also @ TechSpot: Windows 8 Release Preview leaked, Microsoft may raise OEM prices

TechSpot

Have redirect virus, have followed 8 steps but still having problems

Discussion in 'Virus and Malware Removal' started by fencergirl, Jun 25, 2009.

Thread Status:
Not open for further replies.

  1. fencergirl Newcomer, in training

    So I seem to have a virus which redirects to advertising websites when I click on a link from internet searches. I suspect I may have other viruses too, or this virus has corrupted other stuff because my defragmenter (which is supposed to run when the computer goes into screensaver mode) gives an error message every time it tries to start. My computer screen has also mysteriously turned completely black a couple times, which I was only able to rectify by restarting the computer.
    After following the 8 steps, at first it stopped redirecting but now it is back to doing it again.

    I am most definitely not a techie person... I really appreciate any help you can give me.
    fencergirl, Jun 25, 2009
    #1

  2. ChrisDown Newcomer, in training

    Hi there. :)

    Okay, I see some stuff. Go into HijackThis, scan, tick the following and click 'fix':

    Code:
    O1 - Hosts: 82.98.235.133 browser-security.microsoft.com
O1 - Hosts: 82.98.235.133 url.adtrgt.com
O1 - Hosts: 82.98.235.133 best-click-scanner.info
O1 - Hosts: 82.98.235.133 antivirus-xp-pro-2009.com
O1 - Hosts: 82.98.235.133 microsoft.infosecuritycenter.com
O1 - Hosts: 82.98.235.133 microsoft.softwaresecurityhelp.com
O1 - Hosts: 82.98.235.133 onlinenotifyq.net
O1 - Hosts: 82.98.235.133 antivirusxp-pro-2009.com
O1 - Hosts: 82.98.235.133 microsoft.browser-security-center.com
    This is an attempt to get you to visit the website of a rogue antivirus program, and various other places, which also probably go there. I get no ping response from 82.98.235.133, but either way, these should be removed. As far as I can see, your HJT log is clean aside from this, and the others appear to have removed the offending malware.

    If you perform the actions specified in HJT and restart, what happens? Does it stop redirecting?
    ChrisDown, Jun 25, 2009
    #2

  3. touch Newcomer, in training

    fengergirl - Do what ChrisDown suggest
    touch, Jun 26, 2009
    #3

  4. fencergirl Newcomer, in training

    Hey sorry I didn't see your message ChrisDown. I started Combofix before I went to bed.

    I did another HijackThis scan, but it seems that Combofix might have fixed the problems because none of the O1 items are listed anymore..?
    And I don't seem to be having the redirect problem anymore.
    I'll attach the combofix log just in case.

    Thanks so much, both of you! :)
    fencergirl, Jun 26, 2009
    #4

  5. ChrisDown Newcomer, in training

    HostsXpert will have fixed it, I see you have that on your PC (as touch recommended) from the ComboFix log.

    That log looks clean to me. :)
    ChrisDown, Jun 26, 2009
    #5

  6. fencergirl Newcomer, in training

    Oh right-o, that makes sense :)

    Thanks again! <3
    fencergirl, Jun 26, 2009
    #6
Thread Status:
Not open for further replies.