Question:
I may have a virus please help me.?
2010-06-20 12:12:53 UTC
I work on google chrome, and for like a week everytime I went to some websites, i've been redirecting to wellaction.com. I've flushed my DNS, and i don't have this problem anymore. But my internet connexion is still very slow, and Google Chrome keep telling me : Oops! This link appears to be broken.

And I gotta try 3 times to reach my page. Here is my Hijack log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:43:40 PM, on 20/06/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18444)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\FlashGet\flashget.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\JULIEN~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Users\JULIEN~1\AppData\Local\Temp\pnnidhgi.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\FlashGet\flashget.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Maman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Maman\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Maman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Maman\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\iFinger\iFinger.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\drivers\svchost.exe
C:\Windows\system32\ntvdm.exe
C:\Users\Julien Rault\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julien Rault\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julien Rault\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Users\Julien Rault\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julien Rault\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julien Rault\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julien Rault\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julien Rault\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Julien Rault\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:/
Three answers:
?
2010-06-21 00:36:01 UTC
You might have a few reminants of the redirect virus left on your PC, and it's trying to redirect your websites but now doesn't have the DNS support to help it carry out its evil plans. Even though it might seem like you got rid of it, I would suggest that you still have the redirect infection on your PC - and you may want to use a program such as "combofix" to remove it. You can see how to get rid of it at this tutorial: http://www.personalcomputerfixes.com/spyware/how-to-remove-the-google-redirect-virus/
2010-06-20 15:19:04 UTC
The best thing to do at this time would to be to run adaware virus scan , Sometimes going into tools and changeing your PROX helps i think thats what you have to do ill take you through it step by step



1. go to the internet page go tools

2.internet options

3.connection tools , then advanced

4. change the prox setings up so it works



if this doesnt work id advise you to throw your computer in the trash before it catches into flames
?
2010-06-20 18:41:58 UTC
Hello,

this is an adware.

you can download regTool.

click Internet Tool

restore IE by one-cilck.

http://www.keep-pc-clean.com/


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Continue reading on narkive:
Loading...