Results 1 to 2 of 2

Thread: Annoying browser issue

  1. #1
    Junior Member
    Join Date
    Jun 2011
    Posts
    5

    Default Annoying browser issue

    I am currently working on a clients laptop running windows xp home. Ineternet explorer keeps opening and DEP keeps coming on and closing it without me even opening it. and on top of that I can not get google to redirect to me to links I click on for search results. I used spybot search and destroy to remove some annoying viruses that kept the computer from opening taskmanager and a few other things that need admin privalges and it was preventing it from giving those.

    Heres the DDS file

    .
    Code:
    DDS (Ver_2011-06-12.02) - NTFSx86 
    Internet Explorer: 8.0.6001.18702
    Run by Charlie Ross at 13:20:06 on 2011-06-23
    Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.759.327 [GMT -4:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\WLTRAY.exe
    C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uWindow Title = Internet Explorer, optimized for Bing and MSN
    uDefault_Page_URL = hxxp://www.msn.com
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy 2\SDHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [igfxtray] c:\windows\system32\igfxtray.exe
    mRun: [igfxpers] c:\windows\system32\igfxpers.exe
    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
    mRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\mae mae\start menu\programs\imvu\Run IMVU.lnk
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
    DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1300056452912
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 68.87.72.134 68.87.77.134
    TCP: Interfaces\{80387E96-3ADA-432A-A8EC-AA41E612BF08} : DhcpNameServer = 68.87.72.134 68.87.77.134
    TCP: Interfaces\{ABE26E8B-FD6E-4E7E-995D-FE965E978BD0} : NameServer = 8.8.8.8,8.8.4.4
    Notify: igfxcui - igfxdev.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    Hosts: 127.0.0.1	www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\charlie ross\application data\mozilla\firefox\profiles\dvnyv4s3.default\
    FF - plugin: c:\documents and settings\charlie ross\application data\mozilla\firefox\profiles\dvnyv4s3.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
    FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: IE Tab 2 (FF 3.6+): {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} - %profile%\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-25 165264]
    R1 MpKsl895a83f4;MpKsl895a83f4;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6dda250c-8ba9-4f54-8f7d-9c0c7278f0f3}\MpKsl895a83f4.sys [2011-6-23 28752]
    R2 AMP;AMP;c:\windows\system32\drivers\amp.sys [2010-1-19 127016]
    R2 SDFirewallService;Spybot-S&D 2 Firewall Service;c:\program files\spybot - search & destroy 2\SDFWSvc.exe [2011-6-18 3585696]
    R2 SDMonitorService;Spybot-S&D 2 Monitoring Service;c:\program files\spybot - search & destroy 2\SDMonSvc.exe [2011-6-18 3834456]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2011-6-18 3515656]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2011-6-18 3769048]
    R2 vseamps;vseamps;c:\program files\common files\authentium\antivirus5\vseamps.exe [2010-1-19 121384]
    R2 vsedsps;vsedsps;c:\program files\common files\authentium\antivirus5\vsedsps.exe [2010-1-19 117288]
    S1 MpKsl247fa00f;MpKsl247fa00f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ed768c8a-b32a-41ed-ae85-f90932c8bfd8}\mpksl247fa00f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ed768c8a-b32a-41ed-ae85-f90932c8bfd8}\MpKsl247fa00f.sys [?]
    S1 MpKslf82e36c0;MpKslf82e36c0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c8884ac4-2a9e-46fd-b1b0-bc086d7fa344}\mpkslf82e36c0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c8884ac4-2a9e-46fd-b1b0-bc086d7fa344}\MpKslf82e36c0.sys [?]
    S1 MpKslf9de5691;MpKslf9de5691;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{daac3f57-200a-457e-a729-d4a7398a5074}\mpkslf9de5691.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{daac3f57-200a-457e-a729-d4a7398a5074}\MpKslf9de5691.sys [?]
    S2 AMPSE;AMPSE;c:\windows\system32\drivers\ampse.sys [2010-1-19 1118248]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-13 136176]
    S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2011-6-18 167040]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-13 136176]
    S3 vseqrts;vseqrts;c:\program files\common files\authentium\antivirus5\vseqrts.exe [2010-1-19 158248]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2002-9-3 14336]
    .
    =============== File Associations ===============
    .
    JSEFile=NOTEPAD.EXE %1
    VBEFile=NOTEPAD.EXE %1
    VBSFile=NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2011-06-23 15:40:37	28752	----a-w-	c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6dda250c-8ba9-4f54-8f7d-9c0c7278f0f3}\MpKsl895a83f4.sys
    2011-06-23 15:38:47	7074640	----a-w-	c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{6dda250c-8ba9-4f54-8f7d-9c0c7278f0f3}\mpengine.dll
    2011-06-23 15:34:42	--------	d-----w-	c:\windows\system32\winrm
    2011-06-23 15:34:28	--------	dc-h--w-	c:\windows\$968930Uinstall_KB968930$
    2011-06-23 15:33:58	--------	d-----w-	c:\documents and settings\charlie ross\local settings\application data\Identities
    2011-06-23 15:33:51	--------	d-----w-	c:\documents and settings\charlie ross\application data\Windows Desktop Search
    2011-06-23 15:31:38	--------	d-----w-	c:\program files\Windows Desktop Search
    2011-06-23 15:31:37	--------	d-----w-	c:\windows\system32\GroupPolicy
    2011-06-23 15:29:14	98304	-c----w-	c:\windows\system32\dllcache\nlhtml.dll
    2011-06-23 15:29:14	29696	-c----w-	c:\windows\system32\dllcache\mimefilt.dll
    2011-06-23 15:29:13	192000	-c----w-	c:\windows\system32\dllcache\offfilt.dll
    2011-06-23 15:29:04	--------	d-----w-	C:\b39d55a7738c245d40b11d7e
    2011-06-23 15:15:06	--------	d-----w-	c:\documents and settings\charlie ross\local settings\application data\Mozilla
    2011-06-23 15:07:40	--------	d-----w-	c:\program files\Combined Community Codec Pack
    2011-06-23 04:32:21	--------	d-----w-	c:\documents and settings\charlie ross\local settings\application data\ApplicationHistory
    2011-06-22 06:57:46	--------	d-----w-	C:\186e105ef843057e28
    2011-06-22 06:27:12	--------	d-----w-	c:\program files\Windows Media Connect 2
    2011-06-22 06:23:04	--------	d-----w-	c:\program files\CONEXANT
    2011-06-22 06:20:59	--------	d-----w-	c:\windows\system32\URTTEMP
    2011-06-22 06:19:08	7680	-c----w-	c:\windows\system32\dllcache\iecompat.dll
    2011-06-21 22:16:41	--------	d-----w-	c:\windows\system32\XPSViewer
    2011-06-21 22:15:46	89088	----a-w-	c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2011-06-21 22:15:17	89088	-c----w-	c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2011-06-21 22:15:17	597504	-c----w-	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2011-06-21 22:15:17	597504	------w-	c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2011-06-21 22:15:17	117760	------w-	c:\windows\system32\prntvpt.dll
    2011-06-21 22:15:16	575488	-c----w-	c:\windows\system32\dllcache\xpsshhdr.dll
    2011-06-21 22:15:16	575488	------w-	c:\windows\system32\xpsshhdr.dll
    2011-06-21 22:15:16	1676288	-c----w-	c:\windows\system32\dllcache\xpssvcs.dll
    2011-06-21 22:15:16	1676288	------w-	c:\windows\system32\xpssvcs.dll
    2011-06-21 22:15:15	--------	d-----w-	C:\9a30f7bce1fe4468c7b3f3
    2011-06-21 04:21:36	--------	d--h--w-	c:\windows\msdownld.tmp
    2011-06-21 04:13:06	--------	d-----w-	c:\documents and settings\charlie ross\application data\iolo
    2011-06-21 03:04:46	--------	d-----w-	c:\windows\Performance
    2011-06-21 03:04:35	--------	d-----w-	c:\documents and settings\charlie ross\local settings\application data\Microsoft Corporation
    2011-06-20 18:53:26	--------	d-----w-	c:\documents and settings\charlie ross\application data\Malwarebytes
    2011-06-20 18:52:48	--------	d-----w-	c:\documents and settings\all users\application data\Malwarebytes
    2011-06-20 18:07:34	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-06-20 16:52:10	--------	d-----w-	c:\windows\Internet Logs
    2011-06-19 15:54:55	7074640	----a-w-	c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2011-06-18 18:37:50	--------	d-----w-	c:\documents and settings\all users\application data\Spybot - Search & Destroy
    2011-06-18 18:34:34	15224	----a-w-	c:\windows\system32\sdnclean.exe
    2011-06-18 18:32:49	770384	----a-w-	c:\windows\system32\msvcr100.dll
    2011-06-18 18:32:49	421200	----a-w-	c:\windows\system32\msvcp100.dll
    2011-06-18 18:32:46	--------	d-----w-	c:\program files\Spybot - Search & Destroy 2
    2011-06-18 18:17:25	--------	d-----w-	c:\program files\CCleaner
    2011-06-18 17:52:10	--------	d-----w-	c:\windows\system32\LogFiles
    2011-06-18 17:51:18	--------	d-sh--w-	c:\documents and settings\charlie ross\PrivacIE
    2011-06-18 17:51:04	--------	d-----w-	c:\documents and settings\charlie ross\local settings\application data\Google
    2011-06-18 17:47:44	215920	----a-w-	c:\windows\system32\muweb.dll
    2011-06-18 17:47:44	16736	----a-w-	c:\windows\system32\mucltui.dll.mui
    2011-06-18 17:47:43	274288	----a-w-	c:\windows\system32\mucltui.dll
    2011-06-18 01:51:33	222080	------w-	c:\windows\system32\MpSigStub.exe
    2011-06-18 01:47:29	--------	d-----w-	c:\program files\Microsoft Security Client
    2011-06-18 01:23:19	--------	d-----w-	c:\windows\pss
    2011-06-17 21:27:47	105472	-c----w-	c:\windows\system32\dllcache\mup.sys
    2011-06-12 16:36:51	--------	d-----w-	c:\program files\Nitto 1320 Legends
    .
    ==================== Find3M  ====================
    .
    2011-05-20 02:52:49	74703	----a-w-	c:\windows\system32\mfc45.dll
    2011-05-02 15:31:52	692736	----a-w-	c:\windows\system32\inetcomm.dll
    2011-04-29 16:19:43	456320	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
    2011-04-25 16:11:12	916480	----a-w-	c:\windows\system32\wininet.dll
    2011-04-25 16:11:11	43520	----a-w-	c:\windows\system32\licmgr10.dll
    2011-04-25 16:11:11	1469440	------w-	c:\windows\system32\inetcpl.cpl
    2011-04-25 12:01:22	385024	----a-w-	c:\windows\system32\html.iec
    2011-04-21 13:37:43	105472	----a-w-	c:\windows\system32\drivers\mup.sys
    .
    ============= FINISH: 13:22:35.28 ===============

  2. #2
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    32,082

    Default

    Hello Topken,
    Quote Originally Posted by Topken View Post
    I used spybot search and destroy to remove some annoying viruses
    Spybot-S&D is not an anti virus program. The application searches for spyware, malware, adware, trojans, hijackers and keyloggers.

    Quote Originally Posted by Topken View Post
    I am currently working on a clients laptop
    Please see: Personal computers or.....

    Best regards.
    Microsoft MVP. Consumer Security 2006-2014


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •