1. Download Spybot Search&Destroy. Let it update new definitions. Run it.

2a. Download FF 9.0.1 Tools > Options > Advanced > Check 'Warn me when websites try to redirect or reload the page' > Ok

2b. Verify that your home page is currently set to something other than that link in your browser under the General tab.

3. Open a command prompt and flush the DNS cache. ipconfig /flushdns

You should be good to go.

Lemme get done w/ another members puter and I'll help ya if you still need it. In the mean time, google tdsskiller, dl, install and run it. Post the log when it's done.

Where's the log? It didnt detect anything, but did scan 257 objects...

Ok, that's good. DL, install and run a quick scan with Malwarebytes

Kyle.

I just clicked on that link with FF 9.0.1. It didn't do anything to FF 9, except show me a warning prompt of a attempt to redirect. I then left the page. Closed > Reopened. Nothing. Even mirrored the registry before and no changes were made after the attempt. It's a WildTanget or Tango type malware that FF is apparently immune to. That's why I suggested you download the latest version of FF.

However, when I tried it with Explorer 9.0.8112, it spawned a half dozen pop ups and picked up some garbage. I ran Spybot with latest definitions and it picked up 27 items, including some tracking cookies. It asked me if I wanted to delete. I said yes. One piece was sitting in shared memory space, so I had to reboot in order for it to finish deleting the suspect files. It did. I flushed DNS resolver cache and it's gone.

Easy fix, bro. However, I'm sure Bryan will get you fixed you up.

Oh, and you should have several restore points, unless you've disabled the service. There are many shells that create restore points and Windows always creates a restore point any time you do a selective manual or automatic update. You should verify that your computer is creating restore points under Security and System > System Properties. And verify that you are restoring both system settings and previous files.

Malwarebytes found one thing and removed it. However as soon as I connected to the internet and opened FF, that damn website popped up. The computer seems to be running a little better, but still slower than when all this started.

If you'd like, I can take a look at it this evening.

Lemme know,
Bryan

Sent from my iPhail eleventybillion

I noticed a few minutes ago when I disconnect from the internet then it seems to run almost back at normal speed. As soon as its connected, everything slows way down. It even blue screened a little bit ago. I don't have anything overly important on it, so maybe I should just wipe the HD and reload Windows?

Fixed a co workers computer with the tsskiller that txredneck had previously recommended yesterday.

Do. You have Ccleaner on there?

If there's nothing you're concerned about loosing, dl run combofix. Post the log after it's done.

We'll determine if a format is necessary afterwards.

Sent from my iPhail eleventybillion

Also, post the malwarebytes log por favor

Sent from my iPhail eleventybillion

Malwarebytes Anti-Malware (Trial) 1.60.0.1800


Database version: v2012.01.13.02

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Administrator :: WIN-008JFMFP2P1 [administrator]

Protection: Enabled

1/13/2012 2:30:00 AM
mbam-log-2012-01-13 (02-30-00).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 190511
Time elapsed: 1 hour(s), 33 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Open Malwarebytes then click the tab "Logs". Open the one w/ the detection and copy/paste it.

Is that the right one posted above?