I would try Super AntiSpyware the free edition. I am preety sure it took care of the problem. Make sure you get to the correct site, it took me several times to get there because of the hijacked issue. Try "ask search" that is how I got there. After you download make sure you update before you run a scan. I wish you the best of luck. I will check back please update your results.
Just try these steps, I think if, these are working we can managed to use epo to remove them automatically.
Some new malware/spyware program invaded one of my computers today. I say new because it wasn’t detected by McAfee. It took a bit of time but I managed to finally remove it.
One of the symptoms is on Google searches it will redirect to unrelated sites. Sometimes it will popup with audio or visual advertising. I noticed one of the redirected searches went to 113577url.cptgt.com.
I’m sure all the virus/spyware data files will eventually update to remove this. If it doesn’t get removed for you on a scan then read on. I will describe how to remove this malware/spyware manually. It will take some technical knowledge. Also, proceed at your own risk.
Although the dll's name is not crucial, I think that the registry reference may be taken in high consideration ..Message was edited by: Valeinrete on 21/12/10 06:32:22 CST
hi SinkingWaterBug... i have the same virus as you... it began just a couple days ago. i use Symmantic Endpoint rather than McAffee, and my virus scans also come up clean. using Windows Process Explorer (a more detailed task manager), i was able to see that a rundll32.exe process was spawning all my popups, and when i killed the process, i no longer had the popups. i don't understand this well, and i'm not at the same computer right now to copy and paste things exactly, but the rundll32.exe process that was causing the problem was associated with the following...
...something like the above. when i browse to the temp folder, it's very difficult to delete the accutil10 folder (don't think i ever saw a .dll in Windows Explorer), but i managed to delete it eventually by booting in safe mode. however, when i reboot, the folder is back, and i always need to kill the process upon boot up or i'll get those popups. i don't know how i got this virus or how yet to get rid of it, or what accutil10.dll is as it could maybe be something that the virus is just using and not the virus itself. thank you for starting this thread and if you figure out a fix, please let me know.
We are having the same problem at our house and started Friday or Saturday (Dec. 10 or 11). I believe it came from Facebook, but it is on the computer my kids use, so I am not posative. It did have AVG free on it for virus protection. The virus seems to have killed AVG as it would not respond and could not be removed from the system through Control Panel. I did finally remove it with a software tool from AVG to install McAfee. Even after running the AVG removal tool and the system appearing to be clean, McAfee reported AVG still present on the install program. I directed it to install anyway. I ran a full scan with McAfee yesterday (12/13/10) after the install completed and it found some things but did not solve the IE popup problem. Still working on a solution. I see that I am not alone.Message was edited by: Fella1 on 12/14/10 10:38:07 AM CST