The Ever-Popular Redirect Virus

November 2, 2011 at 02:16:57
Specs: Windows 7, intel core 17 3.2 GHz / 12 gigs
My system appears to be infected with a redirection virus, as I've seen many similar questions asked on this thread and others, often with the exact same symptoms.
Any time I attempt to use google the results redirect to a seemingly random, unrelated ad page.
It works perfectly fine for the first few seconds after starting up firefox, then the problems begin to occur.
I've been able to get around it so far by simply copying the link address and pasting it to the address bar but I want to get rid of whatever this is before it can get any worse.
Following instructions given in similar threads, to people with the same problems I have tried the Kaspersky TDSSKiller, Spybot SD, and Hitman Pro scan-and-removal tools, but all came up clean apart from a few tracking cookies, and my mcafee real-time scan found and 'successfully' removed a trojan around the time I first started encountering these problems.
The problem is persistent and I've run out of ideas on how to remove it from my system.
I'm running windows 7, my mcafee is up to date, and after getting no results have removed the other free malware-removal tools from my computer.
Any help with this problem would be much appreciated.

See More: The Ever-Popular Redirect Virus

Report •


#1
November 2, 2011 at 08:40:06
check your hosts file, and your proxy(just in case) these can be easily overlooked

mike


Report •

#2
November 2, 2011 at 09:06:28
Update: I checked my host file, as Band's link and Mikelinus' post both suggest and removed several hundred lines of seemingly random websites that had been added. From what I understand though some of it was added by spybot??
Anyway, the redirects happen less often now but they're still present. I took a look at my proxy settings and they're normal (box is un-ticked).
The problem still persists and I will try some of the programs at the bottom of the link Band provided later after my classes.
Thanks for the help you've both given me so far!

Report •

#3
November 2, 2011 at 09:26:45
Sorry Band, should have reviewed your post first, no offense intended.

Thats quite a bit of hosts, any chance you could send a couple of the ips my way through a private message, maybe it will lead to a bit more direct help

mike


Report •

Related Solutions

#4
November 2, 2011 at 11:04:41
Sorry I didn't save any of them, just selected the whole block and replaced it with 127.0.0.1 localhost. In hindsight I probably should have kept a list. Sorry.
From what I could tell though they were all ad sites, and they were all connected to that same standard 127.0.0.1 loop back IP address.

Report •


Ask Question