Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google/Yahoo/Bing etc Redirect in Firefox and IE


  • Please log in to reply
1 reply to this topic

#1 kwilkerson

kwilkerson

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Houston
  • Local time:09:30 AM

Posted 08 August 2010 - 11:02 PM

I am like many others on here having problems with redirecting. I actually had this problem a few months ago and resolved the problem with deleting some application(?) folders. I am not sure what or where they were. I really wish I would have bookmarked that page with the directions. At any rate, I am getting redirects with not only Firefox but with IE as well which didn't happen last time. The other difference is that I am not getting redirected directly after going to the google/yahoo/bing etc. page but after I've searched and clicked on a link it will redirect me. I've done a full scan with McAfee and Malwarebytes. Here is my log from Malwarebytes:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4009

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

8/7/2010 4:32:04 PM
mbam-log-2010-08-07 (16-32-04).txt

Scan type: Full scan (C:\|)
Objects scanned: 337161
Time elapsed: 2 hour(s), 58 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

I've even tried resetting my DNS servers but that did not work. I've downloaded the HostsXpert as told in another thread. Didn't work. Most importantly I've downloaded the TDS killer and no threats were found.

I believe whatever this is tried to kill my drivers as well. I kept getting BSODs with multiple error codes going back to faulty applications and would not even let me get through a log on screen before a BSOD would shut my computer down. Wouldn't start up in Safe Mode either. Finally through elimination figured out it was my wireless driver/application. Turned it off and reinstalled the driver and program and thankfully, haven't had a problem since (yet).

Any help would be MUCH appreciated!

BC AdBot (Login to Remove)

 


#2 kwilkerson

kwilkerson
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Houston
  • Local time:09:30 AM

Posted 09 August 2010 - 03:33 AM

Few new things....

IE works, Firefox does not.

I just scanned my computer again and found a registry file infected:
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

8/9/2010 3:17:41 AM
mbam-log-2010-08-09 (03-17-41).txt

Scan type: Quick scan
Objects scanned: 114465
Time elapsed: 36 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xpwsemei (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I don't know if this will fix it as I am scared to restart my computer as it takes about 20 times of getting through BSODs with fatal error codes to get my computer to somewhat work again.

Whatever this new malware is, it is BAD




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users