrative account username could be ‘admin’, ‘administrator’, or something else – or left blank.
- The default password could be nothing, ‘1234’, ‘admin’, or ‘password’.
- Once you are looking at the control panel of the router, change the administrative account password to something other than the default password. It should be not easily guessable and not a plain English word. Don’t use simple passwords like 1111, abcdefg, asdfg, qwerty, your dog’s name, etc. I’d suggest something that you can remember – try this:
- Make up a sentence that you can remember, then use the first letter of each word to make the password. Use at least one capital letter, and a number or other type-able key. For example, “I hate Passwords so much that I have to scream!” becomes “Ih8PsmtIhts!”. Please don’t use this example, make up your own!
- If your router includes wireless networking, next up is to change the SSID – that’s the name of the wireless network. It comes from the manufacturer set to some default, so change it to something else. For example, you could call it “MyHomeWLAN”. Don’t use something that your neighbors could easily know that it’s yours, so don’t include your name.
- Finally, change the wireless encryption passcode – doable only if your router includes wireless capability. Again, where this is located is dependent on the brand and model of router you own.
Feel free to use the comments area to tell me what brand and model number of router you have, and I can give you a picture of where the reset button is, and more specifically how to access the control panel.
Browser Hijacking
If nothing above helps, your web browser(s) may have been hijacked. You may have to check out the web browser on each computer. The fastest and easiest way to find and fix those problems is two-fold. First you’ll scan and remove any malware from the computer using Malwarebytes’ Anti-Malware tool (see how to use that here). Second, you’ll want to reset your web browser. That varies by which browser you’re using, but all of them start with the control icon in the top-right corner, and it either looks like a gear, or a ‘hamburger’ (3 horizontal lines):
- If you use Microsoft Internet Explorer, click the gear icon and Click Internet Options. Then click the Advanced tab on the window that pops up and click the Reset button.
- If you use Google Chrome, click the ‘hamburger’ icon and click Settings, and on the window that opens click the link at the bottom saying ‘Show advanced settings’ then scroll to the bottom and click the ‘Reset Settings’ link.
- If you use Mozilla Firefox, click its ‘hamburger’ icon and click the question mark for help, then click ‘Troubleshooting Information’ from the list that pops up. Then on the window that opens, click the ‘Reset Firefox’ button.
- Safari is simplest, just click the gear icon and click the option ‘Reset Safari’ from the list of settings and options.
If all the above doesn’t solve the wacky window activity, then leave me a comment and tell me what you’re experiencing and I can propose another solution.
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!