TechSpot

Have redirect virus, have followed 8 steps but still having problems

By fencergirl
Jun 25, 2009
  1. So I seem to have a virus which redirects to advertising websites when I click on a link from internet searches. I suspect I may have other viruses too, or this virus has corrupted other stuff because my defragmenter (which is supposed to run when the computer goes into screensaver mode) gives an error message every time it tries to start. My computer screen has also mysteriously turned completely black a couple times, which I was only able to rectify by restarting the computer.
    After following the 8 steps, at first it stopped redirecting but now it is back to doing it again.

    I am most definitely not a techie person... I really appreciate any help you can give me.
     
  2. ChrisDown

    ChrisDown TS Rookie Posts: 125

    Hi there. :)

    Okay, I see some stuff. Go into HijackThis, scan, tick the following and click 'fix':

    Code:
    O1 - Hosts: 82.98.235.133 browser-security.microsoft.com
    O1 - Hosts: 82.98.235.133 url.adtrgt.com
    O1 - Hosts: 82.98.235.133 best-click-scanner.info
    O1 - Hosts: 82.98.235.133 antivirus-xp-pro-2009.com
    O1 - Hosts: 82.98.235.133 microsoft.infosecuritycenter.com
    O1 - Hosts: 82.98.235.133 microsoft.softwaresecurityhelp.com
    O1 - Hosts: 82.98.235.133 onlinenotifyq.net
    O1 - Hosts: 82.98.235.133 antivirusxp-pro-2009.com
    O1 - Hosts: 82.98.235.133 microsoft.browser-security-center.com
    This is an attempt to get you to visit the website of a rogue antivirus program, and various other places, which also probably go there. I get no ping response from 82.98.235.133, but either way, these should be removed. As far as I can see, your HJT log is clean aside from this, and the others appear to have removed the offending malware.

    If you perform the actions specified in HJT and restart, what happens? Does it stop redirecting?
     
  3. touch

    touch TS Rookie Posts: 978

    fengergirl - Do what ChrisDown suggest
     
  4. fencergirl

    fencergirl TS Rookie Topic Starter

    Hey sorry I didn't see your message ChrisDown. I started Combofix before I went to bed.

    I did another HijackThis scan, but it seems that Combofix might have fixed the problems because none of the O1 items are listed anymore..?
    And I don't seem to be having the redirect problem anymore.
    I'll attach the combofix log just in case.

    Thanks so much, both of you! :)
     
  5. ChrisDown

    ChrisDown TS Rookie Posts: 125

    HostsXpert will have fixed it, I see you have that on your PC (as touch recommended) from the ComboFix log.

    That log looks clean to me. :)
     
  6. fencergirl

    fencergirl TS Rookie Topic Starter

    Oh right-o, that makes sense :)

    Thanks again! <3
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.