Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Hijack: Spam links inserted into google hits


  • This topic is locked This topic is locked
3 replies to this topic

#1 agent011

agent011

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 28 April 2009 - 04:55 AM

I seem to have a rather persistent virus on my computer, that has made it past Adaware, Spybot S&D, a trial of Kapersky, NOD32, Symantec Endpoint, et. al.

The only persistent symptom that I see is that the virus keeps inserting links to spam sites at the top of my google search results. CustomizeGoogle tells me that the domain for all of these is something along the lines of : http://216.240.159.88/gogo.php?id=139645

I think one of the many virus searches I did previously may have taken away most of the offending virus, but left some rather annoying detritus in my WinSock directory.

I decided that it was time to get serious, so I would appreciate feedback on the following HJT log:




DDS (Ver_09-03-16.01) - NTFSx86
Run by James at 5:14:23.04 on Tue 04/28/2009
Internet Explorer: 7.0.6000.16830 BrowserJavaVersion: 1.6.0_13
Microsoft® Windows Vista™ Enterprise 6.0.6000.0.1252.1.1033.18.1527.785 [GMT -5:00]

AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated)
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Outdated)
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\James\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Vidalia] "c:\program files\vidalia bundle\vidalia\vidalia.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
StartupFolder: c:\users\james\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\privoxy.lnk - c:\program files\vidalia bundle\privoxy\privoxy.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
LSP: c:\windows\system32\232812.dll
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\james\appdata\roaming\mozilla\firefox\profiles\jxvt6xab.default\
FF - component: c:\users\james\appdata\roaming\mozilla\firefox\profiles\jxvt6xab.default\extensions\{463f6ca5-ee3c-4be1-b7e6-7fee11953374}\platform\winnt\components\FoxyTunes.dll
FF - component: c:\users\james\appdata\roaming\mozilla\firefox\profiles\jxvt6xab.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
FF - component: c:\users\james\appdata\roaming\mozilla\firefox\profiles\jxvt6xab.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\real\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\netscape6\nprpjplug.dll
FF - plugin: c:\users\james\appdata\roaming\mozilla\firefox\profiles\jxvt6xab.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp07076007.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-4-26 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 953168]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\nero\nero8\incd\NBHRegInCDSrv.exe [2007-12-21 53032]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-4-26 1153368]
R2 TeamViewer4;TeamViewer 4;c:\program files\teamviewer\version4\TeamViewer_Service.exe [2009-1-19 185640]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936]
R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [2005-11-25 31896]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-4-26 101936]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2006-4-6 88192]
R3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2006-11-2 30720]
R3 wisdpen;Wacom Penabled MiniDriver;c:\windows\system32\drivers\wisdpen.sys [2007-1-22 34736]
S2 OpenCASE Media Agent;OpenCASE Media Agent;c:\program files\opencase\opencase media agent\MediaAgent.exe [2008-8-29 835208]
S4 ekrn;Eset Service;c:\program files\eset smart security\ekrn.exe [2008-10-24 468224]

=============== Created Last 30 ================

2009-04-28 02:33 <DIR> --d----- c:\users\james\appdata\roaming\Malwarebytes
2009-04-28 02:33 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-28 02:33 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-28 02:33 <DIR> --d----- c:\programdata\Malwarebytes
2009-04-28 02:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-28 02:33 <DIR> --d----- c:\progra~2\Malwarebytes
2009-04-27 01:37 15,688 a------- c:\windows\system32\lsdelete.exe
2009-04-26 23:41 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-04-26 23:39 <DIR> -cd-h--- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-26 23:39 <DIR> -cd-h--- c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-26 22:41 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-04-26 22:41 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-04-26 22:41 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-04-26 21:31 136,496 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-04-26 21:30 10,652 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-04-26 21:30 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-04-26 21:27 1,060,864 a------- c:\windows\system32\MFC71.DLL
2009-04-26 21:27 503,808 a------- c:\windows\system32\MSVCP71.DLL
2009-04-26 21:27 348,160 a------- c:\windows\system32\MSVCR71.DLL
2009-04-26 21:26 <DIR> --d----- c:\programdata\Symantec
2009-04-26 21:26 <DIR> --d----- c:\program files\Symantec
2009-04-26 21:26 <DIR> --d----- c:\program files\common files\Symantec Shared
2009-04-26 21:26 <DIR> --d----- c:\progra~2\Symantec
2009-04-26 18:28 <DIR> --d----- c:\programdata\Lavasoft
2009-04-26 18:28 <DIR> --d----- c:\program files\Lavasoft
2009-04-26 18:04 <DIR> --d----- c:\programdata\Kaspersky Lab
2009-04-26 18:04 <DIR> --d----- c:\progra~2\Kaspersky Lab
2009-04-26 17:59 <DIR> --d----- c:\program files\Kapersky
2009-04-25 15:52 139,264 ---shr-- c:\windows\system32\232812.dll
2009-04-20 23:05 <DIR> --d----- c:\users\james\.netbeans-derby
2009-04-20 22:56 <DIR> --d----- c:\users\james\.netbeans
2009-04-20 22:56 <DIR> --d----- c:\users\james\.netbeans-registration
2009-04-20 22:53 <DIR> --d----- c:\program files\NetBeans 6.5.1
2009-04-20 22:53 <DIR> --d----- c:\program files\Sun
2009-04-20 19:40 <DIR> --d----- c:\users\james\.SunDownloadManager
2009-04-20 19:36 <DIR> --d----- c:\users\james\.nbi
2009-04-20 19:04 <DIR> --d----- c:\program files\ActiveState Komodo IDE 5
2009-04-20 11:57 <DIR> --d----- c:\users\james\_ipython
2009-04-19 21:08 <DIR> --d----- c:\users\james\appdata\roaming\ActiveState
2009-04-19 21:07 <DIR> --d----- c:\users\james\.idlerc
2009-04-19 21:07 <DIR> --d----- c:\program files\ActiveState Komodo Edit 5
2009-04-19 21:00 <DIR> --d----- c:\program files\Python26
2009-04-15 10:29 376,832 a------- c:\windows\system32\winhttp.dll
2009-04-15 10:29 500,736 a------- c:\windows\system32\msdtcprx.dll
2009-04-15 10:29 30,208 a------- c:\windows\system32\xolehlp.dll
2009-04-15 10:28 549,888 a------- c:\windows\system32\rpcss.dll
2009-04-15 10:27 3,503,584 a------- c:\windows\system32\ntkrnlpa.exe
2009-04-15 10:27 3,469,280 a------- c:\windows\system32\ntoskrnl.exe
2009-04-15 10:27 654,336 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-04-15 10:27 158,720 a------- c:\windows\system32\sdohlp.dll
2009-04-15 10:27 37,888 a------- c:\windows\system32\iasdatastore.dll
2009-04-15 10:27 24,576 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-04-15 10:27 97,280 a------- c:\windows\system32\iasrecst.dll
2009-04-15 10:27 53,248 a------- c:\windows\system32\iasads.dll
2009-04-14 22:42 2,134,016 a------- c:\windows\system32\python26.dll
2009-04-05 00:04 <DIR> --d----- c:\program files\CodeStuff
2009-04-04 23:25 <DIR> --d----- c:\users\james\{65167f07-ceb5-427c-8fd1-9862a0674f3b}
2009-04-04 23:23 <DIR> --d----- c:\users\james\{aed303a6-89b3-4997-8d33-7c30ff78b4c5}
2009-04-04 23:22 <DIR> --d----- c:\users\james\{2ead09c8-89e1-4c8f-9c47-13b6245af1e9}
2009-04-04 23:21 <DIR> --d----- c:\users\james\{6afdb2ce-fe54-459b-871b-25f6efcbbac5}
2009-04-04 23:20 <DIR> --d----- c:\users\james\{dce40b3d-0e24-4bf2-8754-85397a4cccfa}
2009-04-04 23:19 <DIR> --d----- c:\users\james\{b8747276-aee9-4785-b07d-e614cd4123d8}
2009-04-04 23:18 <DIR> --d----- c:\users\james\{b586fd8b-a491-4d5e-a42c-30f2a0cf397a}
2009-04-04 23:17 <DIR> --d----- c:\users\james\{58d8891f-e16b-4ec2-9a0e-67e8f591b220}
2009-04-04 23:16 <DIR> --d----- c:\users\james\{7c674c1a-e5a8-4954-bcdc-d44adda8ff6e}
2009-04-04 23:15 <DIR> --d----- c:\users\james\{b924f168-dd81-40fc-b7e8-524e2bf41e12}
2009-04-04 23:14 <DIR> --d----- c:\users\james\{9f6b7e71-d6cb-452e-809b-1320aea50f73}
2009-04-04 23:13 <DIR> --d----- c:\users\james\{daa7cdc4-f27c-457d-a12c-573980b50ad0}
2009-04-04 23:12 <DIR> --d----- c:\users\james\{7440669f-53f1-41a3-89cd-529912e0b8b0}
2009-04-04 23:08 <DIR> --d----- c:\programdata\Logishrd
2009-04-04 23:08 <DIR> --d----- c:\programdata\Logitech

==================== Find3M ====================

2009-04-26 21:13 86,016 a------- c:\windows\inf\infstor.dat
2009-04-26 21:13 51,200 a------- c:\windows\inf\infpub.dat
2009-04-26 21:13 86,016 a------- c:\windows\inf\infstrng.dat
2009-04-20 22:53 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-16 22:16 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 22:16 14,848 a------- c:\windows\system32\apilogen.dll
2009-03-16 22:16 25,600 a------- c:\windows\system32\amxread.dll
2009-03-02 23:20 826,368 a------- c:\windows\system32\wininet.dll
2009-03-02 23:16 56,320 a------- c:\windows\system32\iesetup.dll
2009-03-02 23:16 78,336 a------- c:\windows\system32\ieencode.dll
2009-03-02 23:16 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-03-02 23:15 72,704 a------- c:\windows\system32\admparse.dll
2009-03-02 21:08 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-03-02 19:44 48,128 a------- c:\windows\system32\mshtmler.dll
2009-02-13 02:26 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 02:26 1,233,408 a------- c:\windows\system32\lsasrv.dll
2009-02-13 02:26 7,680 a------- c:\windows\system32\lsass.exe
2009-02-08 20:59 2,028,032 a------- c:\windows\system32\win32k.sys
2009-01-21 11:24 665,600 a------- c:\windows\inf\drvindex.dat
2009-01-20 04:38 174 a--sh--- c:\program files\desktop.ini
2007-12-21 15:12 1,719,336 a------- c:\programdata\YugmaSE-Uninstaller.exe
2007-12-21 15:12 1,719,336 a------- c:\progra~2\YugmaSE-Uninstaller.exe
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 5:16:46.18 ===============

Thanks much :thumbup2:

Edited by agent011, 28 April 2009 - 05:19 AM.


BC AdBot (Login to Remove)

 


#2 agent011

agent011
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 28 April 2009 - 08:03 AM

UPDATE: Got the bugger with SuperAntiSpyware of all things. As suspected, that .dll was bad news, and it also found two associated registry keys. Here's the log on the offchance that his helps anyone with a similar problem (I think the two C++ hits at the end were false positives... got those files recently from the Kapersky online scan if I recall correctly).

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/28/2009 at 07:43 AM

Application Version : 4.26.1000

Core Rules Database Version : 3868
Trace Rules Database Version: 1816

Scan type : Complete Scan
Total Scan Time : 01:00:28

Memory items scanned : 714
Memory threats detected : 1
Registry items scanned : 6982
Registry threats detected : 2
File items scanned : 24570
File threats detected : 4

Trojan.Unknown Origin
C:\WINDOWS\SYSTEM32\232812.DLL
C:\WINDOWS\SYSTEM32\232812.DLL
SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001
SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021

Adware.Tracking Cookie
C:\Users\James\AppData\Roaming\Microsoft\Windows\Cookies\james@msnportal.112.2o7[1].txt

Trojan.Dropper/Gen
C:\USERS\JAMES\APPDATA\LOCAL\TEMP\MIA40EA.TMP\DATA\MICROSOFT VISUAL C++ RUNTIME 9.0 (INCLUDES ATL AND MFC) SERVICE PACK 1\915FF0F9\CD46533A\AAWDRIVERTOOL.EXE
C:\USERS\JAMES\APPDATA\LOCAL\TEMP\MIA5F7D.TMP\DATA\MICROSOFT VISUAL C++ RUNTIME 9.0 (INCLUDES ATL AND MFC) SERVICE PACK 1\915FF0F9\CD46533A\AAWDRIVERTOOL.EXE

#3 agent011

agent011
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 02 May 2009 - 07:17 AM

A slight revisal...

For anyone out there who might have similar problems (nearly anything involving browser redirects, ad insertion, etc.) the problem likely lies in your LSP files. The most mainstream way to fix this is to use the Spybot S&D LSP scanner (which for some reason is hidden away under "tools" in the advanced mode. That should find and clear your problems, even though a standard spybot search will not detect this kind of issue.

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:10:16 PM

Posted 04 May 2009 - 12:47 AM

Thanks for informing us.
Good Luck.

This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users