I had clicked on what I thought was a reliable link when I was redirected to a totally different site. Avast immediately flagged it as malware when I was taken to the redirected site and I left as fast as I could. Here is the site: quizfinddomaindotcom . Info (I replaced the period with the word dot in the site address). Did some research and found out that this was a trojan virus that infects your web browser and redirects the browser home page and search pager to misleading Internet search sites pushing spam advertisements and possibly do a lot more harm.

Concerned me so I did an Avast Full Scan with this version Program ( 6.0.1289 ) Engine and definitions ( current version 111110-1 ) No viruses were found.
My operational system and browser application are Windows XP and Firefox.

I then did a full scan with Ad-Aware free version that revealed 7 tracking cookies.
I decided to try one more tool called Stopzilla and it revealed this virus in its results.
( trojan.win32.mal.gen!a23 ) and this g2mdlhlpx.exe (c:\documents and settings\darryl\g2mdlhlpx.exe)

Is this really a trojan virus and how do I get rid of it? Any help would be very much appreciated.

Googling exact phrase “trojan.win32.mal.gen!a23” yielded only three hits, two of which need to be translated to read in English.

Used specific search term “trojan.win32.mal.gen!a23” (with quotes) to get this result.

but generic search results in over 116,000 hits.

Be careful what links you click in Google in the generic query as some are known bad sites.

Searched as trojan.win32.mal.gen!a23 (without quotes)

with your post being the only one that is a direct hit on the query above.

And: g2mdlhlpx.exe search results in 6,457 hits on Google here:

http://www.google.com/#hl=en&sugexp=ppwl&cp=13&gs_id=1d&xhr=t&q=g2mdlhlpx.exe&pf=p&sclient=psy-ab&source=hp&pbx=1&oq=g2mdlhlpx.exe&aq=0&aqi=g4&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.,cf.osb&fp=a686e28799f6b6d7&biw=1280&bih=861&bs=1

STOPzilla website is problematic. See here in WOT (Web Of Trust) for site safety and reputation. User comments may prove enlightening to some.

Here: http://www.mywot.com/en/scorecard/stopzilla.com

You should use Malwarebytes Anti-Malware to clean your system of suspected or known malware here: http://www.malwarebytes.org/products/malwarebytes_free

Be sure to update Malwarebytes Anti-Malware before scanning and attach the log below by clicking “Additional Options…” below the box you are now writing in.

At the top of the virus forum are four EDIT five postings to be used as a guide to post and use cleaning programs; also a guide as to how to attach the resulting logs. If there are infections present, Essexboy will come in and guide you through the cleaning process, as he is the resident malware expert here.

yepp that site is infected…see attached sucuri screenshot

Sucuri malware info:
http://sucuri.net/malware/malware-entry-mwiframehd202
http://sucuri.net/malware/malware-entry-mwhta7

This page seems to be - 1 hidden external link found.
http://www.UnmaskParasites.com/security-report/?page=quizfinddomain.com

Wepawet
http://wepawet.iseclab.org/view.php?hash=106fb1fd3bf69251805eb5faac98c693&t=1321008854&type=js

Thanks very much for the quick reply Mchain and Pondus. I have to go out of town for an emergency immediately so I probably won’t be back to my computer until Sunday or Monday and I will get right on the scan when I get back.

I completed a Quick Scan and not a Full Scan with Malwarebytes as instructed and attached the log.

hallie,

I would wait for essexboy to show up before going any further with this.

As I am relatively new to this forum, I will try to assist all but will refrain from analyzing any logs posted. Essexboy can properly guide you and others back to safe ground.

If you wish essexboy to assist, please let him know.

Essexboy is the resident guru here, and you will be in good hands if you choose to do so.

The reason for the above analysis of your files reported is to point out how to research the internet about any files you may think to be suspicious.

You can always check these files for free at http://www.virustotal.com/ and copy/paste the url link results in your reply.

mchain