I didnt know where else to post this, can anyone help me out with a redirect virus I just got, ever since ive been getting bsods that are more or less consistent with how heavy im using firefox, could it be making my system unstable, any help would be appreciated thanks!
when you say redirect virus,,, and firefox,, have you tried IE?
You may have to download an Antivirus app on a different PC move it using USB to that PC and install it.
If you can get Malwarebytes then start with that.
Then if you can get out to Eset On-Line Scanner
Run that
Welcome to SF! thompson13
There are some specific stand alone removal tools intended for the Google as well as Yahoo Redirect virus. One article posted last september has a list of several options including ESET and Malwarebytes referred to by Tepid you can look over at How to Remove the Google Redirect Virus
Another one however mentions that the free version of Malwarebytes fails to remove the root cause by not actually identiying the virus file itself. Google Redirect Virus Removal Tool - Is There One?
I ran the Eset online scanner, that found no threats and the malwarebytes said it found a "roottoolkit"? still having redirect problems.
Let's flush a bad DNS cache and restore MS's Hosts file.
Copy and paste these lines in Note pad.
@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0
Save as flush.bat to your desktop. Right click to run as Administrator. Your computer will reboot itself.
Next, download GooredFix from one of the locations below and save it to your Desktop
http://jpshortstuff.247fixes.com/GooredFix.exe
http://downloads.securitycadets.com/GooredFix.exe
- Ensure all Firefox windows are closed.
- To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista and Windows7).
- When prompted to run the scan, click Yes.
- GooredFix will check for infections, and then a log will appear. **Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
Rootkits are no fun! Once you have the system cleaned up you may want to upgrade your av and malware protections since whatever you have on now allowed this to come through.
In the meantime follow Jacee's advice there since the GooredFix was also another removal tool to be considered.
ok so I did the flush, and ran gooredfix, the files attached. I have tried IE but the redirecting seems to be worse using IE, I find it weird that it only redirects sometimes without any real pattern.
Uninstall Firefox, from Programs and Features.
Now download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work.
TFC will close ALL open programs including your browser!
Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Update Java!!
- Download the latest version of Java Runtime Environment (JRE) 6.
- Scroll down to where it says "Java Runtime Environment (JRE) 6u24 allows end-users to run Java applications".
- Click the "Download" button to the right.
- Check the box that says: "Accept License Agreement".
- The page will refresh.
- Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u24-windows-i586-p.exe to install the newest version.
Next, download DDS from one of these links:
Mirror 1 Mirror 2 Mirror 3
Include the contents of both logs in your new topic.
- Disable any script blocking protection
- Double click the dds icon to run the tool.
- When done, DDS will open two (2) logs:
- DDS.txt
- Attach.txt <--will be minimized in the task tray
- Save both reports to your desktop.
The scan will instruct you to post Attach.txt as an attachment.
thank you here are the files
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
- Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.- If TDSSKiller does not run, try renaming it.
- To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
- Click the Start Scan button.
- Do not use the computer during the scan
- If the scan completes with nothing found, click Close to exit.
- If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
- Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
- A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
- Copy and paste the contents of that file in your next reply.
Quote