Here’s a Browser Hijacking Scenario:
Employee workstations are secured with brand-name, up–to-date antivirus (AV). The browser was hijacked by MapsGalaxy. This program is capable of modifying your browser homepages to its own.
It was unknowingly installed through product bundling with a third party application. Unfortunately, once installed it also added the MapsGalaxy toolbar, changed the browser homepage and set the default search engine to Ask.com. The MapsGalaxy Toolbar is not a virus, per-se, but it does display plenty of malicious behaviors. It can act as a rootkit with capabilities to sneak deep into the operating system, hijack your browser, and also ultimately interfere with the user experience.
Mitigate: Uninstall the toolbar (quite persistent and sticky); clean up the workstations; run a deep scan.