Web page redirecting

miniboss
#1
Hey. I was hoping I could get some help again since you've all been so helpful in the past. I have a computer at work, running windows xp with firefox as the browser. Not always, but sometimes, when I click on a link, it redirects me elsewhere. I have run Malwarebytes, spybot S & D, rootkit detectors, and they find nothing. Even reloaded a new Hosts file. I'm stumped. I've been reading online in regards to this issue, and tried the remedies, no help. Any ideas? Thanks.
 
Andem
#2
Hey miniboss. I've also had some weird malware on my system that I just couldn't locate and I tried all of the well-known anti-virus programs and spyware removers. I never really found anything so I ended up installing a fresh copy of Windows.

I highly suggest you ask in one of those forums dedicated to malware and see what they can do for you.

By the way.. try searching the domain name that you're redirected to and the keyword malware in Google. You might find some hints.
 
Praxius
+2
#3  Top Rated Post
Quote: Originally Posted by miniboss View Post

Hey. I was hoping I could get some help again since you've all been so helpful in the past. I have a computer at work, running windows xp with firefox as the browser. Not always, but sometimes, when I click on a link, it redirects me elsewhere. I have run Malwarebytes, spybot S & D, rootkit detectors, and they find nothing. Even reloaded a new Hosts file. I'm stumped. I've been reading online in regards to this issue, and tried the remedies, no help. Any ideas? Thanks.

I use AVG Anti Virus, Registry Mechanic and Ad-Aware for keeping my system clean. I had the same problem you had a few years ago.

Restart your system in Safe-Mode (Press F8 when you see that flashing underscore prior to the XP loading screen)

This way only the basic windows systems will run. While in normal mode, some spyware crap can remain hidded from your scans, which is why it says you're system is clean when it isn't.

Before you run your scans, go into your C:/Temp folder and clear everything out of that. (Some people don't have that folder, if you don't, then don't worry about it)

Second, go into your C:/Windows/Temp folder and wipe everything out of there.

Third, go into your C:/Documents and Settings/Your User Account Name/Local Settings/Temp folder and wipe everything from there.

The Local Settings folder is generally hidden and you may have to setup your folders to show hidden files & folders.

Once you clear out all of these temp folders, run Ad-Aware (Free program) while in safe mode and do a Full Systems Scan. I have tried other spyware programs before, but they never found as many things as Ad-Aware does.

Once that is done, run AVG and do a full scan for viruses.... all while you're in safe mode.

When you are in normal XP mode, many things in your temp folders won't let you delete them because they're being used. You don't have to worry about anything screwing up on your system from wiping your temp folders, but generally that's where most spyware hide.

Once all that is completed, or while you're waiting for your scans to complete, go into your Firefox, IExplorer and any of your other browsers and make sure your default home page is what you want, ie: Google.ca

After all of that, your system should be clean.

Let me know if you still end up having problems with redirections.

Oh and before you restart out of safe mode, run Registry Mechanic if you have that program.
 
DaSleeper
#4
Only once did I ever get a bad one...I forget what the name was but after downloading a .rar file opener application instead of right clicking and scanning it like I always do I screwed-up and left clicked... Norton was corrupted, so was Ad Aware....wouldn't let me go on online scanning sites like trend micro.
I was lucky I had a complete back-up set of disks that was only one month old. I just wasted three hours. I now make a complete operating system back up every three months.
 
MHz
#5
check your 'host' file in windows\system32\drivers\etc It should be similar to this one below.

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
 
miniboss
#6
Hey. I ran Adaware in safe mode, it found nothing. A new development though. Since I still got the re directs, I got mad and "installed" a portable version of Opera browswer. Guess what? No more re directs, so that means it's an issue with firefox. I mean it's a solution, but it doesn't get to the root of the problem. Since it's a work machine, I don't exactly have free reign with it, so this may be the best solution for now, but other ideas or tips are appreciated. Thanks.
 
DaSleeper
#7
Quote: Originally Posted by miniboss View Post

Hey. I ran Adaware in safe mode, it found nothing. A new development though. Since I still got the re directs, I got mad and "installed" a portable version of Opera browswer. Guess what? No more re directs, so that means it's an issue with firefox. I mean it's a solution, but it doesn't get to the root of the problem. Since it's a work machine, I don't exactly have free reign with it, so this may be the best solution for now, but other ideas or tips are appreciated. Thanks.

If it's just in Firefox try uninstalling and reinstalling it and make sure after you do that the tools/option settings are set right for you...usually the default settings are safe setting on a fresh install
 

Similar Threads

36
Redirecting Virus?
by Twila | Jan 7th, 2009