Thread: Firefox redirection/pop up & possible Blue S.o.D.
View Single Post
Old 07-01-2009, 12:20 PM   #1 (permalink)
Exoeros
Registered User
 
Join Date: Jul 2009
Posts: 3
OS: Xp


Firefox redirection/pop up & possible Blue S.o.D.
Hi,
I have been just recently maybe a week or so ago getting redirected to weird search engines and just other random websites whenever i click a link be it in firefox through the google engine or IE. And just today i turned on my pc and was just away for a little and i hadn't clicked on anything at all and a random pop up blew up on my screen. (also there's been a blue screen maybe 3 here or there but i haven't had one recently dunno if they were related but those started maybe a month or two ago)

DDS (Ver_09-06-26.01) - NTFSx86
Run by Owner at 10:58:22.37 on Wed 07/01/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2814.2244 [GMT -4:00]

AV: avast! antivirus 4.8.1335 [VPS 090630-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Razer\Lachesis\OSD.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.bearshare.com/
uSearch Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: BearShare MediaBar: {d3dee18f-db64-4beb-9ff1-e1f0a5033e4a} - c:\program files\bearshare applications\bearshare mediabar\BearShareMediaBar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
mRun: [Lycosa] "c:\program files\razer\lycosa\razerhid.exe"
mRun: [Lachesis] c:\program files\razer\lachesis\razerhid.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1216094202484
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://ares.netgame.com/download/mglaunch_USAv1002.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 85.255.112.64,85.255.112.225
TCP: {ECF85C11-0078-4E52-A07A-E6554CE08406} = 85.255.112.64,85.255.112.225
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\aijnx279.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\aijnx279.default\extensions\npdyyno@dyyno.com\plugins\npDyyno.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMFireLauncher.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-6-22 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-6-22 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-6-22 138680]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2008-10-21 12032]
R3 LycoFltr;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [2008-10-21 21888]
S2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\planex\common\RalinkRegistryWriter.exe [2009-5-28 69632]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-6-22 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-6-22 352920]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2009-5-28 36928]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2009-5-28 583680]
S3 uisp;Freescale USB JW32 driver;c:\windows\system32\drivers\Usbicp.sys [2008-10-21 14592]
S3 XDva186;XDva186;\??\c:\windows\system32\xdva186.sys --> c:\windows\system32\XDva186.sys [?]
S3 XDva224;XDva224;\??\c:\windows\system32\xdva224.sys --> c:\windows\system32\XDva224.sys [?]
S3 XDva226;XDva226;\??\c:\windows\system32\xdva226.sys --> c:\windows\system32\XDva226.sys [?]
S3 XDva248;XDva248;\??\c:\windows\system32\xdva248.sys --> c:\windows\system32\XDva248.sys [?]

=============== Created Last 30 ================

2009-07-01 10:23 388,608 a------- c:\windows\system32\CF32135.exe
2009-07-01 10:23 <DIR> --ds---- C:\ComboFix
2009-07-01 10:18 <DIR> --d----- c:\program files\Trend Micro
2009-06-21 21:47 <DIR> --d----- c:\program files\Perfect World Entertainment
2009-06-20 13:10 54,272 a------- c:\windows\system32\MSIVXgtvfihvwltrmwmparxyerfwklbupxbpp.dll
2009-06-20 13:10 4 a------- c:\windows\system32\MSIVXcount
2009-06-17 19:16 <DIR> --d----- c:\program files\Real Alternative
2009-06-17 19:14 <DIR> --d----- c:\program files\GRETECH
2009-06-13 21:32 483,328 a------- c:\windows\system32\actskn45.ocx
2009-06-13 21:32 <DIR> --d----- c:\program files\BearShare Applications

==================== Find3M ====================

2009-05-30 19:56 36,928 a------- c:\windows\system32\drivers\pssdk41.sys
2009-05-28 18:41 376,832 a------- c:\windows\system32\AegisI5Installer.exe
2009-05-28 18:41 21,361 a------- c:\windows\system32\drivers\AegisP.sys
2009-05-01 00:30 81,920 a------- c:\windows\system32\nvwddi.dll
2009-05-01 00:30 3,117,056 a------- c:\windows\system32\nvwss.dll
2009-05-01 00:30 4,038,656 a------- c:\windows\system32\nvvitvs.dll
2009-05-01 00:30 1,282,048 a------- c:\windows\system32\nvmobls.dll
2009-05-01 00:30 188,416 a------- c:\windows\system32\nvmccss.dll
2009-05-01 00:30 3,510,272 a------- c:\windows\system32\nvgames.dll
2009-05-01 00:30 4,014,080 a------- c:\windows\system32\nvdisps.dll
2009-05-01 00:30 168,004 a------- c:\windows\system32\nvsvc32.exe
2009-05-01 00:30 13,750,272 a------- c:\windows\system32\nvcpl.dll
2009-05-01 00:30 86,016 a------- c:\windows\system32\nvmctray.dll
2009-05-01 00:30 229,376 a------- c:\windows\system32\nvmccs.dll
2009-04-30 22:02 9,994,240 a------- c:\windows\system32\nvoglnt.dll
2009-04-30 22:02 5,896,320 a------- c:\windows\system32\nv4_disp.dll
2009-04-30 22:02 1,720,320 a------- c:\windows\system32\nvcuda.dll
2009-04-30 22:02 1,579,630 a------- c:\windows\system32\nvdata.bin
2009-04-30 22:02 1,314,816 a------- c:\windows\system32\nvcuvenc.dll
2009-04-30 22:02 806,912 a------- c:\windows\system32\nvapi.dll
2009-04-30 22:02 663,552 a------- c:\windows\system32\nvcuvid.dll
2009-04-30 22:02 457,248 a------- c:\windows\system32\nvudisp.exe
2009-04-30 22:02 143,360 a------- c:\windows\system32\nvcodins.dll
2009-04-30 22:02 143,360 a------- c:\windows\system32\nvcod.dll
2009-04-27 00:42 457,248 a------- c:\windows\system32\NVUNINST.EXE
2009-04-12 09:58 65,536 a------- c:\windows\IFinst27.exe
2008-09-11 10:35 24 a------- c:\documents and settings\owner\jagex_runescape_preferences.dat

============= FINISH: 10:58:27.82 ===============

Hope i did this right
Attached Files
File Type: rar attach.rar (4.4 KB, 2 views)
Exoeros is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here