Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Weird broswer redirects (Hijack this = DfrgmapNetM\WdCommonSupport.dll?)


  • This topic is locked This topic is locked
2 replies to this topic

#1 kev123

kev123

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 20 January 2011 - 11:25 PM

Recently, I was involuntarily infected by a scam antivirus removal program, AntiVirus System 2011 (This was last Tuesday, the 18th). You know, one of those that actually fills your computer with spyware and malware and tries to get you to purchase their product. Anyway, I removed most traces of it using combofix and malwarebytes (I did a full scan). However, despite these actions, I noticed my web browser occasionally redirects whatever web page I am looking at to advertisements like "BudgetMatch." This leads me to believe my computer is still infected with remnants of that scam antiviral removal program. I ran hijackthis on my computer, and while the log looked normal I found this on it:

O4 - HKCU\..\Run: [WdCommonSupport] "rundll32.exe" "C:\Users\[my user name]\AppData\Local\DfrgmapNetM\WdCommonSupport.dll",AsyncNetCtrl CRLNetserv

I don't know what the hell this is. Utilizing Google searches, I can't find any info on what "DfrgmapNetM" or "WdCommonSupport.dll" is. I believe this may be the source of my browser redirect problems given that this file was CREATED on the SAME day (and at about the same time) my computer was infected with the scam antiviral software. What are you're guy's take on this? Have you ever seen this before or have an idea as to what it is?

Edited by kev123, 20 January 2011 - 11:29 PM.


BC AdBot (Login to Remove)

 


#2 kev123

kev123
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:07 PM

Posted 23 January 2011 - 02:52 AM

Yup; utilized Hitman pro and found that this DfrgmapNetM\WdCommonSupport.dll was the problem. My computer has since been without problems. Letting people know if others have a similar issue!

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 AM

Posted 23 January 2011 - 04:22 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users