Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google links redirected


  • Please log in to reply
1 reply to this topic

#1 sonicphantasm

sonicphantasm

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 30 June 2009 - 10:22 PM

Just as the title suggests, for some reason when I'm using google, it redirects the link to something else, even the adsense ads. The exceptino seems to be opening a new tab.

DDS diagnostics:


DDS (Ver_09-06-26.01) - NTFSx86
Run by Owner at 23:21:06.78 on Tue 06/30/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1321 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Cobian Backup 9\Cobian.exe
C:\Program Files\Cobian Backup 9\cbInterface.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Settings,ProxyServer = http=127.0.0.1:5757
uInternet Settings,ProxyOverride = local
mWinlogon: SfcDisable=-99 (0xffffff9d)
mWinlogon: Taskman=c:\recycler\s-1-5-21-6042907239-3307757779-933387428-1274\rundll32.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Win32 Firewall] c:\docume~1\owner\locals~1\temp\268.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [DigidesignMMERefresh] c:\program files\digidesign\drivers\MMERefresh.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Win32 Firewall] c:\docume~1\owner\locals~1\temp\268.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: NameServer = 85.255.112.199,85.255.112.181
TCP: {D104FC7C-E454-4018-A3BE-1F4E28D32FC8} = 85.255.112.199,85.255.112.181
TCP: {EF2EB2DD-5C72-468E-914B-EB2B019E7F37} = 85.255.112.199,85.255.112.181
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\5gkcu54g.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en&source=iglk
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10607&gct=&gc=1&q=

============= SERVICES / DRIVERS ===============

R0 DigiFilter;DigiFilter;c:\windows\system32\drivers\DigiFilt.sys [2009-6-27 16384]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-6-27 114768]
R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-6-27 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-6-27 234888]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-6-27 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-6-27 138680]
R2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\drivers\diginet.sys [2009-6-27 16400]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [2005-7-27 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [2005-7-27 36352]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-6-27 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-6-27 352920]
R3 dalwdmservice;dal service;c:\windows\system32\drivers\Dalwdm.sys [2009-6-27 97808]
R3 MBX2DFU;MBX2DFU;c:\windows\system32\drivers\mbx2dfu.sys [2009-6-27 21648]
R3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;c:\windows\system32\drivers\mbx2midk.sys [2009-6-27 21904]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [2005-7-27 77056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-6-27 1684736]

=============== Created Last 30 ================

2009-06-29 22:56 <DIR> --d----- c:\program files\Paint.NET
2009-06-29 18:26 <DIR> --d----- c:\program files\Cobian Backup 9
2009-06-28 12:02 <DIR> --d----- c:\program files\Trend Micro
2009-06-27 22:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\vsosdk
2009-06-27 22:03 56 ----h--- c:\windows\system32\ezsidmv.dat
2009-06-27 21:59 <DIR> --d--r-- c:\program files\Skype
2009-06-27 19:57 <DIR> --d----- c:\docume~1\owner\applic~1\REAPER
2009-06-27 19:56 <DIR> --d----- c:\program files\REAPER
2009-06-27 19:55 87,608 -------- c:\docume~1\owner\applic~1\inst.exe
2009-06-27 19:55 47,360 -------- c:\windows\system32\drivers\pcouffin.sys
2009-06-27 19:55 47,360 -------- c:\docume~1\owner\applic~1\pcouffin.sys
2009-06-27 19:54 217,127 -------- c:\windows\system32\drv43260.dll
2009-06-27 19:54 208,935 -------- c:\windows\system32\drv33260.dll
2009-06-27 19:54 176,165 -------- c:\windows\system32\drv23260.dll
2009-06-27 19:54 65,602 -------- c:\windows\system32\cook3260.dll
2009-06-27 19:54 1,645,320 -------- c:\windows\gdiplus.dll
2009-06-27 19:54 1,184,984 -------- c:\windows\system32\wvc1dmod.dll
2009-06-27 19:54 626,688 -------- c:\windows\system32\vp7vfw.dll
2009-06-27 19:54 <DIR> --d----- c:\program files\VSO
2009-06-27 19:20 56,320 -------- c:\windows\system32\MSIVXilltowsrpylobobppjieorjykbrkdtaq.dll
2009-06-27 19:20 23,552 -------- c:\windows\system32\MSIVXjcxrhmapsxmobwwylyxmcjivvgqfqypb.dll
2009-06-27 19:20 4 -------- c:\windows\system32\MSIVXcount
2009-06-27 19:17 <DIR> --d----- c:\program files\Lame for Audacity
2009-06-27 19:14 <DIR> --d----- c:\program files\Audacity
2009-06-27 18:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Azureus
2009-06-27 18:02 <DIR> --d----- c:\docume~1\owner\applic~1\Azureus
2009-06-27 18:02 <DIR> --d----- c:\program files\AskBarDis
2009-06-27 18:02 <DIR> --d----- c:\program files\Vuze
2009-06-27 18:02 <DIR> --d----- c:\program files\common files\i4j_jres
2009-06-27 15:41 16,384 -------- c:\windows\system32\drivers\DigiFilt.sys
2009-06-27 15:39 <DIR> --d----- c:\program files\InterLok
2009-06-27 15:39 <DIR> --d----- c:\program files\Digidesign
2009-06-27 15:14 457,248 -------- c:\windows\system32\nvudisp.exe
2009-06-27 15:14 19,495 -------- c:\windows\system32\nvdisp.nvu
2009-06-27 13:08 940,794 -------- c:\windows\system32\LoopyMusic.wav
2009-06-27 13:08 146,650 -------- c:\windows\system32\BuzzingBee.wav
2009-06-27 13:08 <DIR> --d----- c:\windows\system32\Lang
2009-06-27 13:00 <DIR> --d----- c:\program files\Realtek
2009-06-27 12:50 <DIR> --d----- c:\program files\NVIDIA Corporation
2009-06-27 12:48 446,464 -------- c:\windows\system32\nvunrm.exe
2009-06-27 12:48 6,045 -------- c:\windows\system32\nvnrm.nvu
2009-06-27 12:48 4,984 -------- c:\windows\system32\drivers\nvphy.bin
2009-06-27 12:41 <DIR> --d----- C:\NVIDIA
2009-06-27 12:27 <DIR> --d----- c:\program files\Unibrain
2009-06-27 12:26 <DIR> --d----- c:\windows\Downloaded Installations
2009-06-27 12:26 <DIR> --d----- c:\program files\Intel Desktop Board
2009-06-27 00:43 83,072 -------- c:\windows\system32\drivers\wdmaud.sys
2009-06-27 00:43 6,272 -------- c:\windows\system32\drivers\splitter.sys
2009-06-27 00:43 52,864 -------- c:\windows\system32\drivers\DMusic.sys
2009-06-27 00:43 142,592 -------- c:\windows\system32\drivers\aec.sys
2009-06-27 00:43 56,576 -------- c:\windows\system32\drivers\swmidi.sys
2009-06-27 00:43 172,416 -------- c:\windows\system32\drivers\kmixer.sys
2009-06-27 00:43 2,944 -------- c:\windows\system32\drivers\drmkaud.sys
2009-06-27 00:43 60,800 -------- c:\windows\system32\drivers\sysaudio.sys
2009-06-27 00:43 7,552 -------- c:\windows\system32\drivers\MSKSSRV.sys
2009-06-27 00:43 4,992 -------- c:\windows\system32\drivers\MSPQM.sys
2009-06-27 00:43 5,376 -------- c:\windows\system32\drivers\MSPCLOCK.sys
2009-06-27 00:42 146,048 -------- c:\windows\system32\drivers\portcls.sys
2009-06-27 00:42 129,536 -------- c:\windows\system32\ksproxy.ax
2009-06-27 00:42 60,160 -------- c:\windows\system32\drivers\drmk.sys
2009-06-27 00:42 60,032 -------- c:\windows\system32\drivers\USBAUDIO.sys
2009-06-27 00:42 4,096 -------- c:\windows\system32\ksuser.dll
2009-06-27 00:41 32,384 -------- c:\windows\system32\drivers\usbccgp.sys
2009-06-27 00:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2009-06-27 00:28 <DIR> --d----- c:\program files\PC Drivers HeadQuarters
2009-06-27 00:20 <DIR> --dsh--- c:\documents and settings\owner\PrivacIE
2009-06-27 00:16 49,152 -------- c:\windows\system32\msrating.dll.mui
2009-06-27 00:16 2,560 -------- c:\windows\system32\mshta.exe.mui
2009-06-27 00:16 1,241,088 -------- c:\windows\system32\ieframe.dll.mui
2009-06-27 00:16 134,144 -------- c:\windows\system32\dllcache\sqmapi.dll
2009-06-27 00:16 81,920 -------- c:\windows\system32\iedkcs32.dll.mui
2009-06-27 00:16 4,096 -------- c:\windows\system32\ie4uinit.exe.mui
2009-06-27 00:16 <DIR> --dsh--- c:\documents and settings\owner\IETldCache
2009-06-27 00:16 <DIR> --d----- c:\documents and settings\Owner
2009-06-27 00:15 <DIR> --ds---- c:\windows\system32\Microsoft
2009-06-27 00:13 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-06-27 00:13 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-06-27 00:13 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-06-27 00:13 <DIR> --d----- c:\program files\common files\MSSoap
2009-06-27 00:11 <DIR> --d----- c:\program files\MSXML 4.0
2009-06-26 19:08 <DIR> --d----- c:\program files\common files\ODBC
2009-06-26 19:08 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-06-26 19:07 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-06-27 13:00 319,488 -------- c:\windows\HideWin.exe
2009-06-27 12:19 86,327 -------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-06-27 00:12 21,640 -------- c:\windows\system32\emptyregdb.dat
2009-06-10 08:28 3,510,272 -------- c:\windows\system32\nvgames.dll
2009-06-10 08:28 4,022,272 -------- c:\windows\system32\nvdisps.dll
2009-06-10 08:28 13,758,464 -------- c:\windows\system32\nvcpl.dll
2009-06-10 08:28 168,004 -------- c:\windows\system32\nvsvc32.exe
2009-06-10 08:28 143,360 -------- c:\windows\system32\nvcolor.exe
2009-06-10 08:28 86,016 -------- c:\windows\system32\nvmctray.dll
2009-06-10 08:28 229,376 -------- c:\windows\system32\nvmccs.dll
2009-06-10 06:03 9,998,336 -------- c:\windows\system32\nvoglnt.dll
2009-06-10 06:03 8,087,712 -------- c:\windows\system32\drivers\nv4_mini.sys
2009-06-10 06:03 5,908,608 -------- c:\windows\system32\nv4_disp.dll
2009-06-10 06:03 1,720,320 -------- c:\windows\system32\nvcuda.dll
2009-06-10 06:03 1,580,550 -------- c:\windows\system32\nvdata.bin
2009-06-10 06:03 1,310,720 -------- c:\windows\system32\nvcuvenc.dll
2009-06-10 06:03 815,104 -------- c:\windows\system32\nvapi.dll
2009-06-10 06:03 671,744 -------- c:\windows\system32\nvcuvid.dll
2009-06-10 06:03 151,552 -------- c:\windows\system32\nvcodins.dll
2009-06-10 06:03 151,552 -------- c:\windows\system32\nvcod.dll
2009-06-04 16:39 457,248 -------- c:\windows\system32\nvuninst.exe
2009-05-22 23:37 5,082,624 -------- c:\windows\system32\drivers\RtkHDAud.sys
2009-05-21 14:01 17,881,600 -------- c:\windows\RTHDCPL.EXE
2009-05-14 15:21 36,864 -------- c:\windows\system32\RtkCoInstXP.dll
2009-04-20 13:32 28,672 -------- c:\windows\system32\setupold.exe
2009-04-20 13:32 3,186 -------- c:\windows\system32\presetup.cmd
2009-04-20 13:25 218,624 -------- c:\windows\system32\uxtheme.dll
2009-04-20 13:24 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-04-20 13:22 24,576 -------- c:\windows\system32\nlsdl.dll
2009-04-20 13:21 922,112 -------- c:\windows\system32\imapi2fs.dll
2009-04-20 13:21 426,496 -------- c:\windows\system32\imapi2.dll
2009-04-20 13:21 151,552 -------- c:\windows\system32\ifxcardm.dll
2009-04-20 13:21 26,112 -------- c:\windows\system32\idndl.dll
2009-04-20 13:21 633,344 -------- c:\windows\system32\gpprefcl.dll
2009-04-20 13:21 249,856 -------- c:\windows\system32\drmupgds.exe
2009-04-20 13:21 4,178,264 -------- c:\windows\system32\D3DX9_41.dll
2009-04-20 13:21 4,379,984 -------- c:\windows\system32\D3DX9_40.dll
2009-04-20 13:21 3,851,784 -------- c:\windows\system32\D3DX9_39.dll
2009-04-20 13:21 3,850,760 -------- c:\windows\system32\D3DX9_38.dll
2009-04-20 13:19 96,792 -------- c:\windows\system32\basecsp.dll
2009-04-20 13:18 278,528 -------- c:\windows\system32\ulib.dll
2009-04-20 13:17 45,568 -------- c:\windows\system32\mshta.exe
2009-04-20 13:16 180,736 -------- c:\windows\system32\eapphost.dll
2009-04-16 17:23 540,672 -------- c:\windows\RtlExUpd.dll

============= FINISH: 23:21:14.59 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:03:15 AM

Posted 02 July 2009 - 04:06 PM

Hello sonicphantasm,

Download Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document.

****************

Please download Malwarebytes' Anti-Malware from one of these places:
http://download.cnet.com/Malwarebytes-Anti...&tag=button
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
http://www.besttechie.net/mbam/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Full Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply along with a fresh DDS log.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Edited by SifuMike, 02 July 2009 - 04:06 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users