Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Redirect Virus

27 Feb 2011   #1

Windows 7 Professional 32 bit
Redirect Virus

I didnt know where else to post this, can anyone help me out with a redirect virus I just got, ever since ive been getting bsods that are more or less consistent with how heavy im using firefox, could it be making my system unstable, any help would be appreciated thanks!

My System SpecsSystem Spec
27 Feb 2011   #2

Win 7 Ultimate 32bit

when you say redirect virus,,, and firefox,, have you tried IE?

You may have to download an Antivirus app on a different PC move it using USB to that PC and install it.

If you can get Malwarebytes then start with that.

Then if you can get out to Eset On-Line Scanner
Run that
My System SpecsSystem Spec
28 Feb 2011   #3
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64

Welcome to SF! thompson13

There are some specific stand alone removal tools intended for the Google as well as Yahoo Redirect virus. One article posted last september has a list of several options including ESET and Malwarebytes referred to by Tepid you can look over at How to Remove the Google Redirect Virus

Another one however mentions that the free version of Malwarebytes fails to remove the root cause by not actually identiying the virus file itself. Google Redirect Virus Removal Tool - Is There One?
My System SpecsSystem Spec

28 Feb 2011   #4

Windows 7 Professional 32 bit

I ran the Eset online scanner, that found no threats and the malwarebytes said it found a "roottoolkit"? still having redirect problems.
My System SpecsSystem Spec
28 Feb 2011   #5
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Let's flush a bad DNS cache and restore MS's Hosts file.
Copy and paste these lines in Note pad.

@Echo on
attrib -h -s -r hosts
echo localhost>HOSTS
attrib +r +h +s hosts
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Right click to run as Administrator. Your computer will reboot itself.

Next, download GooredFix from one of the locations below and save it to your Desktop
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista and Windows7).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. **Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
My System SpecsSystem Spec
28 Feb 2011   #6
Night Hawk

W7 Ultimate x64/W10 Pro x64 dual boot main build-remote pc W10 Pro x64 Insider Preview/W7 Pro x64

Rootkits are no fun! Once you have the system cleaned up you may want to upgrade your av and malware protections since whatever you have on now allowed this to come through.

In the meantime follow Jacee's advice there since the GooredFix was also another removal tool to be considered.
My System SpecsSystem Spec
28 Feb 2011   #7

Windows 7 Professional 32 bit

ok so I did the flush, and ran gooredfix, the files attached. I have tried IE but the redirecting seems to be worse using IE, I find it weird that it only redirects sometimes without any real pattern.

Attached Files
File Type: txt GooredFix[01.41.18_01-03-2011].txt (1.5 KB, 27 views)
My System SpecsSystem Spec
28 Feb 2011   #8
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Uninstall Firefox, from Programs and Features.

Now download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work.
TFC will close ALL open programs including your browser!

Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Update Java!!
  • Download the latest version of Java Runtime Environment (JRE) 6.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6u24 allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u24-windows-i586-p.exe to install the newest version.
Next, download DDS from one of these links:

Mirror 1 Mirror 2 Mirror 3
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your new topic.
The scan will instruct you to post Attach.txt as an attachment.
My System SpecsSystem Spec
01 Mar 2011   #9

Windows 7 Professional 32 bit

thank you here are the files

Attached Files
File Type: zip (11.3 KB, 15 views)
My System SpecsSystem Spec
01 Mar 2011   #10
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not which appears to be an older version of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller. will be created and saved to the root directory (usually Local Disk C.
  • Copy and paste the contents of that file in your next reply.
My System SpecsSystem Spec

 Redirect Virus

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar help and support threads
Thread Forum
Believe I have a redirect virus. Need help/advice
Two days ago I noticed while going to to some websites like Stubhub that it would open the website, however, it would also open up another firefox window with a similar website that was not Stubhub, and the actual stubhub website would not work properly. I did some research and it seems to most...
System Security
Need help removing redirect virus
I'm experiencing random redirects when I either do a search or sometimes click a link. I'm being redirected to searches and sites that usually start with a similar web address of "". I have run MSE, Superantispyware, and Malwarebytes, yet all have been unsuccessful in resolving...
System Security
Possible Redirect Virus? Need Urgent Help
Hi, I am certain that I have picked up a redirect virus in Internet Explorer 9 RC. It is not specifically pertaining to Google, but everything! In fact, I can no longer navigate to either yahoo or Google. However, Firefox and Google Chrome as well as Opera are working fine, for now. I have Bit...
System Security
Redirect virus?
Hello :) A while ago I got a "antimalwaredoctor" virus, and I got Malwarebytes, and it fixed it. But now often times when I click on links it redirects me to different pages. Like fake search engines and things like that. It mostly happens in google, but it happens on other links too. Malwarebytes...
System Security
HELP!! Google redirect Virus
A few weeks ago I got a virus and my computer got fixed. Since then it seems that I have the Google redirect Virus but when I try to do the fix I found online I can't find the file. Furthermore when I downloaded a new software that would find the Google Redirect Virus and get rid of it it kept...
System Security
Redirect virus
Hi there, I keep getting redirected from google results to numerous shopping pages and things. AVG and Malwarebytes' Anti-Malware aren't bringing up anything. Here is my HijackThis log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:13:10, on 16/06/2010 Platform: Windows 7 ...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:01.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App