Firefox getting hijacked

Hi,

I'm running Windows XP with McAfee and use Firefox 99% of the time.

The last couple of days my Firefox has been acting weird. On some sites I get redirected to a "The page cannot be found 404 error". The site I get redirected to is urlseek.vmn.net. When I go to the same original site from work there are no problems and I don't get redirected. I have Firefox there to.

It's obviously something on my home computer. When I go to the same pages using IE I also don't get redirected to the 404 page. I searched the net for help and found this site and thought I should ask for advice since I'm not very computersavvy. I have done the READ & RUN ME FIRST- Malware Removal Guide. The problems persist.

When I ran SuperAntiSpyware I got a McAfee pop up with the following message. /translated from Swedish/ "McAfee has automatically prevented a possibly unwanted program running on your computer:

Name: Generic PUP.c
Process:C:\Program\Superantispyware\Superantispyware
Name of process: SuperAntiSpyware

PATH :C:\Systemvolumeinformation\
-restore{A2AF58B2-83EB-46DB-8FC8-
B6CEAAE16AC0}\RP491\A0126453.DLL

Since SAS was running i figured it was ok and allowed McAfee to run the program.

Right after that I get another popup from McAfee with the exact same path but with the extension .EXE instead of .DLL at the end. This time I got a little bit worried and asked McAfee to remove it. I obvioulsy made a mistake on at least one of them.

I have no idea if those popups from McAfee has anything to do with my Hijacked Firefox but thought I should mention them anyway.

Hope someone can find some irregularities in the log files.

 

McAfee has a false-postive and lists SUPERAntiSpyware as a "PUP" - we are working with them to get this removed.

 

Thanks for your reply. I guess I wrongly blocked the .exe extension above then. How do I undo that in McAfee? At least the PUP hasn't anything to do with the Hijack then.

Hope someonce can find the cause in the logfiles.

 

I know one shouldn't bump own threads but I got approval from Lev since my original problems still remains and I hadn't got any help for the last 3 days.

So, my Firefox still get redirections to the site urlseek.vmn.net. I googled urlseek.vmn and got some hits. It seems like some malware or hijacker. There were some suggestions on how to remove it. I don't know how to remove though. I need help.

Could some one of you Malware Fighters please help me to remove this from my computer and also have a look in my log files for eventual other problems.

Thanks a lot.

 

WRONG!

You did not get approval to BUMP your thread from me. My exact words were :

Infact if you read my next post in the Welcome Center thread I clearly tell you NOT to bump and link you to the thread that tells you why.

To clarify again, bumping is not acceptable. Adding to your post when you are having additional issues is acceptable. You have only succeeded now in putting yourself to the end of the list again.

 

Thanks for assisting me TimW. Good to hear you didn't find any serious problems in my log files.

BUT

I'll give you a real life example of what my browserproblem (which is still alive and kicking) is.

From Work Computer:
1. I go to the site cardrunners.com using Firefox
2. I read and surf that site without any problems

From Home Computer
1. I go to the site cardrunners.com using Firefox
2. I can see the site for like 2 seconds then BAAAM... I get a forced redirect to the 404 error page (the urlseek.vmn page).

Clearly the cardrunnersite don't have broken links of any sort since I surf that site perfectly fine from work. When I do it from home I get the annoying hijacks. It happens on more sites than the one above. I just wanted to show you one example. I can not surf sites from home that I can surf perfectly fine from work. This suggests that there's something wrong with my home comp.

Now, I have googled "urlseek.vmn" and see that there are more people than just me with this problem. Could you please do it aswell. There are people there that have explained their problems better than me. Here's are 2 of the links where people discuss the urlseek.vmn problem

http://usersupport.multiply.com/notes/item/2134
http://firefox.group.stumbleupon.com/forum/83459/

PS. When using IE I don't get the forced redirects. Only with Firefox.

 

Thanks a LOT. Your last reply and the instructions managed to get rid of the forced redirects. Yes.

I'll now go ahead and do the other steps below to create a new clean restore point and close this case.

Thanks again TimW !!!