2011-07-04, 07:53 | Link #1 |
Princess or Plunderer?
Join Date: May 2009
Location: the Philippines
|
Suspicious Pop-ups in Browser
Hi, I think I might have stumbled upon something suspicious here.
My Mozilla Firefox v5.0 at times would have exactly 16 tabs open in a new window with the "Server not found" message after trying to access weird websites that starts with www. xn--*********.com or www. **unusual gibberish**.com or www. h.com. It would also open the folder containing My Documents. Since I have no idea on what to do and I don't want to create a forum account just to ask about this, I've decided to ask here, hoping that someone else has encountered a similar problem. Right now, I have downloaded HijackThis and MBAM, and is in the middle of a system scan using Avira AntiVir. And I have encountered the problem twice as of typing this post.
__________________
|
2011-07-04, 10:34 | Link #2 |
Yuri µ'serator
Join Date: Nov 2009
Location: FL, USA
Age: 36
|
You definitely have some kind of virus or trojan on your computer for this to be happen.
You'll probably either need to run a virus scan in windows safe mode, or an on-boot virus scan especially if it's a trojan. Additionally if you have system restore enabled, you should probably disable temporally when running the scan. To get any further help or advice, you have to find out what you're dealing with exactly.
__________________
|
2011-07-04, 20:33 | Link #4 |
blinded by blood
Author
|
Boot into safe mode with networking.
Go to housecall.trendmicro.com and run a scan. Run HijackThis. Run MBAM. Should clear everything up. Oh, and stop using Windows XP. With W7, UAC prevents most of this shit from happening. XP is insecure as hell especially since it grants your default user account administrator access and there isn't even a prompt or password request for making changes to system files.
__________________
|
2011-07-04, 20:37 | Link #5 |
Princess or Plunderer?
Join Date: May 2009
Location: the Philippines
|
I can't. Buying a license would set me back several thousand bucks here.
Windows 7 Starter: Php 1,900 - Php 2,100 Windows 7 Home Basic: Php 4,500 - 4,700 Windows 7 Home Premium: Php 5,700 - Php 5,900 Windows 7 Professional: Php 7,800 - Php 8,000 Windows 7 Ultimate: Php 10,500 - Php 11,000 EDIT: Performed a scan using HouseCall, HijackThis and MBAM on Safe Mode with Networking, and all came up with nothing.
__________________
Last edited by Marcus H.; 2011-07-04 at 21:26. |
2011-07-04, 23:04 | Link #8 |
AS Oji-kun
Join Date: Nov 2006
Age: 74
|
Sounds possibly like a Javascript issue to me. Create a new user in Windows and see if you get the same results. Try a different browser. Same results?
To follow up on syn's recommendation, burn this to a CD, put it in your drive and reboot. Choose the Try option. Your Windows installation will be left untouched.
__________________
|
2011-07-04, 23:53 | Link #9 | |
Senior Member
Author
Join Date: Oct 2007
Location: Philippines
Age: 47
|
As a user of XP, Ubuntu and now Win7, let's get back to topic, shall we?
Quote:
Otherwise if you need further help I suggest you can check out TipidPC (we speak our language, btw).
__________________
|
|
2011-07-05, 01:38 | Link #11 |
Senior Member
Join Date: Dec 2004
Location: Portugal
Age: 44
|
Strange that you can't find anything. Have tried uninstalling FF and then manual remove whatever profiles/folders are left (local and roaming, you gotta search? Maybe something hidden in there.
__________________
|
2011-07-05, 04:03 | Link #12 |
(。☉౪ ⊙。)
Author
Join Date: Jul 2004
Location: In Maya world, where all is 3D and everything crashes
Age: 36
|
First thing I would do when scanning is nick out the network cable, some viruses that cause problems online cannot be removed if you stay online while scanning.
Go into safe mode, scan with malwarebytes, which you probably did. Clear out temp files etc. with CCleaner.. there was another which I lost the link of that was also good Also scan with combofix: http://www.bleepingcomputer.com/comb...o-use-combofix |
2011-07-05, 04:53 | Link #13 | ||
Princess or Plunderer?
Join Date: May 2009
Location: the Philippines
|
I discover that there's so much margin of error for Combofix that I might make things worse by making mistakes.
Quote:
Quote:
EDIT: HijackThis hangs on Safe Mode (not on Safe Mode with Networking).
__________________
Last edited by Marcus H.; 2011-07-05 at 06:09. |
||
|
|