Thread: Firefox redirects and pop-ups
View Single Post
Old 11-13-2008, 05:43 PM   #1 (permalink)
YSRRider
Registered User
 
Join Date: Jan 2005
Posts: 70
OS: XP


Firefox redirects and pop-ups
When I do searches on YAHOO and click a link it often redirects to INFO.COM. I get random pop-ups now even though the firefox blocker is on. Randomly when I click my AIM messenger out of the system tray, it will open IE and I get 100 pop ups a minute, the only way to stop it is to open the task manager and shut AIM down.




-----------------------------------------------------------------------
HJT LOG


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:42:06 PM, on 11/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLL
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1194377256140
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe

--
End of file - 2865 bytes
---------------------------------------------------------------------

DDS LOG 1

DDS (Version 1.0) - NTFSx86
Run by Drake1 at 18:41:24.01 on Thu 11/13/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.268 [GMT -6:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Drake1\Desktop\dds.scr

============== Psuedo HJT Report ===============

uStart Page = hxxp://www.aol.com/
uSearch Bar = hxxp://www.comcast.net/toolbar2.0/search/
mSearchAssistant = hxxp://www.comcast.net/toolbar2.0/search/
BHO: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - c:\progra~1\comcas~2\COMCAS~1.DLL
TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - c:\progra~1\comcas~2\COMCAS~1.DLL
TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - c:\progra~1\comcas~2\COMCAS~1.DLL
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl
mRun: [nForce Tray Options] sstray.exe /r
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_03\bin\jusched.exe
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

============= SERVICES / DRIVERS ===============

S3 slicedisk.sys;slicedisk.sys;\??\c:\windows\system32\slicedisk.sys
S4 hpt3xx;hpt3xx;

=============== Created Last 30 ================

2008-11-13 18:27 <DIR> --d----- c:\program files\Trend Micro
2008-11-12 11:09 250 a------- c:\windows\gmer.ini

==================== Find3M ====================

2008-11-12 23:54 <DIR> --d----- c:\docume~1\drake1\applic~1\ComcastToolbar
2008-05-21 11:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SupportSoft
2007-11-18 16:14 <DIR> --d----- c:\docume~1\drake1\applic~1\Viewpoint
2007-11-06 13:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint

============= FINISH: 18:41:28.95 ===============


DDS LOG 2


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Version 1.0)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/6/2007 3:04:10 AM
System Uptime: 11/13/2008 6:31:14 PM (0 hours ago)

Motherboard: ASUSTeK Computer INC. | | A7N8X-E
Processor: AMD Athlon(tm) XP 3000+ | Socket A | 2091/200mhz
BIOS: Phoenix - AwardBIOS v6.00PG | Nvidia - 42302e31 | ASUS A7N8X-E Deluxe ACPI BIOS Rev 1009 | 2/3/2004 6:00:00 PM

==== Disk Partitions =========================

C: is FIXED (NTFS) - 128 GiB total, 6.277 GiB free.
D: is FIXED (NTFS) - 79 GiB total, 25.476 GiB free.
E: is FIXED (NTFS) - 80 GiB total, 6.958 GiB free.
F: is CDROM (CDFS)
G: is CDROM (CDFS)
H: is FIXED (NTFS) - 56 GiB total, 26.497 GiB free.
I: is FIXED (NTFS) - 134 GiB total, 116.629 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_10DE&DEV_0068&SUBSYS_0C111043&REV_A4\3&13C0B0C5&0&12
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_10DE&DEV_0068&SUBSYS_0C111043&REV_A4\3&13C0B0C5&0&12
Service:

==== System Restore Points ===================

RP283: 8/15/2008 10:33:12 PM - System Checkpoint
RP284: 8/16/2008 11:27:53 PM - System Checkpoint
RP285: 8/18/2008 12:23:39 AM - System Checkpoint
RP286: 8/19/2008 1:16:11 AM - System Checkpoint
RP287: 8/20/2008 2:26:31 AM - System Checkpoint
RP288: 8/21/2008 2:30:13 AM - System Checkpoint
RP289: 8/22/2008 3:01:18 AM - System Checkpoint
RP290: 8/23/2008 3:55:59 AM - System Checkpoint
RP291: 8/24/2008 4:50:39 AM - System Checkpoint
RP292: 8/25/2008 5:42:19 AM - System Checkpoint
RP293: 8/26/2008 6:39:06 AM - System Checkpoint
RP294: 8/27/2008 7:33:49 AM - System Checkpoint
RP295: 8/28/2008 8:28:30 AM - System Checkpoint
RP296: 8/29/2008 9:23:10 AM - System Checkpoint
RP297: 8/30/2008 10:17:52 AM - System Checkpoint
RP298: 8/31/2008 11:12:33 AM - System Checkpoint
RP299: 9/1/2008 1:26:11 PM - System Checkpoint
RP300: 9/2/2008 1:28:34 PM - System Checkpoint
RP301: 9/3/2008 2:28:32 PM - System Checkpoint
RP302: 9/4/2008 3:02:09 PM - System Checkpoint
RP303: 9/5/2008 3:04:04 PM - System Checkpoint
RP304: 9/6/2008 3:58:33 PM - System Checkpoint
RP305: 9/7/2008 4:52:53 PM - System Checkpoint
RP306: 9/8/2008 5:48:24 PM - System Checkpoint
RP307: 9/9/2008 5:50:39 PM - System Checkpoint
RP308: 9/10/2008 6:39:35 PM - System Checkpoint
RP309: 9/11/2008 7:33:56 PM - System Checkpoint
RP310: 9/12/2008 8:08:56 PM - System Checkpoint
RP311: 9/13/2008 8:45:24 PM - System Checkpoint
RP312: 9/14/2008 9:30:58 PM - System Checkpoint
RP313: 9/15/2008 11:01:52 PM - System Checkpoint
RP314: 9/17/2008 2:13:37 AM - System Checkpoint
RP315: 9/18/2008 2:24:15 AM - System Checkpoint
RP316: 9/19/2008 2:39:43 AM - System Checkpoint
RP317: 9/20/2008 3:01:57 AM - System Checkpoint
RP318: 9/21/2008 3:56:29 AM - System Checkpoint
RP319: 9/22/2008 4:50:59 AM - System Checkpoint
RP320: 9/23/2008 5:46:36 AM - System Checkpoint
RP321: 9/24/2008 6:41:11 AM - System Checkpoint
RP322: 9/25/2008 7:35:42 AM - System Checkpoint
RP323: 9/26/2008 8:30:13 AM - System Checkpoint
RP324: 9/27/2008 9:24:43 AM - System Checkpoint
RP325: 9/28/2008 10:19:14 AM - System Checkpoint
RP326: 9/29/2008 11:14:46 AM - System Checkpoint
RP327: 9/30/2008 12:08:10 PM - System Checkpoint
RP328: 10/1/2008 1:01:42 PM - System Checkpoint
RP329: 10/2/2008 1:13:46 PM - System Checkpoint
RP330: 10/3/2008 1:51:48 PM - System Checkpoint
RP331: 10/4/2008 2:47:23 PM - System Checkpoint
RP332: 10/5/2008 3:28:50 PM - System Checkpoint
RP333: 10/6/2008 3:32:10 PM - System Checkpoint
RP334: 10/7/2008 4:30:03 PM - System Checkpoint
RP335: 10/8/2008 5:56:35 PM - System Checkpoint
RP336: 10/9/2008 7:25:29 PM - System Checkpoint
RP337: 10/10/2008 9:47:49 PM - System Checkpoint
RP338: 10/11/2008 10:14:36 PM - System Checkpoint
RP339: 10/12/2008 11:07:48 PM - System Checkpoint
RP340: 10/14/2008 12:26:09 AM - System Checkpoint
RP341: 10/15/2008 12:56:26 AM - System Checkpoint
RP342: 10/16/2008 2:09:57 AM - System Checkpoint
RP343: 10/17/2008 2:43:33 AM - System Checkpoint
RP344: 10/18/2008 3:39:02 AM - System Checkpoint
RP345: 10/19/2008 4:32:16 AM - System Checkpoint
RP346: 10/20/2008 5:26:35 AM - System Checkpoint
RP347: 10/21/2008 6:20:59 AM - System Checkpoint
RP348: 10/22/2008 6:29:20 AM - System Checkpoint
RP349: 10/23/2008 7:23:55 AM - System Checkpoint
RP350: 10/24/2008 8:20:21 AM - System Checkpoint
RP351: 10/25/2008 9:14:24 AM - System Checkpoint
RP352: 10/26/2008 9:04:31 AM - System Checkpoint
RP353: 10/27/2008 9:58:32 AM - System Checkpoint
RP354: 10/28/2008 10:53:57 AM - System Checkpoint
RP355: 10/29/2008 11:48:04 AM - System Checkpoint
RP356: 10/30/2008 11:56:47 AM - System Checkpoint
RP357: 10/31/2008 11:59:21 AM - System Checkpoint
RP358: 11/1/2008 12:58:10 PM - System Checkpoint
RP359: 11/2/2008 1:28:56 PM - System Checkpoint
RP360: 11/3/2008 2:24:15 PM - System Checkpoint
RP361: 11/4/2008 2:56:50 PM - System Checkpoint
RP362: 11/5/2008 3:49:45 PM - System Checkpoint
RP363: 11/6/2008 4:46:47 PM - System Checkpoint
RP364: 11/7/2008 5:42:26 PM - System Checkpoint
RP365: 11/8/2008 6:35:42 PM - System Checkpoint
RP366: 11/9/2008 9:25:11 PM - System Checkpoint
RP367: 11/10/2008 11:03:13 PM - System Checkpoint
RP368: 11/11/2008 10:40:15 AM - Restore Operation
RP369: 11/12/2008 12:03:48 PM - System Checkpoint
RP370: 11/13/2008 12:34:15 PM - System Checkpoint

==== Installed Programs ======================

Active@ Partition Recovery Enterprise
Adobe Shockwave Player
AOL Instant Messenger
ATI Control Panel
ATI Display Driver
ATI DVD Decoder 2.2.0.0
ATI HydraVision
ATI Multimedia Center 8.1.0.0
Comcast Toolbar
Comcast Universal Installer v1.2
DAO
Desktop Doctor
DVDDec
Find and Mount 2.3
HijackThis 2.0.2
J2SE Runtime Environment 5.0 Update 3
LimeWire PRO 4.9.32
Marvell Miniport Driver
MMC81
Mozilla Firefox (2.0.0.18)
NVIDIA nForce Drivers
PartitionMagic
PowerQuest PartitionMagic 8.0
Recover My Files
Viewpoint Media Player
WebFldrs XP
Windows Live Messenger
Windows Media Encoder 9 Series
Windows XP Service Pack 2
WinMX
Winmx 3.53 3.0 Patch

==== Event Viewer Messages ===================

11/8/2008 2:23:37 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00:90:F5:57:7E:98. Network operations on this system may be disrupted as a result.
11/12/2008 1:12:15 AM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

==== End Of File ===========================













I have attached the HJT log and both of the DDS logs.

thanks!
YSRRider is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here