Strange popup from Google Websearch page Malware or not?

Discussion in 'malware problems & news' started by Cutting_Edgetech, Aug 6, 2011.

Thread Status:
Not open for further replies.
  1. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    I keep getting this strange popup when conducting a search from the google web search homepage. It pops up after conducting a search on anything. It's like the google search page is being hijacked. I'm being redirected to this link after querying a search on cars. -http://www.google.com/#sclient=psy&hl=en&site=&source=hp&q=cars&pbx=1&oq=cars&aq=f&aqi=&aql=&gs_sm=e&gs_upl=3875l4306l0l5234l4l4l0l0l0l0l0l0ll0l0&bav=on.2,or.r_gc.r_pw.&fp=661c0b1152c259b4&biw=1024&bih=605- Does anyone know what this is? It looks like some sort of a threat. Its asking me if I want to save a file from an application/octet-stream. I searched the web, and it basically says this is what happens when Firefox encounters MIME attachments since it does not know what to do with it. This is a beta test machine so security is not as tight on this machine as my other machines. I'm testing Webroot Cloud AV on it now. Does anyone know if this is malware or a threat? I'm conducting the search from -http://www.google.com/-

    Edited 08/06/11 @ 1:40.
    BTW.. I just installed Xmarks to synchronize my bookmarks so I was thinking maybe it could be causing it.
     

    Attached Files:

    Last edited: Aug 6, 2011
  2. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    I just uninstalled Xmarks, and i'm still having the same popup. So I guess maybe it wasn't Xmarks.
     
  3. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,309
    Location:
    England
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ Cutting_Edgetech

    Looks dodgy here :eek:

    Also this

    sorry.gif

    I couldn't reach the www ? I have seen similar prompts before though & all were from nasty www's !
     
    Last edited: Aug 6, 2011
  5. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    621
    Location:
    Sydney Australia
    Just a comment regarding the anubis report. If you get an analysis of say google.com or yahoo.com , you'll get pretty much the same report. ;)
    Code:
    Summary:
    - Changes security settings of Internet Explorer:
    This system alteration could seriously affect safety surfing the World
    Wide Web.
    
    - Performs File Modification and Destruction:
    The executable modifies and destructs files which are not temporary.
    
    - Performs Registry Activities:
    The executable creates and/or modifies registry entries.
    
     
  6. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Something is seriously wrong here. I don't even have to hit enter to get this annoying popup. All I have to do is type in any search term, and wait a few seconds. It pops up even before executing the search. WTH..! I have not even left -http://www.google.com/- I have had nothing but problems out of Firefox since version 4 & 5 came out. I think I need to roll back to version 3. My yahoo e-mail account will not work with Firefox either. I have to use opera in order to send messages. It's ridiculous! I'm going to run FF in safemode, and see if i get the same popup.
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Running FF in Safemode with all Add-ons disabled did not resolve this issue. I will try turning off some of my security software next.
     
  8. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Shutting down my security Apps has also not resolved this issue. Also, my yahoo e-mail account has constant errors that will not allow me to open my mail when using FF. I can use any other browser to open my mail without a problem. What have they done to my favorite browswer! I guess it's time to switch browsers :mad:
     
  9. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    This Firefox support thread mentions problems with application/octet-stream (starting in the 5th post down). Maybe there is something in there for you. It's from Google Groups.
     
  10. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    What about others who see no problems using Firefox?

    That's why it may be one or more factors on your system causing the problem and not some basic defect in the browser, per se.

    That other browsers on your system work just fine is good but keep in mind that there have been reports of malware targeting specific browsers. So switching to another browser may just hide the possibility that your security may not be as good as it should be if you've picked up malware even if it's specific to one browser.
     
  11. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    I don't know about the security angle, his security setup looks rock solid from where I'm sitting.
     
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Well, this is a beta test machine so I will be rolling back to a prior image with ATI 11 after I hear back from Agnitum concerning a bug I reported for Outpost Pro 7.5. I have not been infected with any sort of malware in over 15 years unless it went undetected. This could be a different matter though since I purposely am not using my usual rock solid lineup for staying infection free. It's possible I could have contracted something while beta testing a product because i'm relying on a beta product that is not ready for prime time. It is still not likely though since I have been on very limited number of websites, and though one of them could have been compromised it is not likely. I'm running Outpost Pro 7.5, NOD 32, and Webroot Cloud AV on this machine. I can't use Shadow defender since I would loss valuable info needed for reporting bugs when beta testing. The quirk I have with FF lately is that i have been having problems with FF on many different machines lately. Not just this one. Though I have to say this is a first for this particular issue I have encountered. It could be that their has been bugs with one or more of the add-ons that I use for FF, and the problem is not with FF itself. Also, maybe some of my problems with FF could have been caused by one of the security apps running on my machines. I'm not having any issues out of Opera though so I'm having to use Opera during the mean time. If I do figure out the issue I will report it to FF though.
     
    Last edited: Aug 8, 2011
  13. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    BTW.. I have scanned this machine with MBAM, NOD 32, HMP, and Webroot Cloud AV. They all come back clean. If I do have an infection then it's going undetected by some very dependable products.
     
  14. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    If you still have the problematic Fx, could you look at Help, Troubleshooting Information, and then Modified Preferences?
     
  15. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    I looked it over. The context seems to be different.
     
  16. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    Quite possibly but things are dynamic out there.
     
  17. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Try Dr web cureit to see what it says.www.freedrweb.com
     
    Last edited: Aug 8, 2011
  18. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    Looking at the screenshot I noticed, under the Google search bar, 'Google Instant is una(ble?)...'
    Perhaps that's an issue/something dysfunctional worth looking into?
    Also, is the XP taskbar question mark pointing to anything?
     
Loading...
Thread Status:
Not open for further replies.