Internet Explorer started redirecting to multiple sites. Even when Internet Explorer was closed I could still hear audio from commercials. I performed Avg updates and scans. It came back with Trojan horse Generic 13.ATYY. I quarentined it. Now Internet Explorer only redirects when I try to update via Microsoft.com to google. Also when I try to use windows update in Vista I recieve an error code 80244019. Please Help.
DDS (Ver_09-05-14.01) - NTFSx86
Run by Mateo at 9:12:10.72 on Sat 05/23/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3069.2230 [GMT -7:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\ieuser.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Mateo\Desktop\dds.scr
============== Pseudo HJT Report ===============
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-22 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-22 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-5-22 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-22 298776]
=============== Created Last 30 ================
2009-05-23 01:43 <DIR> --d----- c:\programdata\WindowsSearch
2009-05-23 00:27 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-05-23 00:02 <DIR> --d----- c:\users\mateo\appdata\roaming\Malwarebytes
2009-05-23 00:02 <DIR> --d----- c:\programdata\Malwarebytes
2009-05-23 00:02 <DIR> --d----- c:\progra~2\Malwarebytes
2009-05-22 13:03 <DIR> --d----- c:\programdata\Google
2009-05-22 12:54 <DIR> --d----- c:\windows\system32\Adobe
2009-05-22 12:51 327,168 a------- c:\windows\IsUninst.exe
2009-05-22 12:41 <DIR> --d----- c:\programdata\Uninstall
2009-05-22 12:41 <DIR> --d----- c:\progra~2\Uninstall
2009-05-22 12:41 <DIR> --d----- c:\program files\common files\SureThing Shared
2009-05-22 12:39 <DIR> --d----- c:\programdata\Sonic
2009-05-22 12:39 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-05-22 12:39 <DIR> --d----- c:\program files\common files\Sonic Shared
2009-05-22 12:37 <DIR> --d----- c:\programdata\InstallShield
2009-05-22 12:37 <DIR> --d----- c:\program files\Roxio
2009-05-22 12:35 <DIR> --d----- c:\windows\Panther
2009-05-22 12:35 8,192 a--s-r-- C:\BOOTSECT.BAK
2009-05-22 12:35 24 a---hr-- c:\windows\dell_version
2009-05-22 12:35 <DIR> --d----- c:\windows\system32\OEM
2009-05-22 12:26 <DIR> --d----- C:\Windows.old
2009-05-22 12:20 <DIR> --d----- c:\programdata\ATI
2009-05-22 12:18 0 a------- c:\windows\ativpsrm.bin
2009-05-22 12:13 <DIR> --d----- c:\program files\ATI Technologies
2009-05-22 12:13 <DIR> --d----- c:\program files\ATI
2009-05-22 12:12 1,904 -------- c:\windows\system32\SetupBD.din
2009-05-22 12:11 228,224 a------- c:\windows\system32\drivers\e1e6032.sys
2009-05-22 12:11 179,048 a------- c:\windows\system32\e1000msg.dll
2009-05-22 12:11 154,496 a------- c:\windows\system32\Prounstl.exe
2009-05-22 12:11 39,288 a------- c:\windows\system32\NicInE6.dll
2009-05-22 12:11 28,536 a------- c:\windows\system32\NicCo6.dll
2009-05-22 12:11 2,689 a------- c:\windows\system32\e1e6032.din
2009-05-22 12:10 <DIR> --d----- C:\Intel
2009-05-22 12:09 <DIR> --d----- c:\program files\Realtek
2009-05-22 12:08 520,192 a------- c:\windows\RtlExUpd.dll
2009-05-22 12:08 315,392 a------- c:\windows\HideWin.exe
2009-05-22 12:07 <DIR> --d----- c:\windows\system32\vmm32
2009-05-22 12:07 <DIR> --d----- c:\program files\Dell
2009-05-22 12:04 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-22 12:04 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-22 12:04 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 12:04 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-05-22 12:04 <DIR> --d----- c:\programdata\avg8
2009-05-22 12:04 <DIR> --d----- c:\program files\AVG
2009-05-22 12:04 <DIR> --d----- c:\progra~2\avg8
2009-05-22 12:03 <DIR> --dsh--- c:\windows\Installer
2009-05-22 11:51 <DIR> --d----- c:\users\Mateo
2009-05-22 11:43 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-21 23:30 263 ---shr-- C:\autorun.inf
2009-04-24 09:39 <DIR> --d----- C:\PSFONTS
==================== Find3M ====================
2009-05-22 12:14 51,200 a------- c:\windows\inf\infpub.dat
2009-05-22 12:14 86,016 a------- c:\windows\inf\infstrng.dat
2009-05-22 12:14 86,016 a------- c:\windows\inf\infstor.dat
2009-05-22 12:09 319,456 a------- c:\windows\DIFxAPI.dll
2008-01-20 19:43 174 a--sh--- c:\program files\desktop.ini
2008-01-20 19:32 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 9:12:26.84 ===============
DDS (Ver_09-05-14.01) - NTFSx86
Run by Mateo at 9:12:10.72 on Sat 05/23/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3069.2230 [GMT -7:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\ieuser.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Mateo\Desktop\dds.scr
============== Pseudo HJT Report ===============
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-22 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-22 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-5-22 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-22 298776]
=============== Created Last 30 ================
2009-05-23 01:43 <DIR> --d----- c:\programdata\WindowsSearch
2009-05-23 00:27 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-05-23 00:02 <DIR> --d----- c:\users\mateo\appdata\roaming\Malwarebytes
2009-05-23 00:02 <DIR> --d----- c:\programdata\Malwarebytes
2009-05-23 00:02 <DIR> --d----- c:\progra~2\Malwarebytes
2009-05-22 13:03 <DIR> --d----- c:\programdata\Google
2009-05-22 12:54 <DIR> --d----- c:\windows\system32\Adobe
2009-05-22 12:51 327,168 a------- c:\windows\IsUninst.exe
2009-05-22 12:41 <DIR> --d----- c:\programdata\Uninstall
2009-05-22 12:41 <DIR> --d----- c:\progra~2\Uninstall
2009-05-22 12:41 <DIR> --d----- c:\program files\common files\SureThing Shared
2009-05-22 12:39 <DIR> --d----- c:\programdata\Sonic
2009-05-22 12:39 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-05-22 12:39 <DIR> --d----- c:\program files\common files\Sonic Shared
2009-05-22 12:37 <DIR> --d----- c:\programdata\InstallShield
2009-05-22 12:37 <DIR> --d----- c:\program files\Roxio
2009-05-22 12:35 <DIR> --d----- c:\windows\Panther
2009-05-22 12:35 8,192 a--s-r-- C:\BOOTSECT.BAK
2009-05-22 12:35 24 a---hr-- c:\windows\dell_version
2009-05-22 12:35 <DIR> --d----- c:\windows\system32\OEM
2009-05-22 12:26 <DIR> --d----- C:\Windows.old
2009-05-22 12:20 <DIR> --d----- c:\programdata\ATI
2009-05-22 12:18 0 a------- c:\windows\ativpsrm.bin
2009-05-22 12:13 <DIR> --d----- c:\program files\ATI Technologies
2009-05-22 12:13 <DIR> --d----- c:\program files\ATI
2009-05-22 12:12 1,904 -------- c:\windows\system32\SetupBD.din
2009-05-22 12:11 228,224 a------- c:\windows\system32\drivers\e1e6032.sys
2009-05-22 12:11 179,048 a------- c:\windows\system32\e1000msg.dll
2009-05-22 12:11 154,496 a------- c:\windows\system32\Prounstl.exe
2009-05-22 12:11 39,288 a------- c:\windows\system32\NicInE6.dll
2009-05-22 12:11 28,536 a------- c:\windows\system32\NicCo6.dll
2009-05-22 12:11 2,689 a------- c:\windows\system32\e1e6032.din
2009-05-22 12:10 <DIR> --d----- C:\Intel
2009-05-22 12:09 <DIR> --d----- c:\program files\Realtek
2009-05-22 12:08 520,192 a------- c:\windows\RtlExUpd.dll
2009-05-22 12:08 315,392 a------- c:\windows\HideWin.exe
2009-05-22 12:07 <DIR> --d----- c:\windows\system32\vmm32
2009-05-22 12:07 <DIR> --d----- c:\program files\Dell
2009-05-22 12:04 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-22 12:04 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-22 12:04 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-22 12:04 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-05-22 12:04 <DIR> --d----- c:\programdata\avg8
2009-05-22 12:04 <DIR> --d----- c:\program files\AVG
2009-05-22 12:04 <DIR> --d----- c:\progra~2\avg8
2009-05-22 12:03 <DIR> --dsh--- c:\windows\Installer
2009-05-22 11:51 <DIR> --d----- c:\users\Mateo
2009-05-22 11:43 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-21 23:30 263 ---shr-- C:\autorun.inf
2009-04-24 09:39 <DIR> --d----- C:\PSFONTS
==================== Find3M ====================
2009-05-22 12:14 51,200 a------- c:\windows\inf\infpub.dat
2009-05-22 12:14 86,016 a------- c:\windows\inf\infstrng.dat
2009-05-22 12:14 86,016 a------- c:\windows\inf\infstor.dat
2009-05-22 12:09 319,456 a------- c:\windows\DIFxAPI.dll
2008-01-20 19:43 174 a--sh--- c:\program files\desktop.ini
2008-01-20 19:32 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 9:12:26.84 ===============
Attachments
-
2.8 KB Views: 39