Problem sorted. I used AVG to check my disk for anything, came back negative. I then ran MalwareBytes which picked up 11 errors - deleted all the corrupted files but it didn't work. So I ran CCleaner which didn't help. I then got recommend AVG PC Tuner. I did a full scan and it's not working fine and I've recovered 4.5GB of disk space.
Have the same problem with the 2 PC's at work. Admin there is pretty much useless and doesn't bother to fix it.
Anyways, I've never really have that problem with my own PC. Believe it or not, I do use MS Security Essentials/Windows Defender.
Give "Spybot Search & Destroy" a go, works great... at least with my bro's PC. I do use it every now and then though if I notice something strange happening with my PC that Windows Defender doesn't catch.
i found these on the interwebs, i would advise reading all the quotes coz apparently doing it this why is somewhat tricky.
the second one sounds like what you've got, but like i say, i'd read them all
The following are only some of the malware removal forums that you might consider. During times like this, where there are very sneaky and resistant forms of malware circulating, you may have to wait a few days to get any assistance.
In some forums, if you get impatient and bump your thread (creating a response) you may be overlooked because the helpers will assume that someone else is helping you and move on to the next person.
Be sure you follow the forum directions for where to post and what kind of information to provide them with.
Alright, if the hosts fix didn't work, then this one is sure to do the trick! My redirect virus/malware ended up coming back after a few reboots. So my search for the solution went on and I found a magical little program called ComboFix. Go to this website and download it (ONLY download from bleepingcomputer.com -- it may be a virus if you find it anywhere else!): http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Follow the simple instructions on that website and you'll be in good shape in about 20 minutes. I had run AdAware, SpyBot, MalwareBytes, HijackThis, CWShredder, HouseCall, AVG, etc. and none of them could find/remove any of these files. Or if they did find them, they would pretend to delete them but then they'd come right back. This ComboFix program is a DOS-looking window that works like magic -- it looks for "rootkit" activity that apparently the others don't even consider. In about 20 minutes, it deleted a "MoneyBooster" malware toolbar that had snuck onto my machine, detected/repaired my corrupted atapi.sys file, and deleted a bunch of other mutated files in my Windows folder that were viruses. I am officially now virus-free after several reboots.
Here's all the stuff this program deleted according to my logfile:
Glad to hear that you are once again in the clear. While, cleaning the Hosts file is sometimes fully successful, often, as you discovered, there are other files on the system that either modify the Hosts file again, or function in other ways to continue causing problems.
However, I would like to caution others though, to carefully read the Introduction to the ComboFix documentation on the BleepingComputer site. www.bleepingcomputer.com/combofix/how-to-use-combofix You should not run ComboFix unless you are specifically asked to by a helper
ComboFix is a powerful tool used on many Malware Removal Forums, which is why we tend to direct users to such forums when the going gets tough. The volunteers there have the necessary training to guide others in the use of this tool, as well as others. In the hands of the untrained/inexperienced these tools can render your system useless. Of course, many of you consider your systems to be useless, at this point anyway, but they may still be salvageable in the hands of someone with the experience to work through the issues.
Even though I would discourage others from using ComboFix (unsupervised), your experience (and success) with it should be confirmation to others that there is merit in our trying to get people to try a malware removal forum for these more challenging infections.
Combofix is awesome.. however, there are a couple versions of the redirect virus that can't be fixed using that tool, and require direct manipulation of the registry. Those SUCK. Had to cleanse 3 of the computers here are work doing that last year. Funny though, since going to Win 7 here and at home, we haven't had to deal with it.