Results 1 to 10 of 10
Thread: Win7: Browser launching at startup, virus with a sense of humor?
-
08-01-11, 12:43 AM #1
Win7: Browser launching at startup, virus with a sense of humor?
I am at my wit's end here. Earlier today I was unable to accomplish something which has never been a problem for me in the past. Simple file transfers over a local network between two Windows 7 PC's (thread posted to this same forum). I still haven't got to the bottom of it, but a newer problem has sprung up which would be pretty damn funny if it wasn't so frustrating.
So, in the middle of all my earlier networking problems, it was mentioned I should be using homegroups (which I still disagree with), and at some point after that, I rebooted my computer, and upon windows startup, a browser launched on its own and connected to homegroup.com (a bogus site). Hilarious... after an hour discussing homegroups, I get a strange never before seen bug (virus??) where my PC connects to homegroup.com on startup. Truly hilarious.
I've run full system scans with:
MBAM
MSE
Ad-Aware
The browser is Firefox (my default) if it matters. I've checked my startup folder, and msconfig. Also, note that homegroup.com is NOT my browser's homepage (it is still google.com as it's always been). I've checked running services... they are all accounted for.
This is hardly a catastrophic problem, the easy solution is to just close the browser. However it bothers me in general to have any unexpected behavior on my PC, and this one is extra special because of the whole homegroup ordeal. I am not sure how I could have a virus already... I just formatted this PC yesterday and have only installed trusted software (and MSE was one of my first installs as always).
Truly going crazy here. Is it possible while mucking around in all the advanced networking settings, I somehow typed the word homegroup in somewhere and caused this to happen? I doubt it... but I really have no other ideas. Help!
Thanks!
-
- Join Date
- 11-13-07
- Location
- Plano, TX and Ruston, LA
- Posts
- 32,364
- Post Thanks / Like
- Blog Entries
- 43
08-01-11, 07:43 AM #2Re: Win7: Browser launching at startup, virus with a sense of humor?
Spybot S&D: The home of Spybot-S&D!
Malwarebytes: Malwarebytes Anti-Malware - Reviews and free Malwarebytes Anti-Malware downloads at CNET Download.com
Process Explorer: Process Explorer
Hijack this (run and post up): HijackThis - Trend Micro USAenf-Jesus its been like 12 minutes and you're already worried about stats?! :-P
Bigdog-Sweet home Alabama you are an idiot.
-
08-01-11, 11:11 AM #3
Re: Win7: Browser launching at startup, virus with a sense of humor?
Use this
Microsoft Standalone System Sweeper Beta | Microsoft Connect
Its Microsoft's stand alone security sweeper. Use a non infected machine to make a bootable usb or cd/dvd and it builds it from Microsoft security essentials definitions and cleans your system from boot. I have used it a few times and it rocks.
Spybot as mentioned before is also one of my staples for virus cleaning. To get the most out of it though take the HD out of the infected machine. Install Spybot to a clean machine, either slave the infected drive (you don't want to boot from it) or use a ide/sata to usb connected to make the infected drive USB. Then you can use Microsoft security essentials and Spybot to clean the drive from the uninfected machine.
-
-
-
08-02-11, 02:02 AM #6
Re: Win7: Browser launching at startup, virus with a sense of humor?
-
08-02-11, 02:51 AM #7
Re: Win7: Browser launching at startup, virus with a sense of humor?
Well... here is something interesting! I removed FF for grins.
With FF gone, IE was my default again. Sure enough, it did launch... but it only tried to connect to http://homegroup/
Which means FF was adding in the www and com... which makes me even more suspicious this is not a virus but something I did in my network mucking. But I am pretty damn sure I never typed the word homegroup in anywhere... the only thing I did regarding homegroups was disable them everywhere I saw them!
-
-
-
08-05-11, 08:16 PM #10
Re: Win7: Browser launching at startup, virus with a sense of humor?
I just created a new user to see if it happened with him, and sure enough it doesn't happen with the new user. So, I got out Wingrep and searched the old user folder (which was small enough that it didn't crash Wingrep like an entire C: search did), and I found one entry that made me suspicious:
Code:C:\Users\xxxxxxx\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5afe4de1b92fc382.customDestinations-ms 00007: fldr.dll,-11411SPSâXFL8Cü&mÎÀFLÀFç U^GÊU^GÊÐSj Ê(üÿÿKPàOÐ ê:iØ+00/C:\R1þ>ÔEWindows<ïî:þ>ÔE*WindowsV1ÿ>8System32>ïî:ÿ>8*System32t2(î:Ë GettingStarted.exeRïí:í:*EEGettingStarted.exe"U-TJC:\Windows\System32\GettingStarted.exe)@%systemroot%\system32\oobefldr.dll,-1162b{D36AFB67-9043-4714-B4A3-E9E9481750A1} %systemroot%\system32\control.exe /name Microsoft.HomeGroup"%systemroot%\system32\imageres.dll%SystemRoot%\system32\GettingStarted.exe
Now, anybody have a good explanation for what that file is and how it got there?
Furthermore... I still am not able to get network shares working properly with my main account, and as an insult I noticed that my new dummy account I made for testing does network shares perfect right out of the box, with what appear to be the same exact settings I have on my main account. Grr. I guess if it bothers me enough I'll migrate the account somehow.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Bookmarks