Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

default browser keeps opening randomly


  • Please log in to reply
7 replies to this topic

#1 Shadowzee

Shadowzee

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 31 March 2013 - 09:15 PM

When I don't have a broswer selected, my default browser opens, and when the browser is selected, it keeps returning to its home page.
Its been occuring for several days now, and the only way I can stop it is by ending the processes explorer.exe
 
But it is still persistant after I did a fresh install and deleted everything off my C drive.
I've also unplugged my keyboard and reinstalled the drives, but that hasn't solved the problem either.
 
All I have found out is that it presses keycode 172.
 
Someone please save me from this madness!!

Edited by hamluis, 05 April 2013 - 10:19 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:44 AM

Posted 01 April 2013 - 10:16 AM

Please download MiniToolBox  , save it to your desktop and run it.

 

Checkmark the following checkboxes:

  List last 10 Event Viewer log

  List Installed Programs

  List Users, Partitions and Memory size.

 

Click Go and paste the content into your next post.

 

Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link.  Do not copy/paste data from the report.

 

Louis



#3 Shadowzee

Shadowzee
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 01 April 2013 - 08:21 PM

MiniToolBox by Farbar  Version:05-03-2013
Ran by Stefan (administrator) on 02-04-2013 at 12:19:41
Running from "C:\Users\Stefan\Downloads"
Windows 7 Professional  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/02/2013 11:49:53 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:52 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:52 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:52 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
Error: (04/02/2013 11:49:52 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (460) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.
 
 
System errors:
=============
Error: (04/02/2013 11:56:11 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (04/02/2013 11:56:11 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (04/02/2013 11:46:59 AM) (Source: NetBT) (User: )
Description: The name "STEFAN-PC      :20" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.9 did not allow the name to be claimed by
this computer.
 
Error: (04/02/2013 11:46:59 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{3A9B82FC-40A6-4CF1-B107-FCB736DFDC29} because another computer on the network has the same name.  The server could not start.
 
Error: (04/02/2013 11:46:56 AM) (Source: NetBT) (User: )
Description: The name "STEFAN-PC      :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.9 did not allow the name to be claimed by
this computer.
 
Error: (04/01/2013 01:41:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.147.794.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (04/01/2013 01:41:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 0.0.0.0
 
Update Source: %NT AUTHORITY51
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (04/01/2013 01:41:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update the engine.
 
New Engine Version: 
 
Previous Engine Version: 
 
Engine Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Error Code: %NT AUTHORITY601
 
Error description: %NT AUTHORITY602
 
Error: (04/01/2013 01:41:47 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 
 
Update Source: %NT AUTHORITY15
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (04/01/2013 01:40:46 AM) (Source: Microsoft Antimalware) (User: )
Description: %Stefan-PC60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 0.0.0.0
 
Update Source: %Stefan-PC51
 
Update Stage: 4.2.0223.00
 
Source Path: 4.2.0223.01
 
Signature Type: %Stefan-PC602
 
Update Type: %Stefan-PC604
 
User: Stefan-PC\Stefan
 
Current Engine Version: %Stefan-PC605
 
Previous Engine Version: %Stefan-PC606
 
Error code: %Stefan-PC607
 
Error description: %Stefan-PC608
 
 
Microsoft Office Sessions:
=========================
Error: (04/02/2013 11:49:53 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:53 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:52 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:52 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:52 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
Error: (04/02/2013 11:49:52 AM) (Source: ESENT)(User: )
Description: wuaueng.dll460SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-546
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
AMD APP SDK Runtime (Version: 2.5.709.2)
AMD Catalyst Install Manager (Version: 3.0.838.0)
BitTorrent (Version: 7.8.0.29343)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0930.2209.37895)
Catalyst Control Center Graphics Previews Common (Version: 2011.0930.2209.37895)
Catalyst Control Center InstallProxy (Version: 2011.0930.2209.37895)
Catalyst Control Center Localization All (Version: 2011.0930.2209.37895)
Catalyst Control Center Profiles Mobile (Version: 2011.0930.2209.37895)
CCC Help Chinese Standard (Version: 2011.0930.2208.37895)
CCC Help Chinese Traditional (Version: 2011.0930.2208.37895)
CCC Help Czech (Version: 2011.0930.2208.37895)
CCC Help Danish (Version: 2011.0930.2208.37895)
CCC Help Dutch (Version: 2011.0930.2208.37895)
CCC Help English (Version: 2011.0930.2208.37895)
CCC Help Finnish (Version: 2011.0930.2208.37895)
CCC Help French (Version: 2011.0930.2208.37895)
CCC Help German (Version: 2011.0930.2208.37895)
CCC Help Greek (Version: 2011.0930.2208.37895)
CCC Help Hungarian (Version: 2011.0930.2208.37895)
CCC Help Italian (Version: 2011.0930.2208.37895)
CCC Help Japanese (Version: 2011.0930.2208.37895)
CCC Help Korean (Version: 2011.0930.2208.37895)
CCC Help Norwegian (Version: 2011.0930.2208.37895)
CCC Help Polish (Version: 2011.0930.2208.37895)
CCC Help Portuguese (Version: 2011.0930.2208.37895)
CCC Help Russian (Version: 2011.0930.2208.37895)
CCC Help Spanish (Version: 2011.0930.2208.37895)
CCC Help Swedish (Version: 2011.0930.2208.37895)
CCC Help Thai (Version: 2011.0930.2208.37895)
CCC Help Turkish (Version: 2011.0930.2208.37895)
ccc-utility64 (Version: 2011.0930.2209.37895)
Google Chrome (Version: 26.0.1410.43)
Google Update Helper (Version: 1.3.21.135)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Product Detection (Version: 11.15.0004)
HP Support Assistant (Version: 6.1.12.1)
IDT Audio (Version: 1.0.6345.0)
Intel® Display Audio Driver (Version: 6.14.00.3074)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (Version: 14.2.0.0216)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
Pando Media Booster (Version: 2.6.0.9)
PX Profile Update (Version: 1.00.1.)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
Skype™ 6.3 (Version: 6.3.105)
StarCraft II (Version: 2.0.6.25180)
Steam (Version: 1.0.0.0)
Vessel
VLC media player 2.0.5 (Version: 2.0.5)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 32%
Total physical RAM: 8139.86 MB
Available physical RAM: 5483.17 MB
Total Pagefile: 16277.87 MB
Available Pagefile: 13468.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3987.33 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:460.67 GB) (Free:432.82 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.97 GB) (Free:1.56 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
4 Drive f: (GRMCPRXFREO_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
5 Drive s: (Programs) (Fixed) (Total:456.57 GB) (Free:135.94 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\STEFAN-PC
 
Administrator            Guest                    Stefan                   
 
 
**** End of log ****


#4 Shadowzee

Shadowzee
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 01 April 2013 - 08:22 PM

http://speccy.piriform.com/results/KOCpU7CuJEr72FqK7O2hGZd



#5 Shadowzee

Shadowzee
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 02 April 2013 - 07:58 PM

I've removed my keyboard and booted in safe mode, however my default browser still keeps launching.

Is it somehow possible to change the binding for the keycode 172?, so that it doesn't open new browsers,

or is it possible to disable that key? (the key doesn't exist on my keyboard)

Also using a macro recorder, it seems they key gets pressed down for about 2 milliseconds before being released

but the time between the presses vary.



#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:44 AM

Posted 03 April 2013 - 01:46 PM

1 Drive c: () (Fixed) (Total:460.67 GB) (Free:432.82 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:13.97 GB) (Free:1.56 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
4 Drive f: (GRMCPRXFREO_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
5 Drive s: (Programs) (Fixed) (Total:456.57 GB) (Free:135.94 GB) NTFS
 
Although you now have nothing but Windows installed on the C: drive...this is not the way that laptops normally are configured.
 
Deleting everything from the C: partition...would not necessarily indicate that the system is free of malware, IMO, looking at the 4 partitions on the hard drive at this moment.
 
Louis.


#7 Shadowzee

Shadowzee
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:11:44 AM

Posted 05 April 2013 - 06:22 AM

I've dont a virus scan, but i can't do a root kit scan since the files are compressed/encrypted.... i don't think its those partitions, since i have never accessed them or used them (i didn't even no the hp tools existed until i reinstalled)



#8 hamluis

hamluis

    Moderator


  • Moderator
  • 56,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:44 AM

Posted 05 April 2013 - 10:17 AM

Let's move this to Am I Infected for a check...if the check is negative, I can simply move your topic back to the Win 7 forum where other paths can then be pursued.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users