Posted on 07/09/2011 9:03:47 PM PDT by raybbr
My wife's laptop is infected with some sort of redirect virus. I have tried Malwarebytes, ComboFix, F-Secure, Microsoft Security Essentials and nothing has worked.
It happens when I do a search in FF or IE using any search engine. The site returns results but if you click on any of the direct result links you get re-directed to a site that is mostly spam with further links.
There are plenty of thread on bleepingcomputer.com. I have tried everything I can think of. Any help will be appreciated.
raybbr
Running XP Pro on an older Lenovo laptop.
I would try to make sure all your browser add ons are deactivated. I then might just delete then reinstall your browsers.
Your hosts file (local DNS) is compromised. Google it from another PC.
Your hosts file (local DNS) is compromised. Google it from another PC.
Try the portable version of Super Anti-Spyware run from a flash drive. www.superantispyware.com
Google what?
Double post. Ungh.
I always give System Restore to a date before the occurrence a try.
Sorry. Google “host file hijack fix” or “host file redirect fix”.
This is what I had to download and run to fix my computer when I had a redirect virus: TDSS Rootkit
http://support.kaspersky.com/faq/?qid=208280684
then go to old timer tools and run Temp File Cleaner
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
There is a file with no extension at
C:\WINDOWS\system32\drivers\etc\Hosts
that can be opened and edited using Notepad. It can contain hardcoded paths based on domain names and partial url addesses, and instead direct anything to a specific IP address rather than looking up the IP address at a public DNS server.
I don’t know if DigitalVideo is right that this is your problem, but it won’t hurt to open the file and delete any lines from the bottom that do not begin with a # symbol.
I agree. You need TDSS Killer.
System restore will NOT work.
My wife had this on her computer, and TDSS Killer was the only thing that worked.
However, it *only* works if you run it from the desktop, for some reason.
Only one listing at “C:\WINDOWS\system32\drivers\etc\Hosts” and it doesn’t have # in front of it.
Go to tools,
then add ons,
Look for Yahoo toolbar and click options
on the left you will see some boxes with checkmarks
look for the ‘enable 404 assist’ If that box os checked, uncheck it.
I was having the same problem and this fixed it for me. I may have rebooted afterwards. But I stopped getting the redirect after I did this.
sound familiar?
Kind of like my advice. Eliminate all ad ons including extra tool bars.
Downloaded TDSS and put it on the desktop but it won’t run. Any ideas?
I like some of my add ons. I just didn’t like Yahoo taking over the search engine.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.