Firefox redirected against my will to adware

Discussion in 'Malware Help (A Specialist Will Reply)' started by HardCorps, Dec 14, 2009.

  1. HardCorps

    HardCorps Private E-2

    Twice in the last week, I have been surfing using Firefox 3.5.5, when out of the blue all but one of the open tabs close, a pop-up warns that my computer is infected and I must download/scan using such-and-such program (most recently, iGuard AntiSpyware or something like that) and the open tab redirects to a page that's meant to look like a scan of my hard drive is underway, finding trojans and other bad stuff on my drives. The pop-ups and scan tabs are hard to make go away -- they don't typically just close when I click on the top-right Xs, they usually result in more pop-ups/redirects.

    I have gone through the READ & RUN ME FIRST Malware Removal Guide and Windows XP Cleaning Procedures. I do not know if I still have problems, as I can only tell when the undesired redirects occur...But my SAS, Malwarebytes Anti-Malware, and RootRepeal scans didn't seem to turn up anything and I don't know what the MGTools found...ComboFix is currently unavailable...I took a look at the similar threads and didn't quite find my problem...I have attached the requested logs.

    I also want to note that Chaslang's post in the Read & Run Me First/Malware Removal Guide or Windows XP Cleaning Procedures, or one of the pages linked therein, states not to use msconfig to control startups (and that CCleaner's StartUp Tool simply uses msconfig, so not to use it), but that Major Attitude's "Basic computer maintenance..." page does suggest using CCleaner's StartUp Tool... Which should I go by?

    Thank you for your time and attention!
     

    Attached Files:

    HardCorps, Dec 14, 2009
    #1
  2. HardCorps

    HardCorps Private E-2

    AntiVir was the first such pop-up/redirect. iGuard was second.
     
    HardCorps, Dec 14, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Actually it is referring to only using CCleaner to permanently delete them
    However to be very clear, only go by what the READ & RUN ME FIRST is telling you on how to deal with startups.


    Let's try the beta version of ComboFix which is named KittyFix.exe

    Download ComboFix from http://download.bleepingcomputer.com/sUBs/Beta/KittyFix.exe and save it to your Desktop.

    Note: This is a beta version of combofix and might be unstable but tests done so far have proved it works well

    Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer.
    • Now Exit/Close/Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Close any open browsers and any other programs you might have running.
    • Double click on kittyfix.exe & follow the prompts.
      • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this
    • When finished, it will produce a report for you. Please attach the "C:\ComboFix.txt" to your next message.
    Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze.
     
    chaslang, Dec 17, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds