Firefox opening ads randomly

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by raz1337, Jul 15, 2012.

  1. raz1337

    raz1337 Private E-2

    A few days ago I began having issues with Firefox running slowly, opening random tabs to websites with ads and redirecting links I clicked to spam search engines.

    So, I've ran both sets of steps, the general and Windows 7.

    I'm on Windows 7 Home Premium. Here are my logs.
     

    Attached Files:

  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please download ComboFix to your desktop and run it. Do not do anything while it runs. Attach the log when it is finished.
     
  3. raz1337

    raz1337 Private E-2

    Is the ComboFix.log meant to be in the root directory of the C: drive? I'm not seeing any logs there or on the desktop. I see a folder called "32788R22FWJFW" that just brings me to the list of all drives and a folder called Qoobox that was just created.
     
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    The log should be at C:\Combofix.txt.
     
  5. raz1337

    raz1337 Private E-2

    There is no log there. The program runs, and the progress bar reaches the end, then the program closes and disappears with no logs.
     
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).Make sure that you watch for the license agreement for TrendMicro HijackThis and click on the Accept button TWICE to accept ( yes twice ).

    Then attach the below logs:
    * C:\MGlogs.zip
     
  7. raz1337

    raz1337 Private E-2

    I'm trying to do that. I was browsing the internet, and had a several tabs open, then went to go to this forum post, and while I was going through the links, another tab opened that I wasn't paying attention to and installed something resembling Security Shield. Now whenever I try go going to the desktop or opening anything, this "Security Shield" says the file I try to use is infected with a random virus or malware.

    I'm not trusting those popups, but that made it difficult. I had to hard reboot the laptop. It wouldn't let me do almost anything. I rebooted into Safe Mode and ran MBAM once more, it found a Trojan Dropped and removed it. I've rebooted now and it's letting me finally run the MGTools again. Here are the logs for that.

    I'm just really wanted to avoid a reformat.
     

    Attached Files:

    Last edited: Jul 17, 2012
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please do the below so that we can boot to System Recovery Options to run a scan. There will be two options to choose from. One if you do not have your Windows 7 boot DVD and another when you have your DVD.

    For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Option1: Enter System Recovery Options from the Advanced Boot Options:

    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    Option2: Enter System Recovery Options by using Windows installation disc:

    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    On the System Recovery Options menu you will get the following options:
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please attach this file to your next reply. (See: How to attach)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds