All URL's are redirected
in [Windows XP]
|
From: Bazsl on 27 Jul 2010 23:33 My daughter has an XP Home machine that is behaving strangely to the point that it is unusable. There are a number of symptoms including slow performance but one of the most annoying is that when she types a URL into IE she is always redirected to another Web site. My first assumption was a virus but she has a current version of McAfee installed. Any suggestions about how to diagnose and fix this problem? I realize I have provided very little information. If you need more details let me know what you need and I will try to get it. Thanks.
From: Paul on 28 Jul 2010 01:10 Bazsl wrote: > My daughter has an XP Home machine that is behaving strangely to the point > that it is unusable. There are a number of symptoms including slow > performance but one of the most annoying is that when she types a URL into IE > she is always redirected to another Web site. My first assumption was a virus > but she has a current version of McAfee installed. > > Any suggestions about how to diagnose and fix this problem? I realize I have > provided very little information. If you need more details let me know what > you need and I will try to get it. Thanks. It could still be malware. Alureon (TDSS) is a root kit (hides itself), with the mission of redirecting people to web sites, such that the authors of the software make money from advertising revenue. http://en.wikipedia.org/wiki/Alureon http://www.symantec.com/security_response/writeup.jsp?docid=2008-091809-0911-99&tabid=2 No AV software is perfect. They all only cover a percentage of all malware, and new variants can get through (between the window of introduction, until new virus definitions are sent in an update). So something very well could get through. This web site, for example, tests AV software, and rates them according to thoroughness. http://www.av-comparatives.org/comparativesreviews/main-tests There are a number of scanning tools available. If the computer has a high speed Internet connection with DHCP for giving out IP addresses, you can use a bootable CD like this one. Once started, this one downloads fresh virus definitions, and you can use it to scan the partitions on the hard drive. So this would be an example of an "offline scanner", since WinXP is not running when this is at work. http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk10/ The download is 200MB, and you need a tool such as Nero or Imgburn (free) to convert an ISO9660 file, into a bootable CD. You can't just drag and drop that file onto a CD, as it won't boot that way. I have no idea what happens, if all you have is dialup networking. It does have a virus database, and all it does when getting updates, is get the latest definitions, rather than fetching the whole database over again. Once the infected computer boots with that disk, the software will automatically connect to Kaspersky and get fresh definitions. Then see what it detects, and that will tell you how effective McAfee is. There are plenty of other tools like that around, and checking previous threads in this group, for previous answers to malware questions, will uncover other methods. With the current condition the laptop is in, it may not be possible to utilize an "on-line" scanner, while the infected WinXP is running. You may have to bring tools over to the laptop, on media of some sort (a CD is safest, because being read-only, it can't propagate an infection to the "clean" computer). And even if you do that, if any tool needs updated virus definitions, the fact your IP lookup is hijacked, is going to make getting updates a problem. You can try running MBAM on it, if you want. http://www.malwarebytes.org/ You can see here, that the downloaded file may need to be renamed, in order to be able to use it. And even that might not be enough. http://forums.malwarebytes.org/index.php?showtopic=23983 http://forums.malwarebytes.org/index.php?showtopic=12709 The advantage of an offline scan, is at least it isn't fighting with the malware actively. MBAM actually works best, on a running system, but not when it cannot be made to execute. Paul
From: Sohail on 28 Jul 2010 01:19 On Jul 28, 8:33 am, Bazsl <Ba...(a)discussions.microsoft.com> wrote: > My daughter has an XP Home machine that is behaving strangely to the point > that it is unusable. There are a number of symptoms including slow > performance but one of the most annoying is that when she types a URL into IE > she is always redirected to another Web site. My first assumption was a virus > but she has a current version of McAfee installed. > > Any suggestions about how to diagnose and fix this problem? I realize I have > provided very little information. If you need more details let me know what > you need and I will try to get it. Thanks. I had the same type of problem, although long ago. I remember using Adaware from lavasoft (http://www.lavasoft.com/products/ ad_aware_free.php). Also, try to disable or remove all pugins, toolbars that have been installed in IE. Let's see if it helps. regards Sohail
From: PA Bear [MS MVP] on 28 Jul 2010 01:53 Is WinXP SP3 installed? Is KB979559 installed? What anti-virus application or security suite is installed and is your subscription current? What anti-spyware applications (other than Defender)? What third-party firewall (if any)? Has a(nother) Norton or McAfee application ever been installed on the computer? Did a Norton or McAfee free-trial come preinstalled on the computer when you bought it? (Doesn't matter if you never used or Activated it.) Bazsl wrote: > My daughter has an XP Home machine that is behaving strangely to the point > that it is unusable. There are a number of symptoms including slow > performance but one of the most annoying is that when she types a URL into > IE she is always redirected to another Web site. My first assumption was a > virus but she has a current version of McAfee installed. > > Any suggestions about how to diagnose and fix this problem? I realize I > have > provided very little information. If you need more details let me know > what > you need and I will try to get it. Thanks.
From: waresoft on 28 Jul 2010 15:05 'PA Bear [MS MVP Wrote: > ;3398677']Is WinXP SP3 installed? > > Is KB979559 installed? > > What anti-virus application or security suite is installed and is your > subscription current? What anti-spyware applications (other than > Defender)? > What third-party firewall (if any)? > > Has a(nother) Norton or McAfee application ever been installed on the > computer? > > Did a Norton or McAfee free-trial come preinstalled on the computer when > you > bought it? (Doesn't matter if you never used or Activated it.) > > Bazsl wrote:- > My daughter has an XP Home machine that is behaving strangely to the > point > that it is unusable. There are a number of symptoms including slow > performance but one of the most annoying is that when she types a URL > into > IE she is always redirected to another Web site. My first assumption > was a > virus but she has a current version of McAfee installed. > > Any suggestions about how to diagnose and fix this problem? I realize I > > have > provided very little information. If you need more details let me know > > what > you need and I will try to get it. Thanks. - Sounds like she has a rootkit. Download 'SuperAntiSpyware' (http://www.superantispyware.com/download.html) with another computer and copy it to a thumbdrive or CD. Then use it to remove the rootkit. -- waresoft
|
Next
|
Last
Pages: 1 2 Prev: NNTP newsgroups gone? Next: Win XP won't load properly after using Regrun reanimator |