Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirect - help appreciated


  • Please log in to reply
No replies to this topic

#1 ZenZen

ZenZen

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:48 AM

Posted 27 February 2011 - 09:44 AM

Hello everyone, well this is my first post on bleepingcomputer.com, but not my first time using the website for help and guidance. Only this time I have tried things I have read in other posts, but thus far my problem persists. I am not too savvy with computers in the technical terms, but have an understanding of the different programs mentioned in other threads and how to use them and also findings.

I am having an issue with browser redirect, this seemed to only happen with Google and intermittently, but has happened while on other websites too, so possibly a re-direct virus? I have NOD32 running and each time it attepmts to redirect,web address appears along the grey bar to teh bottom, NOD32 states connection terminated and quarantines the threat, so I am not actually going to the websites, as it is quaratining what it finds. It has detected the following threats on numerous occassions all linked to different websites js/exploit.pdfka.oql.trojan and also java/trojandownloader.openstream.ndftrojan

I have also taken a few screen dumps of the messages, these I have saved if there is any way of uploading?

Thre is also a message pops up asking:

"Do you want to allow this website to open a program on your computer"
From: FA12.co.cc
Program: Microsoft Help and Support Center
Address: hcp://services/search?query=anything&topic=hcp://system/sysinfo/sysinfomain.htm%A%%A%%A .... (and lots of other symbols & letters)


I have read that Java can get infected causing this to happen and I had the latest version of Jave installed, but only after this all happened did I notice a previous version also still there. I downloaded the latest Java version jre-6u24-windows-i586 to my desktop, removed all Java from my computer by un-installing and re-installed the new, thinking it had worked, but still getting the pop ups by NOD32 with the threats detected. These dont happen every minute or few minutes, they just pop up if I am browsing and at any time. When it does happen the little Java cup icon appears in the startup tray. Any ideas on this or help you can offer?

I have also ran MBAM and Spybot Search & Destroy in both normal and safe mode. MBAM found nothing and Spybot had a couple of tracking cookies found. I have also ran tdsskiller (nothing found) and superantispyware SAS (some tracking cookies found as well) - all of these after the lstest updates installed.

Why is this still happening and why is nothing being detected, apart from NOD32 picking the redirects up? Would a re-install of IE8 possibly help?

Any help and assistance would be gretaly appreciated. Also should I be very worried about this?

I can still use the computer and am on it typing this, but any any time, my browser could redirected.

I am also using IE8 with Spoofstick installed and Windows XP Home edition.

Any help would be greatly appreciated.

Thanks,
ZenZen

Edited by ZenZen, 27 February 2011 - 04:01 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users