Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Help! IE and Firefox opens up tabs on their own.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Re: Help! IE and Firefox opens up tabs on their own.

Unread postby climbCO » December 20th, 2009, 10:41 pm

Here are the results of the Jotti's scan:

[ArcaVir]
2009-12-19 Found nothing
[G DATA]
2009-12-20 Found nothing
[A-Squared]
2009-12-20 Found nothing
[Ikarus]
2009-12-20 Found nothing
[Avast! antivirus]
2009-12-20 Found nothing
[Kaspersky Anti-Virus]
2009-12-20 Found nothing
[Grisoft AVG Anti-Virus]
2009-12-20 Found nothing
[ESET NOD32]
2009-12-19 Found nothing
[Avira AntiVir]
2009-12-18 Found nothing
[Norman Virus Control]
2009-12-20 Found nothing
[Softwin BitDefender]
2009-12-20 Found nothing
[Panda Antivirus]
2009-12-18 Found nothing
[ClamAV]
2009-12-20 Found nothing
[Quick Heal]
2009-12-18 Found nothing
[CPsecure]
2009-12-20 Found nothing
[Sophos]
2009-12-20 Found nothing
[Dr.Web]
2009-12-20 Found nothing
[VirusBlokAda VBA32]
2009-12-19 Found nothing
[Frisk F-Prot Antivirus]
2009-12-19 Found nothing
[VirusBuster]
2009-12-19 Found nothing
[F-Secure Anti-Virus]
2009-12-20 Found nothing




Here are the results from the Virustotal scan - the one object found is in bold:

File atapi.sys received on 2009.12.20 21:32:20 (UTC)
Current status: finished
Result: 1/41 (2.44%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
a-squared 4.5.0.43 2009.12.20 -
AhnLab-V3 5.0.0.2 2009.12.19 -
AntiVir 7.9.1.114 2009.12.20 -
Antiy-AVL 2.0.3.7 2009.12.18 -
Authentium 5.2.0.5 2009.12.02 -
Avast 4.8.1351.0 2009.12.20 -
AVG 8.5.0.427 2009.12.20 -
BitDefender 7.2 2009.12.20 -
CAT-QuickHeal 10.00 2009.12.19 -
ClamAV 0.94.1 2009.12.20 -
Comodo 3311 2009.12.20 -
DrWeb 5.0.0.12182 2009.12.20 -
eSafe 7.0.17.0 2009.12.20 Win32.Rootkit
eTrust-Vet 35.1.7185 2009.12.19 -
F-Prot 4.5.1.85 2009.12.20 -
F-Secure 9.0.15370.0 2009.12.20 -
Fortinet 4.0.14.0 2009.12.20 -
GData 19 2009.12.20 -
Ikarus T3.1.1.79.0 2009.12.20 -
Jiangmin 13.0.900 2009.12.20 -
K7AntiVirus 7.10.923 2009.12.17 -
Kaspersky 7.0.0.125 2009.12.20 -
McAfee 5838 2009.12.20 -
McAfee+Artemis 5838 2009.12.20 -
McAfee-GW-Edition 6.8.5 2009.12.20 -
Microsoft 1.5302 2009.12.20 -
NOD32 4704 2009.12.20 -
Norman 6.04.03 2009.12.20 -
nProtect 2009.1.8.0 2009.12.18 -
Panda 10.0.2.2 2009.12.15 -
PCTools 7.0.3.5 2009.12.20 -
Prevx 3.0 2009.12.20 -
Rising 22.26.06.04 2009.12.20 -
Sophos 4.49.0 2009.12.20 -
Sunbelt 3.2.1858.2 2009.12.20 -
Symantec 1.4.4.12 2009.12.20 -
TheHacker 6.5.0.3.100 2009.12.20 -
TrendMicro 9.100.0.1001 2009.12.20 -
VBA32 3.12.12.0 2009.12.19 -
ViRobot 2009.12.18.2097 2009.12.18 -
VirusBuster 5.0.21.0 2009.12.20 -
Additional information
File size: 96512 bytes
MD5 : 9f3a2f5aa6875c72bf062c712cfa2674
SHA1 : a719156e8ad67456556a02c34e762944234e7a44
SHA256: b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x159F7
timedatestamp.....: 0x4802539D (Sun Apr 13 20:40:29 2008)
machinetype.......: 0x14C (Intel I386)

( 9 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x380 0x97BA 0x9800 6.45 0d7d81391f33c6450a81be1e3ac8c7b7
NONPAGE 0x9B80 0x18E8 0x1900 6.48 c74a833abd81cc5d037de168e055ad29
.rdata 0xB480 0xA64 0xA80 4.31 8523651899e28819a14bf9415af25708
.data 0xBF00 0xD94 0xE00 0.45 3575b51634ae7a56f55f1ee0a6213834
PAGESCAN 0xCD00 0x157F 0x1580 6.20 dc4c309c4db9576daa752fdd125fccf9
PAGE 0xE280 0x61DA 0x6200 6.46 40b83d4d552384e58a03517a98eb4863
INIT 0x14480 0x22BE 0x2300 6.47 906462abc478368424ea462d5868d2e3
.rsrc 0x16780 0x3E0 0x400 3.36 8fd2d82e745b289c28bc056d3a0d62ab
.reloc 0x16B80 0xD20 0xD80 6.39 ce2b0898cc0e40b618e5df9099f6be45

( 0 imports )


( 0 exports )
TrID : File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ThreatExpert: http://www.threatexpert.com/report.aspx ... 712cfa2674
ssdeep: 1536:MwXpkfV74F1D7yNEZIHRRJMohmus27G1j/XBoDQi7oaRMJfYHFktprll1KbDD0uu:MQ+N74vkEZIxMohjsimBoDTRMBwFktZu
PEiD : -
packers (Kaspersky): PE_Patch
RDS : NSRL Reference Data Set
-

This site and others that are similar keep coming up as well:

http://deactivated.
Thanks!
climbCO
Active Member
 
Posts: 10
Joined: December 6th, 2009, 8:49 pm
Top
Advertisement
Register to Remove

Re: Help! IE and Firefox opens up tabs on their own.

Unread postby Cypher » December 21st, 2009, 4:22 pm

Hi climbCO.
Please do not post anymore links.
If they were malicious someone may get infected by clicking on them.


Back Up registry with ERUNT

  • Please use the following link and scroll down to ERUNT and download it on to your desktop. HERE
  • Click on the erunt-setup.exe
  • Follow the prompts to install ERUNT
  • Choose language
  • A set up window will pop up. It will ask: Create ERUNT entry in to the Start up folder, answer NO

    Image
  • Backup your registry to the default location

Note: To restore your registry (if needed), go to the folder and start ERDNT.exe

Next

Download and Run ComboFix

  • Please download ComboFix from the following link.

    Link


    **IMPORTANT !!! Save ComboFix.exe to your Desktop**
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console
Image
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Image

  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply
A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


In your next reply.

  • ComboFix log.
  • Please let me know how your computer is performing now.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Top

Re: Help! IE and Firefox opens up tabs on their own.

Unread postby Dakeyras » December 24th, 2009, 9:02 pm

Due to lack of activity, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Top
Previous
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 529 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index