Expert: Carolyn Meinel - 8/18/2011

Question
my os is windows xp sp2

current i am using symantec endpoint protection.

when i tried to open a web link of a web site, for first few seconds it actually shows the website, then few seconds later it redirects to 'we love films' bearing website, sometime it redirects to 'meta search'

i used several spyware softwares. every software deletes some spyware files.

however, the problem still exist.

can you provide me the solution.

Answer
Try this first. Install the Chrome browser, free from www.google.com/chrome. If it is able to go to the correct websites, then it is your Internet Explorer browser that is infected. Now if you wish, you could simply use the Chrome browser from now on instead of Internet Explorer. I don't use Internet Explorer myself because it is so vulnerable to these sorts of problems.

If the Chrome browser has the same problem, then you can try this:

Click Start --> My Computer, click on the C drive, then i386, then HOSTS. Your computer will ask you what program it should use to open HOSTS. Choose Notepad. If this file is OK, you should see this:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com          # x client host

127.0.0.1       localhost

If there is anything else in this file, delete it and save it.

If this doesn't solve the problem, try this:

1) Download either Kapersky Internet Security, which offers a free 30 day trial at http://kapersky.com, or F-Secure's Complete Internet security suite, which offers a free thirty day trial: https://store.f-secure.com/cgi-bin/dlreg/ml=EN?ID=FSISTB&desid=TRIAL

2) Disconnect from the Internet.

3) Uninstall your current antivirus. This is absolutely essential because otherwise it and F-Secure or Kapersky will fight each other and might crash your computer. It isn't good enough to just turn off your old antivirus because it probably has been crippled by your virus infection.

4) Install one of these Internet Security products. Scan your system and follow any instructions it might give you.

5) Connect to the Internet and download any updates available.

6) Run another complete scan of your computer. Follow any instructions it might give you.

7) Reboot.

If this works, you can either keep your new Internet Security product or uninstall it and reinstall your old antivirus from either a download of the latest version from their website (if that's how they sell it) or from the disk it was on when you bought it. Be sure to get all the latest updates right away. Usually antivirus companies are pretty good about updating their programs whenever some new attack becomes able to evade or cripple their product.

If you weren't running an antivirus program that includes antispyware protection and a firewall, then I recommend that you not reinstall your old program. Nowadays we need total protection, and this includes antispyware and a firewall.