I have a redirect virus/trojan on Firefox (not on IE).
I have picked up a redirect virus/trojan on Firefox. It has not affected IE. Using Firefox 15.0.1
When I type something into the address bar - whether a website or a topic - it takes me to different pages other than what I specified, or a different website if I've specified a website.
Sometimes if I click a 2nd time it brings me to the correct place or to Google (my default Search engine).
Sometimes it does this even if I type the topic into the Google search bar which I have on the right of the address bar, rather than into the address bar at the top of the page.
I've done complete scans with my realtime antivirus, avast! free antivirus, as well as a boot scan with it, and also complete scans with MBAM, Super AntiSpyware, and TDSS Killer. All have found nothing (except Super AntiSpyware, which found a bunch of tracking cookies which the others didn't deem important - but I did delete these).
Any solution would be appreciated.
Would simply delete and reinstall solve this?
Additional System Details
This started when...
probably from a streaming sports site. Probably when I accepted a bad security certificate for a website (I'm normally very careful - don't remember why I fell for this).
- User Agent:
There may be a need to use Malwarebytes Anti-Malware (FREE VERSION), it picks up things like that in many instances. Also, clean your system by running CCleaner (FREE) twice. If you have redirecting issues, you may want to use Namebench from the Google Code website, and/or an application that addresses "DNS malware."
If using various malware scanners does not fix it or if you are blocked from installing those scanners then ask advice at a forum that specializes in malware removal.
Can you post some of the urls of the sites you are redirected to? There may be a pattern.
Since this only affects Firefox, this is probably not a virus but a annoying toolbar that installed after you recently installed some software.
On second thought, I just saw your post about the bad certificate you accepted. Did the symptoms start immediately after that?
For now, try disabling all your addons for a test:
Help > Restart with Add-ons Disabled
If you already checked your addons, Maybe the certificate you accepted needs to be erased from your certificates list.
Tools > Options > Advanced > Encryption > View Certificates button
Click all the tabs in the Certificate Manager. If you find a name that looks similar to it, click the Export button on it then Delete it.
For more help:
Out of cor-el's links, I recommend BleepingComputer.com in case this is malware. Although you could post in all 3 forums to see where you get a faster response.
The right section for BleepingComputer Malware/Virus/Trojan Help is:
Let us know if you have any further problems after using our methods.
Modified by Rezo
I wouldn't consult those forums. I'm self-taught, and never in my life resorted to any on that list. Been doing this since '87. The best way to learn how to conduct repairs is to first develop a toolkit of various software that address specific computer issues. The more you read about applications, the better your kit. There is a lot out there, but not all of it is worth your while. I'd suggest Boot-CD's, Anti Malwares/Virus/Adware/Spyware/, individual tools such as TDSS Remover, etc, and know how to update absolutely every piece of software within your computer from OS, to Firmware, and all the rest. Those forums are filled with people that never took the time, and I condemn them because in the days of Kaspersky's greatest effectiveness.. they'd still recommend trash. Never on point with the security industry's best software.. ever.
Modified by Rezo
I have the same exact problem too. Using Fiefox 15.0.1 Portabble from portableapps.com. Here are some URLs of the site I was redirected to:
I google those URLs and found they were reported few days ago here: http://urlquery.net/report.php?id=209807
The Inspector shows that two DIV containers are present if you right-click to inspect the image and doesn't select the image.
<div style="width: 799px; height: 1022px;" class=" pfv2_selectiondiv" id="selectiondiv"></div> <div style="width: 799px; height: 1022px; left: 0px; top: 0px;" class=" pfv2_mousediv" id="mousediv"></div>
I have the same thing. This happened AFTER updating to the latest firefox browser -- thanks!
Mine is worse. It is across all browsers I use. It is affecting every link and move.
Let's find the solution.
However, I must say -- THIS HAPPENED after my FIREFOX download and ONLY from this update!!!!! This is on a secondary computer, and it definitely does not get used much, so the culprit is evident.
Google redirect virus is challenging to get rid of due to its capability to hide deep inside the operating system as well as its potential to eliminate traces and footprints on how it got inside the computer. As of nowadays, not a single security application in the industry can guarantee 100% protection from this infection. This explains, why your pc got infected even having a safety software installed.
Some computer users know that Google redirect virus is just not a virus, but in fact a rootkit. Rootkit infections unlike other virus, spyware or trojan infections are really difficult to get rid of. In most cases, google redirect virus rootkit is seen related to Trojans which makes it a lot more deadly. In accordance with a 2011 report, Google redirect virus have currently infected 45,00,000 computers worldwide, out of which 1/3rd is from US.
Some symptoms that you are having this virus on your PC:
- Browsers freeze
- Pages not loading at all
- Google/Bing/Yahoo searches redirected to malicious site/s
- Some programs won’t respond
- Internet connection brakes itself
- Terrible adds popping on visited webpage/s
If you have these symptoms on your Computer, I suggest using safe and respected software program as the 1 I've provided below. The Google redirect virus removal tool deals with malware infections that lead to Google redirect virus symptoms and are so difficult to detect and fix.
moderator removed spam link
Forum rules and guidelines
Modified by the-edmeister
This may sound silly but when doing a virus removal on a computer I will un install any harmful toolbars. But then I will often un install Firefox completly (you will loose bookmarks if you have them) and then install a fresh and clean Firefox.
The other way is to go into the settings of Firefox and un install or disable harmful add ons.
The third thing when talking about redirects and such...is to look at the some of the other settings on your p.c such as "host file," LAN Settings, Internet Explorer Settings...(I know the issue seems unrelated to Internet Explorer)
This highlighted link is a helpful site when fixing a redirect .....the site is free and spam free. It gets a little more in depth. See the issue is not really Firefox but that something else may have modified the settings in Firefox without your permission. Best wishes
Here is a guide that used to work on getting rid of the google redirect virus: http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller. It uses a program put out by Kaspersky Lab called TDSSKiller. It can be downloaded here at http://support.kaspersky.com/downloads/utils/tdsskiller.exe . This is a method almost a yesr old so I am not sure if it will work correctly. This happened to an older computer I had once before TDSSKiller and I had to do an OS reinstall.
I hope this works or helps.