Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browsers redirecting, IE9 & Firefox 3.6


  • This topic is locked This topic is locked
2 replies to this topic

#1 land44

land44

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 08 December 2010 - 09:44 PM

Redirects to random pages, especially from Google searches, going to other search sites or antivirus offers, and seems worst when searching for antivirus and malware removal programs. Occasionally seems to work nearly normally, other times nearly everything is redirected. At this time using Firefox, because launching IE9 resulted in a BSOD (IRQL_NOT_LESS_OR_EQUAL), although IE usually works.

DDS.txt follows:


DDS (Ver_10-12-05.01) - NTFS_AMD64
Run by Michelles at 20:20:49.60 on Wed 12/08/2010
Internet Explorer: 9.0.7930.16406
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2615 [GMT -6:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Michelles\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uURLSearchHooks: H - No File
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: ShopAtHome Toolbar: {98279c38-de4b-4bcf-93c9-8ec26069d6f4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
StartupFolder: C:\Users\MICHEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\MICHEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Program Files (x86)\WhiteSmoke Translator\WSTrayDictMode.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} - hxxp://www.psapoll.com/CopyGuardIE.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
TB-X64: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File
TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
mRun-x64: [Apoint] C:\Program Files\DellTPad\Apoint.exe
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
mRun-x64: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
mRun-x64: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
mRun-x64: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon

================= FIREFOX ===================

FF - ProfilePath - C:\Users\MICHEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\c56258vs.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.foxnews.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Michelles\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-1-25 55280]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-9 382032]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-12-3 1153368]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-1-25 656624]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-1-25 172704]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-1-25 215552]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-1-25 393728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-21 1255736]

=============== Created Last 30 ================

2010-12-08 02:58:41 -------- d-----w- C:\Program Files (x86)\ESET
2010-12-07 14:53:31 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{F97CE9B7-1FBC-4DE0-8459-BF9D56C9C13A}\mpengine.dll
2010-12-07 01:35:34 2 --shatr- C:\Windows\winstart.bat
2010-12-07 01:35:24 -------- d-----w- C:\Program Files (x86)\UnHackMe
2010-12-05 03:53:48 2381824 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-05 03:53:48 2381824 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-05 03:53:47 1502208 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-12-05 03:53:47 1448448 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-12-04 04:48:52 -------- d-----w- C:\PROGRA~3\PC Tools
2010-12-04 03:49:59 -------- d-----w- C:\Users\MICHEL~1\AppData\Roaming\Malwarebytes
2010-12-04 03:49:55 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-04 03:49:54 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-12-04 03:49:51 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2010-12-04 03:49:50 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-04 03:49:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-04 01:21:58 -------- d-----w- C:\Users\MICHEL~1\AppData\Roaming\AVG
2010-12-04 01:02:55 -------- d--h--w- C:\$AVG
2010-12-04 00:40:54 -------- d-----w- C:\Users\MICHEL~1\AppData\Roaming\AVG10
2010-12-03 23:56:43 -------- d--h--w- C:\PROGRA~3\Common Files
2010-12-03 23:56:24 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2010-12-03 23:56:04 -------- d-----w- C:\Windows\System32\drivers\AVG
2010-12-03 23:56:04 -------- d-----w- C:\PROGRA~3\AVG10
2010-12-03 23:55:20 -------- d-----w- C:\Program Files (x86)\AVG
2010-12-03 23:30:03 -------- d-----w- C:\PROGRA~3\MFAData
2010-12-03 22:49:09 66520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
2010-12-03 16:26:03 899072 ----a-w- C:\Windows\System32\d2d1.dll
2010-12-03 16:26:03 737280 ----a-w- C:\Windows\SysWow64\d2d1.dll
2010-12-03 16:26:03 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2010-12-03 16:26:03 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2010-12-03 16:26:03 1844224 ----a-w- C:\Windows\System32\d3d10warp.dll
2010-12-03 16:26:03 1543168 ----a-w- C:\Windows\System32\DWrite.dll
2010-12-03 16:26:03 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2010-12-03 16:26:03 1137664 ----a-w- C:\Windows\System32\FntCache.dll
2010-12-03 16:26:03 1076224 ----a-w- C:\Windows\SysWow64\DWrite.dll
2010-12-03 16:25:27 466432 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2010-12-03 16:25:27 279552 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2010-12-03 16:25:27 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll
2010-12-03 16:25:27 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2010-12-03 16:24:51 1863680 ----a-w- C:\Windows\System32\ExplorerFrame.dll
2010-12-03 16:24:51 1495040 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll
2010-12-03 16:24:10 -------- d-----w- C:\Program Files (x86)\Feedback Tool
2010-12-03 06:35:02 -------- d-----w- C:\Users\MICHEL~1\AppData\Local\Sunbelt Software
2010-12-03 06:34:41 -------- dc-h--w- C:\PROGRA~3\{E961CE1B-C3EA-4882-9F67-F859B555D097}
2010-12-03 06:34:35 -------- d-----w- C:\Program Files (x86)\Lavasoft
2010-12-03 06:29:40 -------- d-----w- C:\Users\MICHEL~1\AppData\Local\Mozilla
2010-12-03 02:30:03 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2010-12-03 02:30:03 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2010-11-27 18:04:13 -------- d-sh--w- C:\found.000
2010-11-27 07:01:19 -------- d-----w- C:\Program Files\Dell Support Center
2010-11-27 06:56:37 -------- d-----w- C:\Users\MICHEL~1\AppData\Roaming\PCDr
2010-11-26 01:32:01 -------- d-----w- C:\$WINDOWS.~LS
2010-11-26 01:30:35 -------- d-----w- C:\$UPGRADE.~OS
2010-11-26 00:33:04 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2010-11-21 19:35:20 -------- d-----w- C:\Users\MICHEL~1\AppData\Local\ElevatedDiagnostics
2010-11-20 22:06:42 -------- d-----w- C:\Windows\en
2010-11-20 22:03:39 -------- d-----w- C:\Program Files (x86)\MSN Toolbar
2010-11-20 22:03:26 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer
2010-11-20 22:03:25 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2010-11-20 22:03:25 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2010-11-20 22:03:24 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-11-20 22:03:24 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2010-11-20 21:26:50 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a2c7b8411cb88f92e\InstallManager_WLE_WLE.exe
2010-11-20 21:26:09 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8a34634c1cb88f922\MeshBetaRemover.exe
2010-11-20 21:25:17 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6c6d0d6b1cb88f91a\DSETUP.dll
2010-11-20 21:25:17 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6c6d0d6b1cb88f91a\DXSETUP.exe
2010-11-20 21:25:17 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6c6d0d6b1cb88f91a\dsetup32.dll
2010-11-20 21:25:15 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6b0f23231cb88f919\DSETUP.dll
2010-11-20 21:25:15 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6b0f23231cb88f919\DXSETUP.exe
2010-11-20 21:25:15 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6b0f23231cb88f919\dsetup32.dll
2010-11-20 21:24:05 -------- d-----w- C:\Users\MICHEL~1\AppData\Local\Windows Live
2010-11-20 21:23:32 206848 ----a-w- C:\Windows\System32\mfps.dll
2010-11-20 21:23:31 4068864 ----a-w- C:\Windows\System32\mf.dll
2010-11-20 21:23:31 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2010-11-20 21:23:31 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2010-11-20 21:23:31 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2010-11-20 21:23:31 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2010-11-20 21:23:30 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
2010-11-10 04:20:56 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

==================== Find3M ====================

2010-10-19 16:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-09-23 06:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-23 06:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-09-21 20:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 20:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-15 10:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-13 21:28:00 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

============= FINISH: 20:22:08.73 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 land44

land44
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 11 December 2010 - 06:17 PM

Following instructions for another thread like mine, the redirection seems to be entirely fixed. Thanks for the very helpful info in that thread!

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:04:41 PM

Posted 12 December 2010 - 08:54 PM

Thanks for letting me know :thumbup2:

-----------------------------------------------

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users