I'm running Vista.
My google seraches keep getting redirected to places like localpages.com and mevio.com and ocassionally, a random window will just pop up.
I have followed countless instructions and nothing seems to be getting rid of this thing.
I've done a system restore as far back as I can.
I have the latest version of HIjack this - I saw something called wormradar.com and removed it.
I have AVG 2011.
I downloaded the latest Norton
I have the lastest Malwarebtyes
I've tried Avira.
I've tried spybot search and destroy -found a few things, but upon removal, prolem still persists.
I tried something called stopzilla, that detected threats the other programs missed and that just makes me suspicious of it.
I just now ran ESET online and it didn't find anything.
I've done all this in safe mode as well.This is driving me crazy. This is nasty one, please help.
Have you looked at your Host file for problems? And your Proxy settings?
Remove Stopzilla its not very good.
Host file is clear. only 127.0.0.1 and ::1 localhost ( which I had to look up and seems to be okay) I've had my proxy on manual and on no proxy and it doesn't seem to matter.
Stopzilla is not very good, agreed, but I've tried just about everything else.
Cool, download and run Rkill use version iExplore.exe from this link:
http://www.bleepingcomputer.com/for...
Then download and run TDSSkiller from this link:
http://support.kaspersky.com/viruse...
Then download Malwarebytes from this link:
http://www.malwarebytes.org/
Then download and run HitmanPro3.5 from this link:
http://download.cnet.com/Hitman-Pro...You said you have AVG 2011, have you removed Norton and Avira?
I forgot that I have rkill, too. Whenever I run it I get a BSOD that says I think pfn-list corrupt.
I also have already run Malwarebytes.I ran AVG and Malware first and when that didn't catch anything I ran Norton and Avira.
I will try rkill again. Download the other software you suggested and uninstall norton and avira.
Hitpro is finding a lot. The way these is shaping up it may have been dormant on machine for a long time because everything listed as a rootkit are really old programs. Nothing new is triggering. Hitpro has finished, but It looks like I have to buy it in order for it to clean my machine.
HitmanPro3.5 should be free for a 30 day trial, so unless you have used it already it will be free for the trial period.
Is the Rkill version you have an old one? Try downloading a new one from the Rkill link in post #3.
The BSOD pfn-list corrupt error can be caused by memory corruption, or is a problem with a misbehaving Driver. This can be checked using the Driver Verifier tool.
Here is a link to read through and it might just help.
http://www.techrepublic.com/blog/wi...
Thank you. I found the trial activation under the license tab. TDSS found one and Hitman found 44. I'm going to restart my computer and run both again and try to surf.
Thank you very much for all of your help!
Cool sounds like were getting somewhere.
Actually I've been browsing and searching for 45 minutes and no issues so far. I think you may have fixed me :) No random pop ups yet and I redid my previous searches and was not redirected to any bizarre site. Thank you so much!
Your most welcome, glad your pc running better :-)
Heres a safe browsing tool I recommend you install, here's the How To I did for it.
http://www.computing.net/howtos/sho...
Thanks from me too Mr. G; same issues, and your solutions worked like a charm. Much appreciated.
THANK YOU from me as well!!!
You can try this method: http://www.spywarehelpcenter.com/th... It works for some, not for others. Requires checking the hosts file and making any changes. You must have admin privileges to edit the hosts file.
Visit my website www.spywarehelpcenter.com for more virus and spyware help.
So I have the same EXACT "symptoms" as the other posts on here and I have tried every single thing listed. None of it works! RKill finds nothing. Malwarebyte finds nothing. AVG nothing. TDSS Killer nothing. Hitman Pro Nothing. I can't do a system restore because there is no restore date... and do I have the CD nope course not. I have no idea what I can do!!! Help please!
Also I'm to the point of deleting everything on my computer. So I have no worries about deleting anything... it's mostly all backed up.
lasarahann, We can use Anti-Malware scanners over and over, but the infection will return if its source is the Master Boot Record. It loads the infection will load as soon as you boot into Windows!
For this reason, please download aswMBR:
http://public.avast.com/~gmerek/asw...
Save it to the Desktop.XP users - Double-click aswMBR.exe to start the tool.
Vista/Windows 7 users - Right-click and select: Run as AdministratorClick Scan
Upon completion of the scan, click ‘Save log’ and save it to the Desktop,
Note - Do NOT attempt any fix anything!!.Please post the log produced by aswMBR in your next reply.
However, instead of doing so in this topic, which belongs to somebody else, start your own topic and post the info there. If you title the topic: "Redirections - continuation, for aaflac44", I will be glad to help you in your own topic.
Also, you will notice that another file is created on the Desktop. It is named MBR.dat.If you have a USB flash drive, please move the mbr.dat file to it.
If not, move the mbr.dat from the Desktop, to the C:\ drive.This is important, just in case we need to have access to the MBR information!!
~~~~
Retired - Doin' Dis, Dat, and slapping malware.
After having previously manually removed a malware infection picked up from a website, I noticed the Firefox search redirect nuisance. I opened up services (Control Panel -> Administrative Tools -> Services) and disabled "DNS Client" and so far the problem seems to be gone.
OK, Like so may neophytes here I am searching for a way to get this THING off of my precious computer! I have done everything posted up to this point to no avail, and am very frustrated. I will now check to see of there has been any change to my Google stuff,(technical term "stuff" :] )
Nope, still getting that d**n re-direct crap and Thankfully I am getting the WOT warning "this site has a poor reputation. No surprise there, however I just want the re-direct stuff to STOP!
Hello, there!! It is in everyone's best interest to post and start your own topic, and get individual help.
Each system is different, and it can get very confusing to help more than one person at a time. What applies to one system may not apply to another.
Please start your own topic!
Thanks
~~~~
Retired - Doin' Dis, Dat, and slapping malware.
I have tried every tool I could think of - Malware Bytes, Hitman Pro, Spybot, Norton removal tool, Kaspersky TDSSKiller - none of them could find the problem. I did notice that only Firefox was affected, IE was still working fine on google searches. If your problem is similar, try doing what I did. Save your Firefox passwords, then completely uninstall Firefox and when propmted, remove all personal settings. Then download and install the latest version of Firefox (6.0). That was all it took for me to get it fixed. Hope this helps some people here.
I tried Malware Bytes, Kaspersky, Hitman Pro, Norton - none found my virus. I did notice that IE was not infected with google redirect, only Firefox was. So just in case, I completely uninstalled Firefox, then downloaded and installed Firefox 6.0, and that fixed my problem (at least for now). If your problem is similar, try this solution (don't forget to save your passwords somewhere before you uninstall, and during uninstall pick the option to remove all personal settings).
I wish I had read this ealier, sorry, I am a new member, It may have worked for me. I have had this same problem and have been unable to find anyone out there to help with it, I keep getting redirected to strange sites completely un-related to what I am browsing for. I think in my case it had something to do with a tool bar called IObit. I am now in the process of deleting everything and putting my computer back to its original factory settings. I hope this works!!
There are a lot of good antivirus programs, I personally prefer nod32.
small investment opportunities
Will some one get rid of this Spam! Stuart