poiskin.ru and javascript maliciously take over my google links

Discussion in 'Malware Help (A Specialist Will Reply)' started by mikarno, Apr 18, 2009.

  1. mikarno

    mikarno Private E-2

    Hi Major Geeks,

    Whenever I hit on a link in Google I get redirected to ad sites. When I hover over the link I get the real link name, but if I click over it I'm redirected to a site at poiskin.ru that then redirects to an ad site. It happens 60% of the time. I thought after I went through your removal instructions yesterday it was solved, but then it was here today (I did turn off the system restore, too). It's just hard to tell if its gone because I might surf a few minutes with no problems and then bingo.

    Miah
     

    Attached Files:

    mikarno, Apr 18, 2009
    #1
  2. mikarno

    mikarno Private E-2

    I also just ran GoooredLog.txt

    I will attach that log here.
     

    Attached Files:

    mikarno, Apr 18, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Please delete the below file.

    C:\Program Files\Mozilla Firefox\extensions\{2EBDAE82-3616-4B6B-921A-4C824AE29648}\chrome\content\overlay.xul


    How are things working now?
     
    chaslang, Apr 21, 2009
    #3
  4. mikarno

    mikarno Private E-2

    Re: poiskin.ru post...merged into general daily malware attack that

    Since this post in April my computer has been infected with Malware. Everytime I boot up, I get new Malware. I have Malware Bytes, Spybot Search and Destroy, SUperAnti Spyware, and I run them all, and they all find Trojans, and delete them.

    At one point I was kicked off line. I had to reset winsock.

    The ad thing no longer happens. Just new trojans. I did follow the step of disabling the Restore Point. I have run all the programs in both normal mode and safe mode. ComboFix never worked on my computer.

    I deleted Firefox entirely and all related files as chaslang suggested.

    I am hoping somebody would agree to look at a hijack this file, or take on this case? I am at wits end at this point. Half of me just wants to reload Windows, but the other half is so mad I want to know what's causing all this.

    It looks like all my log files from before are gone. I will reload them in a few minutes, but will tell you they change daily as I delete files daily.
     
    mikarno, May 6, 2009
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You should have continued on with this thread through to completion last time!!!!! It is a very bad idea not to finish threads. Did you ever do what I asked in message # 3?

    We cannot help you by looking at a HijackThis log. It is very inadequte. You need to start the READ & RUN ME process over again. And attach new logs. It has been too long to go based on previous logs. Even in a weeks time, significat changes can occur and it has been 3 weeks since your last post. Try running ComboFix in safe boot mode and also be sure to shut down BitDefender. Make sure that you use current versions of the tools to avoid any delays. Your SUPERAntiSpyware program was way out of date even the last time. You MUST UNINSTALL it. Then download and use the current version given in our instructions.
     
    Last edited: May 10, 2009
    chaslang, May 10, 2009
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds