Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Anybody dealt with the redirect virus?
Old 02-28-2012, 01:50 PM   #1
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,906
Anybody dealt with the redirect virus?

I've got a virus on my computer that randomly redirects me to other websites. I run a Firefox browser and use Microsoft Security Essentials as virus protection. The MSE doesn't seem to find the virus in multiple scans.

Thanks in advance for any advice.
__________________

__________________
Yes, I have achieved work / life balance.
travelover is online now   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 02-28-2012, 02:14 PM   #2
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
REWahoo's Avatar
 
Join Date: Jun 2002
Location: Texas Hill Country
Posts: 42,151
I plugged your symptoms into Google and came up with this:

__________________

__________________
Numbers is hard

When I hit 70, it hit back

Retired in 2005 at age 58, no pension
REWahoo is offline   Reply With Quote
Old 02-28-2012, 02:30 PM   #3
Thinks s/he gets paid by the post
ls99's Avatar
 
Join Date: May 2008
Posts: 4,792
May be a misbehaving addon. Disable all addons in FF. If it works one by one find the culprit.

Else try Malwarebytes.

Good luck
__________________
There must be moderation in everything, including moderation.
ls99 is offline   Reply With Quote
Old 02-28-2012, 02:51 PM   #4
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
braumeister's Avatar
 
Join Date: Feb 2010
Location: Northern Kentucky
Posts: 8,635
Quote:
Originally Posted by travelover View Post
I've got a virus on my computer that randomly redirects me to other websites.
This can happen when some sort of malware changes your DNS lookup site to one of their evil DNS servers.

Apart from cleaning the virus (can't address that because I don't know what you're running and am not an expert anyway), the first thing I would do is check your DNS lookups. I like to use OpenDNS servers, which have always been very trustworthy. See what yours are and check where they are actually located. Might be your ISP, but might be someplace nasty.


For further information check out OpenDNS - Cloud Internet Security and DNS
__________________
Pas de lieu Rhône que nous.
braumeister is online now   Reply With Quote
Old 02-28-2012, 05:36 PM   #5
Confused about dryer sheets
 
Join Date: Feb 2010
Posts: 2
I used Kaspersky TDSSKiller to fix this when it happended to me last summer.
My regular malware security was unable to find it.
Of course, you have to use another computer to find the download address
because the redirect won't let you search for it.
__________________
cluebus2 is offline   Reply With Quote
Old 02-28-2012, 10:17 PM   #6
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
harley's Avatar
 
Join Date: May 2008
Location: Following the nice weather
Posts: 6,445
I assume you're talking about the Google Redirect virus, where you get redirected when trying to go to a search result. This malware is rampant on the web. If so, TDSSKiller is your best bet. I tried 5 or 6 other security software solutions without any luck. You probably will also need to fix your hosts file. Microsoft has an easy solution - How can I reset the Hosts file back to the default?
__________________
"Good judgment comes from experience. Experience comes from bad judgement." - Will Rogers, or maybe Sam Clemens
DW and I - FIREd at 50 (7/06), living off assets
harley is online now   Reply With Quote
Old 02-29-2012, 12:30 AM   #7
Thinks s/he gets paid by the post
growing_older's Avatar
 
Join Date: Jun 2007
Posts: 2,609
Or if you have an ability to roll back your computer to a previous date, go back to a date before the virus behavior started.
__________________
growing_older is offline   Reply With Quote
Old 02-29-2012, 05:13 AM   #8
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,710
There is not one redirect virus. Oh if life were simple again.

You need Malwarebytes and a really good virus scanner. Be prepared to spend a lot of time on this. It is a real education. You may need to get registry fixes. You'll have to turn off System Restore, replace the HOSTS file, shut down processes, and also run scanners from Safe Mode. You need to make sure you get all critical Microsoft updates.

It may be the HOSTS file is also jacked. Then there is the search provider in browser that may be changed. Then there is the browser addon. Then there are the malware that are in Safe Restore and can't be removed. One day you'll do a restore and be re-infected.

It can be fixed, except for the rootkit that may be installed, and goes un-detected by a lot of the checkers.

You can pay the computer store a lot to fix these things, but there work may be less than 100% effective.

If you have another computer, you can download the programs you need from there, save to USB, and install to the infected computer while in safe mode.

Microsoft Security Essentials? Does the fire station provide free fire insurance?
__________________
target2019 is offline   Reply With Quote
Old 02-29-2012, 05:36 AM   #9
Moderator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Rocky Inlets
Posts: 24,492
Quote:
Originally Posted by harley View Post
I assume you're talking about the Google Redirect virus, where you get redirected when trying to go to a search result. This malware is rampant on the web. If so, TDSSKiller is your best bet. I tried 5 or 6 other security software solutions without any luck. You probably will also need to fix your hosts file. Microsoft has an easy solution - How can I reset the Hosts file back to the default?
+1
If that doesn't work, look at the google forums. One of many threads on this
https://groups.google.com/a/googlepr...ch/ICKqFHmPaq4
__________________
MichaelB is offline   Reply With Quote
Old 02-29-2012, 07:42 AM   #10
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,906
Thanks for the suggestions so far, but I have to admit, many of you are way over my head. Perhaps it would be best if I took the computer out in the driveway and put a couple of .45 slugs through the hard drive and then bought a new computer.

Oh, but wait, that computer would get infected soon, anyway.
__________________
Yes, I have achieved work / life balance.
travelover is online now   Reply With Quote
Old 02-29-2012, 07:58 AM   #11
Moderator
MichaelB's Avatar
 
Join Date: Jan 2008
Location: Rocky Inlets
Posts: 24,492
Quote:
Originally Posted by travelover View Post
Thanks for the suggestions so far, but I have to admit, many of you are way over my head. Perhaps it would be best if I took the computer out in the driveway and put a couple of .45 slugs through the hard drive and then bought a new computer.
Don't waste the bullets - they'll just get redirected...
__________________
MichaelB is offline   Reply With Quote
Old 02-29-2012, 08:03 AM   #12
Moderator
Sarah in SC's Avatar
 
Join Date: Sep 2005
Location: Charleston, SC
Posts: 13,457
Quote:
Originally Posted by travelover View Post
Thanks for the suggestions so far, but I have to admit, many of you are way over my head. Perhaps it would be best if I took the computer out in the driveway and put a couple of .45 slugs through the hard drive and then bought a new computer.

Oh, but wait, that computer would get infected soon, anyway.
Save your ammo and get Tommy Jordan to do it for you.
__________________
“One day your life will flash before your eyes. Make sure it's worth watching.”
Gerard Arthur Way

Sarah in SC is offline   Reply With Quote
Old 02-29-2012, 08:08 AM   #13
Thinks s/he gets paid by the post
grumpy's Avatar
 
Join Date: Jul 2004
Posts: 1,321
I had similar symptoms last year. My son, a software engineer, determined that I was the victim of a "root kit trojan" (whatever that means). This bug disabled Malwarebytes and any other software "fixer" I tried. With my sons help I was able to get software called "rkill".

This had to be run from the DOS prompt. Once it did its thing, then Malwarebytes was able to run and succeed.
__________________
...you can check out any time you like, but you can never leave...
grumpy is offline   Reply With Quote
Old 02-29-2012, 08:17 AM   #14
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,906
I think the Israelis have confused my computer with a uranium enrichment centrifuge.
__________________
Yes, I have achieved work / life balance.
travelover is online now   Reply With Quote
Old 02-29-2012, 09:15 AM   #15
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,299
Quote:
Originally Posted by travelover View Post
Oh, but wait, that computer would get infected soon, anyway.
Linux? Mac?


-ERD50
__________________
ERD50 is offline   Reply With Quote
Old 02-29-2012, 10:00 AM   #16
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
braumeister's Avatar
 
Join Date: Feb 2010
Location: Northern Kentucky
Posts: 8,635
It's hard to be completely safe these days.
__________________
Pas de lieu Rhône que nous.
braumeister is online now   Reply With Quote
Old 02-29-2012, 10:39 AM   #17
Thinks s/he gets paid by the post
 
Join Date: Jun 2010
Location: France
Posts: 1,195
Go to Bleepingcomputer.com, download ComboFix, run, follow instructions, enjoy.
__________________
Age 56, retired July 1, 2012; DW is 60 and working for 2 more years. Current portfolio is 2000K split 50 stocks/20 bonds/30 cash. Renting house, no debts.
BigNick is offline   Reply With Quote
Old 02-29-2012, 10:58 AM   #18
Thinks s/he gets paid by the post
Major Tom's Avatar
 
Join Date: Nov 2009
Location: SF East Bay
Posts: 3,130
I had a similar problem a few months ago which kept redirecting me to a 404 error page on Hotspot Shield which contained ads. I tried Malware Bytes (think it was that one) as well as the anti-virus I had installed (Zone Alarm). I probably should have tried a few others too but was looking for an excuse to do a clean re-install of the OS, so that's what I did.

Luckily, I have all my data on separate backed up hard drives. Only the OS and programs are on the C drive, so I wiped that drive clean with a free program called KillDisk and completely re-installed the OS (Windows XP in my case) and all programs.

It was probably overkill, but I had quite a few programs I no longer used, as well as who-knows-what programs running memory resident in the background, so it felt like a good time to start again from scratch.
__________________
ER, for all intents and purposes. Part-time income <5% of annual expenditure.
Major Tom is offline   Reply With Quote
Old 02-29-2012, 11:21 AM   #19
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,906
Quote:
Originally Posted by growing_older View Post
Or if you have an ability to roll back your computer to a previous date, go back to a date before the virus behavior started.
+1. That'll be my first approach.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is online now   Reply With Quote
Old 02-29-2012, 02:55 PM   #20
Thinks s/he gets paid by the post
DFW_M5's Avatar
 
Join Date: Sep 2003
Posts: 4,982
Quote:
Originally Posted by ERD50 View Post
Linux? Mac?


-ERD50
Since my PC is ~ 6 years old, this will be my solution next time the bug bites.
__________________

__________________
DFW_M5 is online now   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
The Simple Life vs Mortgage Payoff thegarman Young Dreamers 100 08-09-2012 10:14 AM
Top five regrets of the dying MichaelB Other topics 81 04-25-2012 03:15 AM
Experience with ankylosing spondylitis? soupcxan Health and Early Retirement 4 03-06-2012 08:08 PM
The Total Economy Portfolio - Rick Ferri Midpack FIRE and Money 3 02-29-2012 05:00 PM
What should I do with my low performance American Funds? prototype FIRE and Money 39 02-29-2012 11:04 AM

 

 
All times are GMT -6. The time now is 10:51 AM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.