PDA

View Full Version : redirect virus etc



darryl
12-27-2009, 02:26 AM
Still trying to get rid of redirects, etc. I've installed and used several softwares, and only malwarebyte seemed to get rid of the crap- but only for a while. Now none of the programs finds anything, but I still get redirected on just about every second search. What might work for me now? Changing search engines? I'm using firefox, and I get options to change the search engine from yahoo to three or four other ones that I've never heard of. Maybe I should be getting rid of firefox- ? Maybe I can just re-install it- maybe- ? Is it possible that my router can be infected somehow, and I could try re-booting it?

Getting pretty tired of being pushed off the internet highway at every shopping mall :)

Black_Moons
12-27-2009, 03:06 AM
Don't forget to check your hosts file in your windows system directory, it can result in redirects from common websites back to the infection websites.

darryl
12-27-2009, 04:27 AM
Black Moons, I don't understand that. What is the host file?

Black_Moons
12-27-2009, 07:06 AM
http://en.wikipedia.org/wiki/Hosts_file

Carld
12-27-2009, 11:24 AM
darryl, the only way you can completely clean it up is to save all your files in My Documents to an external drive and format the hard drive and reinstall all the programs. I have heard that it's best to format about 7 times to clean the hard drive and I understand that is not always complete.

You may have to replace the hard drive. Some virus's root in so good you can't get rid of them. A friend that is a Windows tech has spent hours trying to clean a system and had to finally replace the hard drive.

dp
12-27-2009, 11:28 AM
Don't forget to check your hosts file in your windows system directory, it can result in redirects from common websites back to the infection websites.

There are some viruses that will add host file entries. Most have just one entry to define localhost (127.0.0.1) so if you see dozens of entries that you didn't put there it's a good sign you've been hacked.

cuemaker
12-27-2009, 12:12 PM
try this..

Go to control panel, administrative tools, computer management, click on show hidden devices under view, then scroll down to non plug and play drivers, then disable 'tdssserv.sys' restart computer , problem should be solved

Or visit this website http://www.exterminate-it.com/malpedia/file/tdssserv.sys

whitis
12-27-2009, 04:17 PM
darryl, the only way you can completely clean it up is to save all your files in My Documents to an external drive and format the hard drive and reinstall all the programs. I have heard that it's best to format about 7 times to clean the hard drive and I understand that is not always complete.

You may have to replace the hard drive. Some virus's root in so good you can't get rid of them. A friend that is a Windows tech has spent hours trying to clean a system and had to finally replace the hard drive.

Nope. If you want to erase sensitive data so that people cannot extract it using special equipment, then you need to wipe each sector multiple times using various patterns which special software exists to do. To erase a virus or any other data or software, multiple reformats are not necessary. Your computer can't read the residual image, unlike spies and forensics experts.
Just do a full format, not a quick one. Even a quick format, which wipes out the directories, FAT, etc. may leave pieces of the virus in data sectors but they won't be able to do anything since they will no longer be contained within files. The boot sector on the drive also needs to be erased, which will not happen when you reformat a partition. Better yet, do a low level format.

When reformatting a drive, boot from a clean rescue CD, so the virus can't protect itself from reformatting.

Replacing the hard drive is completely unnecessary. In theory, a virus could replace the firmware on the drive so it would be reinstated after installing the OS, but that would be hard to pull off in practice since the firmware on each model is different.

When copying your data to another hard drive and restoring, you may reinfect. There are a few locations such as your personal autostart folder where the virus can hide. Configuration files and plugin directories for various applications can cause malicious software in your personal file area to be executed.