Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Redirect and Cntl/Alt/Del Not Working


  • This topic is locked This topic is locked
1 reply to this topic

#1 Yepitsbroke

Yepitsbroke

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 09 September 2009 - 04:09 PM

When I try to go to a security site, such as trend micro to run a scan, I get redirected. In addition, manny times if I do Cntl/Alt/Del it fails to run, and when it does run, I can't find anything wrong.


DDS (Ver_09-07-30.01) - NTFSx86
Run by Owner at 16:41:01.76 on Wed 09/09/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.110 [GMT -4:00]

AV: Windows Protection Suite *On-access scanning enabled* (Updated) {0589FACA-CF7B-4C7E-A1CC-284885CDF15E}
FW: Windows Protection Suite *enabled* {860FFAF8-EB5B-423E-B89A-C3E83E1E8AED}

============== Running Processes ===============

C:WINDOWSsystem32svchost -k DcomLaunch
svchost.exe
C:WINDOWSSystem32svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesAviraAntiVir Desktopavgnt.exe
C:Program FilesAIMaim.exe
C:WINDOWSsystem32ctfmon.exe
svchost.exe
C:WINDOWSSystem32aniServ.exe
C:Program FilescomcasttbComcastSpywareScanComcastAntiSpyService.exe
C:Program FilesAviraAntiVir Desktopavguard.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesComcastDesktop Doctorbinsprtsvc.exe
C:WINDOWSSystem32svchost.exe -k HTTPFilter
C:Program FilesSpybot - Search & Destroy2TeaTimer.exe
C:WINDOWSsystem32HPZipm12.exe
C:WINDOWSpchealthhelpctrbinarieshelpctr.exe
C:WINDOWSPCHealthHelpCtrBinariesHelpSvc.exe
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsOwnerDesktopdds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mWindow Title = Windows Internet Explorer provided by Comcast
mSearchAssistant = hxxp://www.google.com/ie
mURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:program filesadobeacrobat 7.0activexAcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:program filesavgavg8avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:program filesspybot - search & destroy2SDHelper.dll
BHO: Comcast Toolbar: {79ceea4e-c231-4614-9e3b-53b2a02f39b7} - c:program filescomcasttbcomcastdx.dll
BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:program filesaolaol toolbar 2.0aoltb.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:program filesjavajre6libdeployjqsiejqs_plugin.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:program filesaolaol toolbar 2.0aoltb.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Comcast Toolbar: {79ceea4e-c231-4614-9e3b-53b2a02f39b7} - c:program filescomcasttbcomcastdx.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [AIM] c:program filesaimaim.exe -cnetwait.odl
uRun: [SpybotSD TeaTimer] c:program filesspybot - search & destroy2TeaTimer.exe
uRun: [ctfmon.exe] c:windowssystem32ctfmon.exe
uRunOnce: [FlashPlayerUpdate] c:windowssystem32macromedflashFlashUtil9f.exe
mRun: [IgfxTray] c:windowssystem32igfxtray.exe
mRun: [QuickTime Task] "c:program filesquicktimeqttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:program filesjavajre6binjusched.exe"
mRun: [avgnt] "c:program filesaviraantivir desktopavgnt.exe" /min
IE: &AOL Toolbar Search - c:program filesaolaol toolbar 2.0resourcesen-uslocalsearch.html
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:program filesaimaim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:program filesmessengermsmsgs.exe
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:program filesaolaol toolbar 2.0aoltb.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:program filesspybot - search & destroy2SDHelper.dll
Trusted Zone: google.comwww
Trusted Zone: microsoft.comupdate
Trusted Zone: microsoft.comwww.update
DPF: DirectAnimation Java Classes - file://c:windowsjavaclassesdajava.cab
DPF: Microsoft XML Parser for Java - file://c:windowsjavaclassesxmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1251991602796
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:program fileshphpcoretechcomphpuiprot.dll
Notify: igfxcui - igfxsrvc.dll

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:program filesaviraantivir desktopavgio.sys [2009-9-3 11608]
R2 ANISERVICE;Airgo Networks NIC Service;c:windowssystem32aniServ.exe [2004-8-11 143360]
R2 AntiSpywareService;Comcast AntiSpyware;c:program filescomcasttbcomcastspywarescanComcastAntiSpyService.exe [2009-5-5 616408]
R2 AntiVirService;Avira AntiVir Guard;c:program filesaviraantivir desktopavguard.exe [2009-9-3 185089]
R2 avgntflt;avgntflt;c:windowssystem32driversavgntflt.sys [2009-9-3 55656]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:program filesaviraantivir desktopsched.exe [2009-9-3 108289]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:program filesviewpointcommonViewpointService.exe [2007-1-10 24652]

=============== Created Last 30 ================

2009-09-09 07:02 153,088 -c------ c:windowssystem32dllcachetriedit.dll
2009-09-08 06:58 <DIR> --dsh--- c:documents and settingsownerIECompatCache
2009-09-04 07:07 <DIR> --d----- c:windowssystem32LogFiles
2009-09-03 14:02 55,656 a------- c:windowssystem32driversavgntflt.sys
2009-09-03 14:02 <DIR> --d----- c:program filesAvira
2009-09-03 14:02 <DIR> --d----- c:docume~1alluse~1applic~1Avira
2009-09-03 11:59 <DIR> --d----- c:windowssystem32scripting
2009-09-03 11:59 <DIR> --d----- c:windowsl2schemas
2009-09-03 11:59 <DIR> --d----- c:windowssystem32en
2009-09-03 11:52 <DIR> --d----- c:windowsnetwork diagnostic
2009-09-03 11:14 <DIR> -cd----- c:docume~1alluse~1applic~1{EF63305C-BAD7-4144-9208-D65528260864}
2009-09-03 09:16 664 a------- c:windowssystem32d3d9caps.dat
2009-08-23 21:46 <DIR> --dsh--- c:documents and settingsownerPrivacIE
2009-08-23 21:40 <DIR> --dsh--- c:documents and settingsownerIETldCache
2009-08-23 21:37 12,800 -c------ c:windowssystem32dllcachexpshims.dll
2009-08-23 21:37 594,432 -c------ c:windowssystem32dllcachemsfeeds.dll
2009-08-23 21:37 55,296 -c------ c:windowssystem32dllcachemsfeedsbs.dll
2009-08-23 21:37 1,985,536 -c------ c:windowssystem32dllcacheiertutil.dll
2009-08-23 21:37 246,272 -c------ c:windowssystem32dllcacheieproxy.dll
2009-08-23 21:37 11,067,392 -c------ c:windowssystem32dllcacheieframe.dll
2009-08-23 21:37 <DIR> --d----- c:windowsie8updates
2009-08-23 21:35 101,376 -c------ c:windowssystem32dllcacheiecompat.dll
2009-08-23 21:33 <DIR> -cd-h--- c:windowsie8
2009-08-23 21:22 <DIR> --dsh--- c:docume~1alluse~1applic~1WINSPSys
2009-08-23 21:22 <DIR> --dsh--- c:docume~1alluse~1applic~174a6e97
2009-08-13 22:39 221,184 a------- c:windowssystem32wmpns.dll
2009-08-13 21:40 1,315,328 -c------ c:windowssystem32dllcachemsoe.dll
2009-08-13 21:40 2,066,432 -c------ c:windowssystem32dllcachemstscax.dll

==================== Find3M ====================

2009-09-03 15:58 142,944 a------- c:windowspchealthhelpctrconfigcachePersonal_32_1033.dat
2009-09-03 12:04 76,487 a------- c:windowspchealthhelpctrofflinecacheindex.dat
2009-08-05 05:01 204,800 a------- c:windowssystem32mswebdvd.dll
2009-07-25 05:23 411,368 a------- c:windowssystem32deploytk.dll
2009-07-17 15:01 58,880 a------- c:windowssystem32atl.dll
2009-07-12 12:21 233,472 -------- c:windowssystem32wmpdxm.dll
2009-07-03 13:09 915,456 a------- c:windowssystem32wininet.dll
2009-06-25 04:25 730,112 a------- c:windowssystem32lsasrv.dll
2009-06-25 04:25 301,568 a------- c:windowssystem32kerberos.dll
2009-06-25 04:25 147,456 a------- c:windowssystem32schannel.dll
2009-06-25 04:25 136,192 a------- c:windowssystem32msv1_0.dll
2009-06-25 04:25 56,832 a------- c:windowssystem32secur32.dll
2009-06-25 04:25 54,272 a------- c:windowssystem32wdigest.dll
2009-06-16 10:36 119,808 a------- c:windowssystem32t2embed.dll
2009-06-16 10:36 81,920 a------- c:windowssystem32fontsub.dll
2009-06-12 08:31 76,288 a------- c:windowssystem32telnet.exe
2006-10-28 09:38 17,207,032 a------- c:program filesavg75free_428a818.exe

============= FINISH: 16:41:55.12 ===============

Not sure if attachments came over.

Attached Files


Edited by The weatherman, 09 September 2009 - 04:17 PM.
Merged posts~Tw


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:09:27 PM

Posted 09 September 2009 - 05:45 PM

Duplicate topic closed. :(
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users