my computer keeps on redirecting me

April 21, 2011 at 12:01:29
Specs: Windows XP
my computer keeps on redirecting me

See More: my computer keeps on redirecting me

Report •

April 21, 2011 at 14:08:42
You can try this method, which sometimes works:

You can also run a virus scan to completely remove it. If you edit the hosts file, you must then run a virus scan to completely get rid of it.

Visit my website for more virus and spyware help.

Report •

April 21, 2011 at 16:47:29
Use another computer if you have to and download this tool

Report •

April 21, 2011 at 21:11:03
There is a family of rootkits for the Windows operating system that causes redirections and has become a common problem. It is known as TDSS, but also has other names.

A rootkit is a program that attempts to hide itself and other files so that they cannot be seen. It can take over your machine and is very difficult to remove.

There is not enough information in your post for us to confirm the existence of a rootkit, however, if you do what follows we can get an idea if this is what we are dealing with.

Please download GMER:

If you cannot download the file, TDSS may be blocking the attempt. You need to download it to a clean computer and then transfer it to the infected one using an external drive or USB flash drive.

Save the file to the Desktop.

Double-click on gmer.exe

If a Windows security warning appears asking if you would like to run the program, click on the Run button to allow GMER to start.

You may get a warning about rootkit activity and GMER may ask if you want to run a full scan. If this happens, please click on the NO button.

Now, configure GMER.
Please uncheck the following settings:

Drives/Partition other than System drive (normally C:\)
Show All

Next, click on Scan (may take a while).
When GMER finishes you will be back at its main screen.

Click on the Copy button (lower right), then right-click on your Desktop, and select: New > Text document.

Once the file is created, open it, right-click again, and select: Paste.

Please post the GMER report in your next reply for us to see what is going on.


Note: Please, do not take action on any of the information on this report!!

Report •

Related Solutions

May 1, 2011 at 11:08:04
Hi aaflac! I have the SAME problem. My labtop will not let me run rkill (It says the program was ended by another sender or user or something of that nature, but thinks to AVG and AVAST I can start Malware, which continues to find and remove the infections, as well as avast everyday I scan. BUT "rootkits" is what keeps showing up in the AVAST results and is the ONE ITEM I can't remove or delete, or repair. I KNOW this has to be why all the infections keep coming and I keep getting re-directed. If you can please give me any tips after this point that would be great.

Background: My labtop had a huge virus and I wasn't able to open any program (It said which program would you like to open with whenever I tried to open ANYTHING). I got past that.

THEN, I wasn't able to go online though all connections where checked and fine, including proxy; before I got past that I then was not able to SEE ANYTHING and ALL my files were GONE: DESKTOP, DOCUMENTS, TASKBARS, ECT!!! I finally went to "Show files" and now I can see files in documents "though they any files before this are now a faded, litter color tint as well as any icons, and the start files still are missing, WHILE the NEW files I add on from a clean computer or download now after I clicked show files (I somehow got the internet back, I will explain this ahead) are of Normal color on the icons, and files. And again the start files are still gone, except the new files I added.

As of now I think running AVG, AVAST, and MALBYTES everyday helped because I can go online again, but I get re-directed EVERYWHERE. I can't even go to Wikipedia on the Beatles, without getting re-directed to a yellow pages. I can MAYBE get to a normal site but 96% of the time it will re-direct me. Thanks for listening and I am desperate to rid this "rootkits" virus

Please guys ANY TIPS would be great. I also have stopzilla on my home computer for spyware, so I'll add that today to try to help as well.

Report •

May 1, 2011 at 11:11:47
I forgot to add I had ALL 3 - windows restore virus, system tools virus, and xp security virus ALL at the same time during the time I couldn't access ANY program so I had to go to safe-mode quite a bit; until it was apparent the virus got to there too. Luckily I somehow got by and am now seemingly just in the re-directing virus

Report •

May 1, 2011 at 14:16:22

Try he following:

But first, your Anti-virus and Anti-malware programs may prevent the tools we need to use from fixing the infected system. Please disable (only temporarily) any Anti-virus and Anti-malware programs you have running: right click the program's Taskbar icon, or access each program through Start - Programs to disable.

Next, download TDSSKiller from the following link:
Save it to the Desktop.

If you cannot download the file, the malware may be blocking the attempt. You need to download the file to a clean computer and then transfer it to the infected one using a USB flash drive, or external media (an external drive or a CD) .

Once the file is on the Desktop, right-click on the TDSSKiller.exe icon and select: Rename.
Name it a random name with a .com extension. For example:

Now, double-click on the renamed file to launch it. If you receive a warning from Publisher: Kaspersky Lab asking if you want to run the file, click on the Run button to allow TDSSKiller to run.

When TDSSKiller starts, it displays the welcome screen.
Click on the Start Scan button.

When the scan finishes it displays a results screen stating whether or not the infection was found on your computer.

To remove the infection, click on the Continue button. If it does not say Cure on the results screen, leave it at the default action of Skip, and press the Continue button. Do not change to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.

When TDSSKiller finishes cleaning the infection, a report stating whether or not it was successful is shown.

If TDSSKiller requires a reboot to finish the cleaning process, click on: Reboot Now

Next, start the computer in Safe Mode with Networking by tapping the F8 key while it boots, and selecting this option

Maybe you will have better luck with Rkill if you do this:
Download one of these files: iExplore.exe or eXplorer.exe These files are renamed copies of RKill:

Save the file selected to the Desktop, and double-click on it. (For Vista/Windows 7, select: Run as Administrator)
Ignore any messages, and allow the file to run until the command window closes.

Without a reboot, download Malwarebytes’ Anti-Malware (black button with green and white icon) Save to the Desktop:

Double-click mbam-setup.exe and follow the prompts to install the program. (For Vista/Windows 7, select: Run as Administrator)

Run Malwarfebytes’ AntiMalware and update the program.
Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the Remove Selected button to get rid of the malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.

>>Please post the TDSSKiller and the Malwarebytes logs in your reply so we can see where we are at, and plan any additional removal strategy, if necessary.<<

Report •

Ask Question