Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google chrome links redirect


  • Please log in to reply
1 reply to this topic

#1 mrftbn

mrftbn

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 31 October 2010 - 03:36 PM

Hello.

In the last 2 or 3 days, my laptop seems to have picked up a string of malware. I'll spare you the minor problems that AVG and Spybot removed instantly. The big issue I'm having is similar to this guys' post http://www.bleepingcomputer.com/forums/topic357256.html.

I searched on google for a solution, and someone suggested Combofix. I was about to run it on my computer (I'm desperate and short on time at this point), but decided to ask here first.

My computer:
-an EeePC 1000HE
-Windows XP Home Edition SP3

The symptoms:
-when I click on a link in Google's search results, it redirects me to an unrelated page or spam site with auto generated content
-after running Spybot and AVG (which both removed a few files) Google Chrome browser simply stopped working; now every page it tries to load is 404

While I'm waiting for a reply I'll probably continue trying to fix the problem myself. There are a lot of malware programs I have yet to run.

Thanks in advance for any reply.
Happy Halloween! :thumbsup:

BC AdBot (Login to Remove)

 


#2 mrftbn

mrftbn
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 31 October 2010 - 04:16 PM

some updates:

In preparation for running any rootkit removal software, I'm backing up my system to an external hard drive and uninstalling Daemon Tools (CD emulation software.)

Taking a peek at the 'Startup' tab in msconfig there are a few suspicious-looking (to my eyes) entries:
**** = my profile name

10684684 C:\Documents and Settings\All Users\Application Data\10684684\10684684.exe
dwm C:\DOCUME~\****\LOCAL~1\Temp\dwm.exe
(dwm.exe if for Aero in Windows 7 and Vista, right? I'm running XP. Also, AVG listed dwm.exe as suspicious on my system.)
_ex-08 C:\WINDOWS\Temp\_ex-08.exe

I am running malwarebytes anti-malware on the computer right now...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users