SpywareInfo Forum: Google redirect with Firefox - SpywareInfo Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Google redirect with Firefox

#1 User is offline   leroj Icon

  • Member
  • Pip
  • Group: New Member
  • Posts: 1
  • Joined: 11-July 09

Posted 11 July 2009 - 10:11 PM

I'm having an issue with Firefox redirecting my google search results to malicious sites. I use the latest patches of WinXPSP3. It appears to have started when a rogue PDF crashed- I tried to control-alt-delete it but the damage was done.

Spybot and Ad-aware don't find anything.

BitDefender's online scan found:

C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll

Infected with: Trojan.Patched.EM

C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll

Disinfection failed

C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll

Deleted

C:\WINDOWS\SYSTEM32\DLLCACHE\ws2_32.dll

Infected with: Trojan.Patched.EM

C:\WINDOWS\SYSTEM32\DLLCACHE\ws2_32.dll

Disinfection failed

C:\WINDOWS\SYSTEM32\DLLCACHE\ws2_32.dll

Deleted

C:\WINDOWS\SYSTEM32\ws2_32.dll

Infected with: Trojan.Patched.EM

C:\WINDOWS\SYSTEM32\ws2_32.dll

Disinfection failed

C:\WINDOWS\SYSTEM32\ws2_32.dll

Delete failed

I'm a bit concerned that it's deleting this file which I presumably need rather than replacing it with a clean copy. My problem appears very similar to this one: http://www.spywarein...?...24353&st=30
Can anyone advise me on the steps to take to remove this from my computer and get a good copy of ws2_32.dll?

Hi,

Help us help you.

Please read this article and follow the protocol.
http://spywareinfofo...showtopic=23382
Then submit a fresh HijackThis log. One of our helpers will take care of you. It's the only way we can give you sound advice.

This post has been edited by nasdaq: 12 July 2009 - 08:38 AM
Reason for edit:: HijackThis log requested.

#2 User is offline   miekiemoes Icon

  • Malware Expert
  • PipPipPipPipPip
  • Group: Global Moderator
  • Posts: 19,757
  • Joined: 08-October 04

Posted 13 July 2009 - 09:56 AM

Hi,

* Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingc...to-use-combofix

Post the log from ComboFix in your next reply.

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix..This because Security Software may see some components ComboFix uses (prep.com for example) as suspicious and blocks the tool, or even deletes it. Please visit HERE if you don't know how.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.
My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#3 User is offline   TheJoker Icon

  • Forum Deity
  • PipPipPipPipPip
  • Group: Global Moderator
  • Posts: 11,019
  • Joined: 21-February 05

Posted 06 November 2009 - 06:21 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Free Tools for Fighting Malware
Anti-Virus: Avira AntiVir PersonalEdition Classic / AVG Anti-Virus Free / Free avast! 4 Home Edition
OnLine Anti-Virus: BitDefender / ESET / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: Spybot S & D / MVPS HOSTS File / SpywareBlaster / HijackThis
Firewall: Sunbelt Personal Firewall / ZoneAlarm firewall / Agnitum Outpost Free
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009 and ASAP Member since 2005
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users


Support the forum!