Adware-Websearch virus

Hope this is the right forum for this question.

All of my website's sub pages are redirecting to some ad. I ran a Norton Anti-Virus full system scan and it came back with 4 potential threats. One I was able to delete; but the other 3 are all Adware Websearch viruses and I followed the directions over at Symantec and removed the search toolbar in the Add & Remove part of my Control Panel and then did a second system full scan and it still brought up the same 3 threats, which again I tried to delete and they would not delete.

I've tried everything, can someone here help me to get this problem fixed?

Basically, as things are now someone or some spyware? has hyjacked my website!

This URL comes up when the re-direct kicks in:
http://website.ws/gdtraffic...

 

I use Spybot and adaware.

Hopefully it's not exactly a virus and those 2 progrmas can solve your problem.

 

Ad-Aware should wipe it for you.

 

I just tried Spybot S&D and it SAID it had fixed these 8 problems; but it didn't. I'm off to try Ad-Aware. Is it OK to have two spyware removal programs installed on my pc at the same time? Please let me know before I go and download Ad-Aware.

 

Just tried Ad-Aware and it said it found 54 objects - removed them and I still have the same problem all of my sub pages keep re-directing to this same ad site.

Can anyone here PLEASE help me get this fixed?

Thanks.

 

Get microsoft's new anti-spyware, it finds things spy-bot and ad-aware won't.

 

Do a search as well for cwshredder.

http://www.majorgeeks.com/download3019.html
http://www.spywareinfo.com/~merijn/downloads.html

 

One sure way is to dump Microsoft period.

http://www.eweek.com/article2/0,1759,1750395,00.asp

Get a MAC because M$ can not make software that is safe, the OS has fatal flaws and IE is part of the Windows OS.

So you own a defective product, go with MAC and Linux.

Start using Firefox instead of IE, this may help you now!

See link below for FireFox and anti-malware free software download links.

http://searchwars.squarespace.com/free-software-downloads/

If you want to review AV software see the Wilders security link on the above page and look for the best AV program in the world NOD32

 

OK, I downloaded the MSN spyware cleaner and it did its thing and my problem is still there. Then I downloaded the Firefox web browser and same thing still my pages all auto redirect to some other website. My host says that my site looks and works ok for them.........

Now what do I do?

 

I hate to be the bearer of the bad news, but the only reliable option you have is to reinstall the OS on your machine. Some may find this too extreme, but the thing is that you can never trust a machine that got hacked into.

If you have any backups, make sure that you restore only data files. Better yet, restore the data from your off-site backup (if you have one).

J.D.

 

adaware and spybot are both good programs. however, i've come across situations that both programs cannot fix.

what i do is to run hijackthis and go through the report. i then manually fix the problems myself (you'd need some knowledge about how you os works though). what you can do is to post the hijackthis report in forums such as http://www.techsupportforum.com where some of the regulars can guide you through the steps. there's hope.

advice such as re-install the os should only be reserved as the last option.

 

Think about it this way - if some malware that the removal tool knows about got in, there may be some that it doesn't. All these tools do is look for certain signatures and it is quite possible that one or more of them may be left behind. Would you risk your data and your website reputation (some of these things automatically configure the web server to add footers to all served pages, which means that all visitors will be affected)?

Anyway, those who run blogs may decide to take this risk and just try to remove malware and see what happens. Any serious business should just flatten the OS and reinstall it from scratch.

Most commercial systems contain just copies of data anyway - it should not be a big deal to copy files from the original location once the OS is installed.

J.D.

 

ermm... i run real projects for banks... if i every suggest wiping out the disk array and reinstalling when a virus or some malware/adware hits, my head will be the first to roll. the more serious/critical/important the system is, the less the chances you want to take reinstalling the system.

 

I will say it again, your problems will continue if you use Windows/IE, get on MAC ASAP, that is the OS you need to reload.

 

Wow, so many divergent opinions on this and now my head is spinning!

This might not be browser hijacking afterall - I called it that as that is what someone told me it sounded like to them. Only MY website is affected. I can go to other sites in IE and get the right url to come up. It is only when I click on a link on my home/index page to go to one of my internal site pages that it goes to this ad webpage.

When I ran the MSN Beta spyware removal software it said that one threat was in my home page. I did have some Java Script for a Bookmark Us link. I removed that just in case; but still have the problem. Anyhow, I think the various (Spybot, Ad-Aware, MSN Beta and HiJackThis may have between them actually cleaned my machine of any and all spyware except for what ever is wrong with my home page. I viewed the source and can't see anything out of place. There is an external JavaScript page in the FM folder in my File Manager section; I didn't put it there and tried to delete it, but it wouldn't let me?!? I had this programmer who used to have (2 months ago) access to my FTP username and password; but I changed that password very soon after he no longer was working on my site. Could he have done something malicious that only now has kicked in?

PS: My site uses external style sheets and some inline CSS; but don't see where the external JS file comes into play. That's why I'm tried to delete it.
I'm trying to find out from my host what folders they put in there, I know what I put in there so anything else not needed for the functionality of my site needs to go.

Anyone?

 

Try disabling javascript and see if it makes a difference.

 

Someone in this thread mentioned blogs. I created my first blog about 10 days ago. It is part of this site. I signed up with some blog directories and some wanted a reciprocal link. A couple had code in their link to supposedly track hits. Could these links or code be the problem?

So 10 days ago I ad this blog and my pc really started to slow down and now this - coincidence?

 

I disabled JS and no change.

 

The more serious/critical/important system is, the less chances that you even will get any malware in the first place. Have you actually seen any malware on any of the bank machines? If not, ask your security officer if he would risk his position to leave machines patched up by some malware removal tool.

J.D.

 

What's your home page URL (you can PM me, if you'd like)?

Do I understand you correctly that your site is a virtual website and other sites on the same machine are not affected?

J.D.