Jump to content

The ever elusive redirect virus

Recommended Posts

ok so I went on google images and got a redirect virus. Trying to boot the computer up and get things moving took about 3 hours. Super Slow.

I tried malwarebytes. Didn't find anything.

I tried Avira. Didn't find anything.

Tried Avira's bootscan. STILL nothing.

GMER found nothing either, so it provided me with no log.

So I did a System Restore from about 2 days before I got the virus. It still is taking the computer lightyears to start up.

Its also saying when I try to produce a hijackthis log it says it can't hijackthis.log file.

the DDS and Attach should be in attachments :)



Link to post
Share on other sites

Hello MDoll and welcome to Malwarebytes! :welcome:

I am D-FRED-BROWN and I will be helping you. :)

In the future, please include the logs as posts rather than as attachments- it makes it easier for me to read them that way ;)

Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps.


I noticed in your log you have more than one antivirus (Avast!, Microsoft Security Essentials, and Norton) program and more than one anti-spyware (Avast!, Microsoft Security Essentials, and Norton) program installed.

This is very dangerous, as multiple protection programs of the same type can interfere with one another and actually allow more infections to get through.

It is important that only one antivirus, and only one anti-spyware program is running realtime protection.

I strongly suggest you either (1) uninstall some of the programs through Control Panel->Add or Remove Programs,

OR (2) keep all programs, but leave one of them disabled most of the time.

You can still use it for scanning your computer.

Note: I strongly suggest that you choose to keep Norton, as it provides you with not only Antivirus and Anti-spyware support, but Firewall coverage as well ;).


Please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

In your next reply, please include the following (you may need to use two posts to get it all in):

  • TDSSKiller_log.txt
how the PC is running now?
Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:
***IMPORTANT: save ComboFix to your Desktop***
* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Please go here to see a list of programs that should be disabled.
**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**
Please include the C:\ComboFix.txt in your next reply for further review.
Also, please let me know if any problems still remain.
Please download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


In your next reply, please include:

  • C:\ComboFix.txt
  • TDSSKiller log
  • Security Check checkup.txt

How is your computer running now?

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.