redir.exploit

Discussion in 'malware problems & news' started by Jiggs, Oct 3, 2005.

Thread Status:
Not open for further replies.
  1. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    Good day.

    I have picked up a pop up that says norton has picked up the redir.exploit virus and it has been deleted.

    I have read all the posts on this one but mine seems different.

    1. the new spyware and microsoft patches dont work. 2. my hard drive is now full. it seems it is putting files in the norton quarantine folder. this i cannot delete. the virus scans i do just run through this folder which takes hours. the new beta software from microsoft scans these millions of files but does not report anything wrong

    Help?
     
  2. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    Thank you for the quick reply Ron.

    I have searched this forum, but did register because I cannot find help with the existing threads, and the closest I have come is the post on redir.exploit by ham-ham. The window looks the same etc. but I cannot delete norton now and my pc is seriously slow as my HD is full (40gig) I have very few programs so this virus is taking up more than 30 gig of space.

    the files are .tmp files scattered all over especially in the norton quarantine folder. BUT nothing reads them it is as if they are not there but they do take up space.

    Which is why the plea for help. I cannot ebven copy them, paste them or delete themo_Oo_O o_O
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
  4. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    Thanks Ron

    I am a novise and do not know yet how to do a hijack. I supose I was hoping someone would have a quick download to cure as this seems old and someone must have cured it by now.

    When I try to delete the quarantine folder it says sending to the recycle bin but just keeps on running and nothing goes there. MAN frustrating I tell you :doubt:
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
  6. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    will do
     
  7. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    I went to safe mode - also could not delete it from there. Any other tipso_O
     
  8. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    You can try an online scan with Ewido. http://www.ewido.net/en/

    Did you check out the links above found by Google. There may be a tip there.
     
  9. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    I did try searching, the only promising place I could find from google, mamma and msn was here! Which is why I am. I will try the ewido and get back to you. sorry for being a pest....

    The sites that promise downloads that work dont even pick it up. xbot, scanforfree, microsoft etc. symantec lists it but says its fine as long as it is picked up... but it has filled my drive thus I am thinking it is worse than they say. it fills up norton (I am running norton and it is updated) but this still seems to outfox it
     
    Last edited: Oct 3, 2005
  10. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    I am runnind ewido as I type this. lets hold thumbs.
     
  11. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    it says ewido download was corrupted. and it could be due to a virus...
    wow, seems as if i will never find a program to pick this up
     
  12. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    Quote from Symantec:

    Also on the Symantec site is a link to patch your system. http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx

    It wouldn't hurt to post a log, following instructions, here.

    If you are not using sp2 for XP, you should install it.
     
  13. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    I read that from symantec. This thing does not do anything it just keeps my harddrive full. I can download and the harddrive does not get full, I always have about 1mb of space left. it keeps the pc slow etc. As soon as any virus protection I run hits the quatantine folder under noton it freezes and will never go through thus I cannot "fix" this issue.

    Symantic say that but this lies under norton... go figure. It also moves around in the temp and program files with a .tmp file ending. for eg AP105.tmp
     
  14. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    Best recommendation I can give you at this point is to post a hijack log at the link I provided to find out what you are dealing with. It's all guesswork at this point. :(
     
  15. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    Sorry - I am running sp2 had it before this " attack"
     
  16. Jiggs

    Jiggs Registered Member

    Joined:
    Oct 3, 2005
    Posts:
    12
    Well back online at least. Had to format my whole pc - lost plenty programs as such. Canned Norton, had to go and buy E-scan. at least it picks it up. even after the format. So much for the quote from symantec. I could hardly work as my own pc kept stopping and telling me there was no space on the HD.

    I do hope nobody else picks it up....

    It comes in through a firewall - an updated one as such....
     
Thread Status:
Not open for further replies.