Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another Google Redirect/Pop-up Tab Virus


  • This topic is locked This topic is locked
2 replies to this topic

#1 gratefuled

gratefuled

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 01 December 2009 - 05:28 PM

Hi Folks,

I recently was stricken with a problem on my computer where:
*clicking on links in google results directs me to unrelated websites (copying and pasting works however, and the search results are at least accurate)
*pop-up tabs appear in FF and Chrome without warning
*pop-up windows with 5 tabs appear without warning

I've run just about every virus/malware/spyware scanner under the sun since then. Things seem to be operating alright otherwise, but it feels weird knowing my computer is infected, and well, I'm usually afraid to ask for help in computer matters, but this has me stumped. Help me please?

Humbly,
A Bleeping Computer longtime listener, first time poster.
:(

DDS (Ver_09-12-01.01) - NTFSx86
Run by Owner at 14:08:13.21 on Tue 12/01/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.247.18 [GMT -8:00]


============== Running Processes ===============


============== Pseudo HJT Report ===============

mWindow Title = Microsoft Internet Explorer presented by Comcast
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto
Notify: igfxcui - igfxsrvc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\vczbbq5a.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - falsec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R? US122;US122 Driver
R? US122DL;US122 Firmware Downloader
R? Us122WdmService;US122 Wdm Audio
S? NdisWDM;Dynex Wireless G USB Network Adapter Service

=============== Created Last 30 ================

2009-12-01 16:49:04 0 d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-12-01 16:19:37 578560 -c--a-w- c:\windows\system32\dllcache\user32.dll
2009-12-01 16:12:58 0 d-----w- c:\windows\ERUNT
2009-12-01 16:11:40 0 d-----w- C:\SDFix
2009-12-01 16:03:39 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-12-01 16:03:39 215920 ----a-w- c:\windows\system32\muweb.dll
2009-12-01 16:03:39 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2009-12-01 02:08:27 0 d-----w- c:\documents and settings\owner\DoctorWeb
2009-11-30 18:58:58 0 d-----w- c:\program files\SUPERAntiSpyware
2009-11-30 18:58:03 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-30 18:25:39 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-30 17:12:09 0 d-----w- C:\Drivers
2009-11-30 17:07:36 0 d-----w- C:\swsetup
2009-11-30 06:51:26 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-11-30 06:31:16 0 d-----w- c:\program files\CONEXANT
2009-11-30 06:21:10 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-11-30 02:09:18 23552 -c--a-w- c:\windows\system32\dllcache\wdmaud.drv
2009-11-30 02:09:18 23552 ----a-w- c:\windows\system32\wdmaud.drv
2009-11-30 01:24:10 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-29 21:31:14 0 d--h--w- c:\windows\PIF
2009-11-29 19:44:28 0 d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2009-11-29 07:30:08 0 d-----w- c:\docume~1\alluse~1\applic~1\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2009-11-29 07:27:45 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2009-11-29 07:27:19 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2009-11-29 07:21:23 0 d-----w- c:\docume~1\owner\applic~1\GetRightToGo
2009-11-29 04:41:08 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-29 04:21:37 0 d-----w- c:\program files\Trend Micro
2009-11-29 03:25:38 0 d-----w- c:\windows\system32\wbem\Repository
2009-11-29 03:19:08 0 d-----w- c:\documents and settings\owner\Temporary Internet Files
2009-11-29 03:19:08 0 d-----w- c:\documents and settings\owner\History
2009-11-13 02:05:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-13 02:05:11 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-13 02:05:11 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-13 01:22:23 0 d-----w- c:\program files\Sophos

==================== Find3M ====================

2009-11-29 12:20:50 96512 ------w- c:\windows\system32\drivers\atapi.sys
2009-11-14 09:47:57 260608 ----a-w- c:\windows\PEV.exe
2009-10-25 14:11:34 77312 ----a-w- c:\windows\MBR.exe
2009-09-25 05:37:11 667136 ------w- c:\windows\system32\wininet.dll
2009-09-25 05:37:09 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-15 22:27:03 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-19 08:31:00 336 ----a-w- c:\program files\setup.ini
2002-03-11 09:06:30 1822520 ----a-w- c:\program files\instmsiw.exe
2002-03-11 08:45:04 1708856 ----a-w- c:\program files\instmsia.exe
2009-07-13 15:04:27 32 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-13 15:04:27 32 --sha-w- c:\windows\system32\drivers\fidbox2.dat

============= FINISH: 14:10:26.95 ===============

Attached Files


Edited by gratefuled, 01 December 2009 - 05:31 PM.


BC AdBot (Login to Remove)

 


#2 gratefuled

gratefuled
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 05 December 2009 - 10:41 PM

FIXED YALL. Topic closed.

#3 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:05:46 PM

Posted 06 December 2009 - 11:01 AM

Closed per OP's request - MG
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users