Tech Support Forum banner
Cancel

Mozilla and Explorer get redirected to other sites

Jump to Latest Follow
Status
Not open for further replies.
1 - 3 of 3 Posts
A

· Registered
Joined
·
1 Posts
Discussion Starter · #1 ·
Most times when I use Mozilla or Explorere, the site I enter gets redirected to one I did not want. I am trying to follow the directions for subitting information. Below is the DDS.txt file.

DDS (Version 1.0) - NTFSx86
Run by Alistair Watt at 11:25:17.29 on 12 Nov 2008
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1421 [GMT -4:00]

============== Running Processes ===============

C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
c:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\DOCUME~1\ALISTA~1\LOCALS~1\Temp\Temporary Directory 4 for gmer.zip\gmer.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Documents and Settings\Alistair Watt\Desktop\dds.scr
C:\DOCUME~1\ALISTA~1\LOCALS~1\Temp\RarSFX1\WREGS.EXE

============== Psuedo HJT Report ===============

uStart Page = hxxp://www.google.com/calendar/render
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: System=kdkmg.exe
BHO: {06647158-359E-4D10-A8DE-E6145DA90BE9} - c:\progra~1\trendm~1\intern~1\PccIeBar.dll
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
TB: {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - c:\progra~1\trendm~1\intern~1\PccIeBar.dll
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: {871F91FD-3A92-4988-A842-16AB2CFF5AF1} - c:\progra~1\trendm~1\intern~1\PccIeBar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RemoteCenter] c:\program files\creative\mediasource\remotecontrol\RcMan.exe
uRun: [MtdAcq] c:\program files\creative\shared files\media sniffer\MtdAcq.EXE /s
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [pccguide.exe] "c:\program files\trend micro\internet security 2006\pccguide.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [HPHUPD05] c:\program files\hewlett-packard\\{5372b9a6-6e51-4f90-9b40-e0a3b8475c4e}\hphupd05.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe"
mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy2\surround mixer\CTSysVol.exe
mRun: [SBDrvDet] c:\program files\creative\sb drive det\SBDrvDet.exe /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [CTStartup] "c:\program files\creative\splash screen\CTEaxSpl.EXE" /run
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2\dvdaudio\CTDVDDET.EXE"
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [dvd43] c:\program files\dvd43\dvd43_tray.exe
mRun: [c:\windows\system32\kdkmg.exe] c:\windows\system32\kdkmg.exe
dRunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy'
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
mPolicies-explorer: <NO NAME> =
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: {924C4DCA-A234-49D7-ADE0-1CA92C07EB01} = 85.255.112.132;85.255.112.12
TCP: {D3659D05-4415-422D-995B-DEBDCF166792} = 85.255.112.132;85.255.112.12
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - c:\windows\system32\upnpui.dll
SEH: {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;c:\windows\system32\drivers\AN983.sys
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMhelpr.sys
R3 ctgame;Game Port;c:\windows\system32\drivers\ctgame.sys
R3 SMC55T;SMC EZ Card 10/100 (SMC1255TX);c:\windows\system32\drivers\SMC55T51.sys
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe
S3 p2pgasvc;Peer Networking Group Authentication;c:\windows\system32\svchost.exe
S3 p2pimsvc;Peer Networking Identity Manager;c:\windows\system32\svchost.exe
S3 p2psvc;Peer Networking;c:\windows\system32\svchost.exe
S3 PNRPSvc;Peer Name Resolution Protocol;c:\windows\system32\svchost.exe

=============== Created Last 30 ================

2008-11-12 08:08 250 a------- c:\windows\gmer.ini
2008-11-09 09:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVSVideoBurner
2008-10-30 13:18 <DIR> --dshr-- C:\resycled
2008-10-28 10:26 18,816 a------- c:\windows\system32\drivers\dvd43llh.sys
2008-10-23 23:28 <DIR> --d----- c:\program files\iPod
2008-10-23 23:28 <DIR> --d----- c:\program files\iTunes
2008-10-23 23:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-23 23:24 32,000 a------- c:\windows\system32\drivers\usbaapl.sys
2008-10-23 23:15 <DIR> --d----- c:\program files\Bonjour
2008-10-23 17:18 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2008-10-18 00:50 129,784 -------- c:\windows\system32\pxafs.dll
2008-10-18 00:50 120,056 -------- c:\windows\system32\pxcpyi64.exe
2008-10-18 00:50 118,520 -------- c:\windows\system32\pxinsi64.exe
2008-10-18 00:50 <DIR> --d----- c:\program files\DivX
2008-10-15 15:35 333,824 -c------ c:\windows\system32\dllcache\srv.sys
2008-10-15 15:34 1,846,400 -c------ c:\windows\system32\dllcache\win32k.sys
2008-10-15 15:34 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-15 15:34 2,189,184 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-15 15:34 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-15 15:34 2,066,048 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe

==================== Find3M ====================

2008-11-09 13:07 <DIR> --d----- c:\program files\WinTV
2008-11-09 10:51 <DIR> --d----- c:\program files\Online Services
2008-10-28 16:29 <DIR> --d----- c:\program files\AVS4YOU
2008-10-28 10:26 <DIR> --d----- c:\program files\dvd43
2008-09-28 13:38 <DIR> --d----- c:\program files\Picasa2
2008-09-19 17:55 1,044,480 a------- c:\windows\system32\libdivx.dll
2008-09-19 17:55 200,704 a------- c:\windows\system32\ssldivx.dll
2008-09-19 13:10 4,456 a------- c:\windows\system32\d3d9caps.dat
2008-09-15 20:14 524,288 a------- c:\windows\system32\DivXsm.exe
2008-09-15 20:14 3,596,288 a------- c:\windows\system32\qt-dx331.dll
2008-09-15 20:12 196,608 a------- c:\windows\system32\dtu100.dll
2008-09-15 20:12 81,920 a------- c:\windows\system32\dpl100.dll
2008-09-15 20:12 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-09-15 20:12 344,064 a------- c:\windows\system32\dpus11.dll
2008-09-15 20:12 294,912 a------- c:\windows\system32\dpu11.dll
2008-09-15 20:12 294,912 a------- c:\windows\system32\dpu10.dll
2008-09-15 20:12 57,344 a------- c:\windows\system32\dpv11.dll
2008-09-15 20:12 53,248 a------- c:\windows\system32\dpuGUI10.dll
2008-09-15 20:11 823,296 a------- c:\windows\system32\divx_xx0c.dll
2008-09-15 20:11 823,296 a------- c:\windows\system32\divx_xx07.dll
2008-09-15 20:11 815,104 a------- c:\windows\system32\divx_xx0a.dll
2008-09-15 20:11 802,816 a------- c:\windows\system32\divx_xx11.dll
2008-09-15 20:11 683,520 a------- c:\windows\system32\DivX.dll
2008-09-15 20:11 161,096 a------- c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-15 20:11 12,288 a------- c:\windows\system32\DivXWMPExtType.dll
2008-09-15 08:12 1,846,400 a------- c:\windows\system32\win32k.sys
2008-09-03 08:52 <DIR> --d----- c:\docume~1\alista~1\applic~1\Windows Search
2008-09-02 23:10 <DIR> --d----- c:\docume~1\alista~1\applic~1\Windows Desktop Search
2008-09-02 23:08 409,600 a------- c:\windows\system32\wrap_oal.dll
2008-09-02 23:08 114,688 a------- c:\windows\system32\OpenAL32.dll
2008-09-02 11:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2008-08-29 09:18 87,336 a------- c:\windows\system32\dns-sd.exe
2008-08-29 08:53 61,440 a------- c:\windows\system32\dnssd.dll
2008-08-26 03:24 826,368 a------- c:\windows\system32\wininet.dll
2008-07-11 19:34 <DIR> --d----- c:\docume~1\alista~1\applic~1\AVS4YOU
2008-06-30 18:18 <DIR> --d----- c:\docume~1\alista~1\applic~1\vlc
2008-05-02 00:59 <DIR> --d----- c:\docume~1\alista~1\applic~1\SmartDraw
2008-04-06 21:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Acoustica
2008-03-24 16:43 <DIR> --d----- c:\docume~1\alista~1\applic~1\Steinberg
2008-01-09 21:53 <DIR> --d----- c:\docume~1\alista~1\applic~1\Creative ASR2
2007-12-15 19:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVS4YOU
2007-11-26 22:05 <DIR> --d----- c:\docume~1\alista~1\applic~1\GetRightToGo
2007-11-26 22:05 <DIR> --d----- c:\docume~1\alista~1\applic~1\CursorArts
2007-11-19 06:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kodak
2007-10-08 15:54 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DFX
2008-06-07 08:48 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008060720080608\index.dat

============= FINISH: 11:26:57.59 ===============
 

Attachments

Angelfire777

· Registered
Joined
·
4,590 Posts
#2 ·
Hi,

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
 
Save Share
Angelfire777

· Registered
Joined
·
4,590 Posts
#3 ·
Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

IMPORTANT - Read This Before Posting For Malware Removal Help
 
Save Share
1 - 3 of 3 Posts
Status
Not open for further replies.
About this Discussion
2 Replies
2 Participants
Last post:
Angelfire777
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top