Strange popup from Google Websearch page Malware or not?

I keep getting this strange popup when conducting a search from the google web search homepage. It pops up after conducting a search on anything. It's like the google search page is being hijacked. I'm being redirected to this link after querying a search on cars. -http://www.google.com/#sclient=psy&hl=en&site=&source=hp&q=cars&pbx=1&oq=cars&aq=f&aqi=&aql=&gs_sm=e&gs_upl=3875l4306l0l5234l4l4l0l0l0l0l0l0ll0l0&bav=on.2,or.r_gc.r_pw.&fp=661c0b1152c259b4&biw=1024&bih=605- Does anyone know what this is? It looks like some sort of a threat. Its asking me if I want to save a file from an application/octet-stream. I searched the web, and it basically says this is what happens when Firefox encounters MIME attachments since it does not know what to do with it. This is a beta test machine so security is not as tight on this machine as my other machines. I'm testing Webroot Cloud AV on it now. Does anyone know if this is malware or a threat? I'm conducting the search from -http://www.google.com/-

Edited 08/06/11 @ 1:40.
BTW.. I just installed Xmarks to synchronize my bookmarks so I was thinking maybe it could be causing it.

 

I just uninstalled Xmarks, and i'm still having the same popup. So I guess maybe it wasn't Xmarks.

 

@ Cutting_Edgetech

Looks dodgy here

Also this



I couldn't reach the www ? I have seen similar prompts before though & all were from nasty www's !

 

Just a comment regarding the anubis report. If you get an analysis of say google.com or yahoo.com , you'll get pretty much the same report.

Code:

Summary:
- Changes security settings of Internet Explorer:
This system alteration could seriously affect safety surfing the World
Wide Web.

- Performs File Modification and Destruction:
The executable modifies and destructs files which are not temporary.

- Performs Registry Activities:
The executable creates and/or modifies registry entries.

 

Something is seriously wrong here. I don't even have to hit enter to get this annoying popup. All I have to do is type in any search term, and wait a few seconds. It pops up even before executing the search. WTH..! I have not even left -http://www.google.com/- I have had nothing but problems out of Firefox since version 4 & 5 came out. I think I need to roll back to version 3. My yahoo e-mail account will not work with Firefox either. I have to use opera in order to send messages. It's ridiculous! I'm going to run FF in safemode, and see if i get the same popup.

 

Running FF in Safemode with all Add-ons disabled did not resolve this issue. I will try turning off some of my security software next.

 

Shutting down my security Apps has also not resolved this issue. Also, my yahoo e-mail account has constant errors that will not allow me to open my mail when using FF. I can use any other browser to open my mail without a problem. What have they done to my favorite browswer! I guess it's time to switch browsers

 

This Firefox support thread mentions problems with application/octet-stream (starting in the 5th post down). Maybe there is something in there for you. It's from Google Groups.

 

What about others who see no problems using Firefox?

That's why it may be one or more factors on your system causing the problem and not some basic defect in the browser, per se.

That other browsers on your system work just fine is good but keep in mind that there have been reports of malware targeting specific browsers. So switching to another browser may just hide the possibility that your security may not be as good as it should be if you've picked up malware even if it's specific to one browser.

 

I don't know about the security angle, his security setup looks rock solid from where I'm sitting.

 

Well, this is a beta test machine so I will be rolling back to a prior image with ATI 11 after I hear back from Agnitum concerning a bug I reported for Outpost Pro 7.5. I have not been infected with any sort of malware in over 15 years unless it went undetected. This could be a different matter though since I purposely am not using my usual rock solid lineup for staying infection free. It's possible I could have contracted something while beta testing a product because i'm relying on a beta product that is not ready for prime time. It is still not likely though since I have been on very limited number of websites, and though one of them could have been compromised it is not likely. I'm running Outpost Pro 7.5, NOD 32, and Webroot Cloud AV on this machine. I can't use Shadow defender since I would loss valuable info needed for reporting bugs when beta testing. The quirk I have with FF lately is that i have been having problems with FF on many different machines lately. Not just this one. Though I have to say this is a first for this particular issue I have encountered. It could be that their has been bugs with one or more of the add-ons that I use for FF, and the problem is not with FF itself. Also, maybe some of my problems with FF could have been caused by one of the security apps running on my machines. I'm not having any issues out of Opera though so I'm having to use Opera during the mean time. If I do figure out the issue I will report it to FF though.

 

BTW.. I have scanned this machine with MBAM, NOD 32, HMP, and Webroot Cloud AV. They all come back clean. If I do have an infection then it's going undetected by some very dependable products.

 

If you still have the problematic Fx, could you look at Help, Troubleshooting Information, and then Modified Preferences?

 

I looked it over. The context seems to be different.

 

Quite possibly but things are dynamic out there.

 

Try Dr web cureit to see what it says.www.freedrweb.com

 

Looking at the screenshot I noticed, under the Google search bar, 'Google Instant is una(ble?)...'
Perhaps that's an issue/something dysfunctional worth looking into?
Also, is the XP taskbar question mark pointing to anything?