PDA

View Full Version : Browser Redirecting



Lady Dragonfly
2011-06-21, 06:37
Hello,
Last night my computer started doing weird stuff. Now its redirecting when I use google search it redirects to some other page stating that I have chosen to open such and such file. I DO NOT open I click cancel. Any help would be Greatly Appreciated

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 7.0.6000.16982
Run by Dragonfly at 22:08:34 on 2011-06-20
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Windows\system32\taskmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Dragonfly\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.myspace.com/mystikal
uWindow Title = Internet Explorer provided by Dell
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [Media Codec Update Service] c:\program files\essentials codec pack\update.exe -silent
mPolicies-system: EnableLUA = 0 (0x0)
IE: &Add animation to IncrediMail Style Box - c:\progra~1\incred~1\bin\resources\WebMenuImg.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{3D6B70BF-6195-42DA-BA2C-4345AF9CBA15} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{511F9D21-EFDC-40F9-B1A2-A1315C531FA1} : DhcpNameServer = 192.168.1.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dragonfly\appdata\roaming\mozilla\firefox\profiles\x3n12001.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.myspace.com/mystikal
.
============= SERVICES / DRIVERS ===============
.
R? GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335
R? MBAMSwissArmy;MBAMSwissArmy
.
=============== Created Last 30 ================
.
2011-06-21 02:38:51 -------- d-----w- c:\program files\Trend Micro
2011-06-21 01:17:06 -------- d-----w- c:\users\dragonfly\appdata\roaming\Malwarebytes
2011-06-21 01:16:36 -------- d-----w- c:\programdata\Malwarebytes
2011-06-21 01:16:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-21 00:45:14 -------- d-----w- c:\users\dragonfly\appdata\local\ATI
2011-06-21 00:22:09 -------- d-----w- c:\users\dragonfly\appdata\local\Adobe
2011-06-20 19:18:37 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2011-06-20 19:18:37 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2011-06-20 19:18:37 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2011-06-20 19:18:37 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2011-06-20 19:14:05 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-20 19:14:01 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-06-20 19:12:06 -------- d-----w- c:\program files\CCleaner
2011-06-20 08:47:49 6962000 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{39b65f30-64d7-467e-a5fb-36da9e8f676e}\mpengine.dll
2011-06-19 05:47:24 -------- d--h--w- c:\users\dragonfly\appdata\local\IM(6)
2011-06-18 06:16:29 -------- d--h--w- c:\users\dragonfly\appdata\local\Google
2011-06-18 06:05:25 -------- d--h--w- c:\program files\RegistryFix
2011-06-18 06:05:01 -------- d--h--w- c:\program files\Lavasoft
2011-06-08 02:09:55 6962000 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-06-08 02:09:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-06-07 22:04:20 -------- d--h--w- c:\programdata\IM
2011-06-07 22:04:15 -------- d-----w- c:\programdata\IncrediMail
2011-05-31 09:11:54 -------- d-----w- c:\users\dragonfly\FrostWire
2011-05-31 09:11:35 -------- d-----w- c:\users\dragonfly\appdata\roaming\FrostWire
2011-05-31 09:10:47 -------- d-----w- c:\program files\FrostWire
2011-05-29 04:17:55 -------- d-----w- c:\program files\WinMX
2011-05-28 03:23:45 -------- d-----w- c:\users\dragonfly\{7fc13291-1061-4fde-a52e-b1264ebfb8af}
2011-05-27 02:37:35 -------- d-----w- c:\program files\Essentials Codec Pack
2011-05-26 08:14:30 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-05-26 08:10:43 268800 ----a-w- c:\windows\system32\es.dll
2011-05-26 08:06:31 396800 ----a-w- c:\windows\system32\drivers\http.sys
2011-05-26 08:06:31 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-05-26 08:06:30 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-05-26 07:53:16 380928 ----a-w- c:\windows\system32\ac3filter.acm
2011-05-26 07:52:25 -------- d-----w- c:\program files\XP Codec Pack
2011-05-25 11:31:46 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-05-25 11:31:46 289792 ----a-w- c:\windows\system32\atmfd.dll
2011-05-25 11:31:46 24064 ----a-w- c:\windows\system32\lpk.dll
2011-05-25 11:31:46 156672 ----a-w- c:\windows\system32\t2embed.dll
2011-05-25 11:31:45 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-05-25 11:31:45 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-05-25 11:26:59 56320 ----a-w- c:\windows\system32\iesetup.dll
2011-05-25 11:26:58 301568 ----a-w- c:\program files\internet explorer\ieuser.exe
2011-05-25 11:23:43 61440 ----a-w- c:\windows\system32\winipsec.dll
2011-05-25 11:23:43 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2011-05-25 11:23:42 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-05-25 11:23:42 272896 ----a-w- c:\windows\system32\polstore.dll
2011-05-25 11:21:43 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-05-25 11:21:43 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2011-05-25 11:19:29 707072 ----a-w- c:\program files\common files\system\wab32.dll
2011-05-25 11:19:29 41984 ----a-w- c:\program files\windows mail\wabimp.dll
2011-05-25 11:19:29 1098752 ----a-w- c:\program files\common files\system\wab32res.dll
2011-05-25 11:19:28 87040 ----a-w- c:\windows\system32\msoert2.dll
2011-05-25 11:19:28 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2011-05-25 11:19:28 205824 ----a-w- c:\windows\system32\msoeacct.dll
2011-05-25 11:19:27 2836992 ----a-w- c:\program files\windows mail\MSOERES.dll
2011-05-25 11:19:27 1614848 ----a-w- c:\program files\windows mail\msoe.dll
2011-05-25 11:19:23 397312 ----a-w- c:\program files\windows mail\WinMail.exe
2011-05-25 11:19:22 24064 ----a-w- c:\program files\common files\system\DirectDB.dll
2011-05-25 11:19:21 81408 ----a-w- c:\program files\windows mail\oeimport.dll
2011-05-25 11:16:19 15360 ----a-w- c:\windows\system32\netevent.dll
2011-05-25 11:16:18 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-05-25 11:16:18 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-05-25 11:16:18 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-05-25 11:16:18 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-05-25 11:16:18 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-05-25 11:16:18 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-05-25 11:16:18 103936 ----a-w- c:\windows\system32\netiohlp.dll
2011-05-25 11:16:18 10240 ----a-w- c:\windows\system32\finger.exe
2011-05-25 11:13:30 194560 ----a-w- c:\windows\system32\WebClnt.dll
2011-05-25 11:13:30 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2011-05-25 11:11:29 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2011-05-25 11:11:27 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2011-05-25 11:11:27 502272 ----a-w- c:\windows\system32\wlansvc.dll
2011-05-25 11:11:27 47104 ----a-w- c:\windows\system32\wlanapi.dll
2011-05-25 11:11:27 297984 ----a-w- c:\windows\system32\wlansec.dll
2011-05-25 11:11:27 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2011-05-25 11:09:18 2048 ----a-w- c:\windows\system32\msxml3r.dll
2011-05-25 11:09:18 1260032 ----a-w- c:\windows\system32\msxml3.dll
2011-05-25 11:09:17 2048 ----a-w- c:\windows\system32\msxml6r.dll
2011-05-25 11:09:17 1406464 ----a-w- c:\windows\system32\msxml6.dll
2011-05-25 11:07:03 216576 ----a-w- c:\windows\system32\msv1_0.dll
2011-05-25 11:05:00 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-05-25 11:05:00 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-05-25 11:05:00 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-05-25 11:03:17 49664 ----a-w- c:\windows\system32\csrsrv.dll
2011-05-25 11:03:16 376320 ----a-w- c:\windows\system32\winsrv.dll
2011-05-25 11:01:26 98816 ----a-w- c:\windows\system32\mfps.dll
2011-05-25 11:01:26 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2011-05-25 11:01:26 2855424 ----a-w- c:\windows\system32\mf.dll
2011-05-25 11:01:26 24576 ----a-w- c:\windows\system32\mfpmp.exe
2011-05-25 11:01:26 2048 ----a-w- c:\windows\system32\mferror.dll
2011-05-25 10:59:05 3502480 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-25 10:59:05 3468168 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-25 10:53:28 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-05-25 10:51:34 71680 ----a-w- c:\windows\system32\atl.dll
2011-05-25 10:49:43 297472 ----a-w- c:\windows\system32\gdi32.dll
2011-05-25 10:45:05 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2011-05-25 10:45:05 30208 ----a-w- c:\windows\system32\xolehlp.dll
2011-05-25 10:42:58 156160 ----a-w- c:\windows\system32\wkssvc.dll
2011-05-25 10:41:05 36352 ----a-w- c:\windows\system32\tsgqec.dll
2011-05-25 10:41:05 1871872 ----a-w- c:\windows\system32\mstscax.dll
2011-05-25 10:41:05 116736 ----a-w- c:\windows\system32\aaclient.dll
2011-05-25 10:39:13 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-05-25 10:35:26 414208 ----a-w- c:\windows\system32\msscp.dll
2011-05-25 10:33:49 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2011-05-25 10:33:49 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2011-05-25 10:33:48 86016 ----a-w- c:\windows\system32\icfupgd.dll
2011-05-25 10:33:48 61952 ----a-w- c:\windows\system32\cmifw.dll
2011-05-25 10:33:48 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2011-05-25 10:33:48 16896 ----a-w- c:\windows\system32\wfapigp.dll
2011-05-25 10:30:26 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-05-25 10:30:25 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
2011-05-25 10:30:25 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
2011-05-25 10:30:25 10922496 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-05-25 10:23:54 2048 ----a-w- c:\windows\system32\tzres.dll
2011-05-25 10:22:25 696832 ----a-w- c:\windows\system32\localspl.dll
2011-05-25 10:21:27 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2011-05-25 10:20:24 2923520 ----a-w- c:\windows\explorer.exe
2011-05-25 10:17:19 494592 ----a-w- c:\windows\system32\kerberos.dll
2011-05-25 10:17:19 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-05-25 10:17:18 7680 ----a-w- c:\windows\system32\lsass.exe
2011-05-25 10:17:18 72704 ----a-w- c:\windows\system32\secur32.dll
2011-05-25 10:17:18 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-05-25 10:17:18 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2011-05-25 10:17:16 272384 ----a-w- c:\windows\system32\schannel.dll
2011-05-25 10:16:09 24064 ----a-w- c:\windows\system32\netcfg.exe
2011-05-25 10:07:44 1585664 ----a-w- c:\windows\system32\setupapi.dll
2011-05-25 10:03:44 549888 ----a-w- c:\windows\system32\rpcss.dll
2011-05-25 10:03:43 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-05-25 10:03:43 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-05-25 10:03:42 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2011-05-25 10:03:42 501760 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2011-05-25 10:03:42 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2011-05-25 10:03:42 130560 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2011-05-25 10:03:41 53248 ----a-w- c:\windows\system32\iasads.dll
2011-05-25 10:03:41 37888 ----a-w- c:\windows\system32\iasdatastore.dll
2011-05-25 10:03:40 97280 ----a-w- c:\windows\system32\iasrecst.dll
2011-05-25 10:03:40 158720 ----a-w- c:\windows\system32\sdohlp.dll
2011-05-25 10:02:28 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-05-25 10:02:28 220672 ----a-w- c:\windows\system32\l3codecp.acm
2011-05-25 10:00:18 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2011-05-25 10:00:18 22016 ----a-w- c:\windows\system32\netiougc.exe
2011-05-25 10:00:18 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2011-05-25 10:00:18 179712 ----a-w- c:\windows\system32\iphlpsvc.dll
2011-05-25 10:00:18 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2011-05-25 10:00:18 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2011-05-25 10:00:17 815104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-05-25 09:59:09 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-05-25 09:58:03 9728 ----a-w- c:\windows\system32\LAPRXY.DLL
2011-05-25 09:58:03 223232 ----a-w- c:\windows\system32\WMASF.DLL
2011-05-25 09:58:03 2048 ----a-w- c:\windows\system32\asferror.dll
2011-05-25 09:57:06 25600 ----a-w- c:\windows\system32\amxread.dll
2011-05-25 09:57:06 14848 ----a-w- c:\windows\system32\apilogen.dll
2011-05-25 09:56:03 441856 ----a-w- c:\windows\system32\win32spl.dll
2011-05-25 09:56:03 37376 ----a-w- c:\windows\system32\printcom.dll
2011-05-25 09:54:18 2031104 ----a-w- c:\windows\system32\win32k.sys
2011-05-25 09:50:22 14848 ----a-w- c:\windows\system32\wshrm.dll
2011-05-25 09:50:22 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-05-25 09:48:53 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2011-05-25 09:48:51 7680 ----a-w- c:\windows\system32\spwmp.dll
2011-05-25 09:48:51 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-05-25 09:48:51 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2011-05-25 09:48:50 4096 ----a-w- c:\windows\system32\msdxm.ocx
2011-05-25 09:48:50 4096 ----a-w- c:\windows\system32\dxmasf.dll
2011-05-25 09:48:50 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2011-05-25 09:48:45 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-05-25 09:48:45 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-05-25 09:48:45 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-05-25 09:46:17 66048 ----a-w- c:\program files\windows sidebar\sbdrop.dll
2011-05-25 09:46:17 1232896 ----a-w- c:\program files\windows sidebar\sidebar.exe
2011-05-25 09:46:16 11776 ----a-w- c:\windows\system32\sbunattend.exe
2011-05-25 09:43:45 83968 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-05-25 09:43:45 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-05-25 09:35:55 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-05-25 09:35:55 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-05-25 09:35:55 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-05-25 09:35:55 11264 ----a-w- c:\windows\system32\icardres.dll
2011-05-25 09:35:48 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-05-25 09:35:46 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-25 09:35:45 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-05-25 09:35:45 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-25 09:04:16 96760 ----a-w- c:\windows\system32\dfshim.dll
2011-05-25 09:04:15 41984 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-25 09:04:12 83968 ----a-w- c:\windows\system32\mscories.dll
2011-05-25 09:04:12 282112 ----a-w- c:\windows\system32\mscoree.dll
2011-05-25 09:04:12 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-05-25 08:31:26 94720 ----a-w- c:\windows\system32\logagent.exe
2011-05-25 08:31:24 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-05-25 08:29:31 765952 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-05-25 08:27:16 84480 ----a-w- c:\windows\system32\INETRES.dll
2011-05-25 08:27:16 737792 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-25 08:26:45 60928 ----a-w- c:\windows\system32\msasn1.dll
2011-05-25 08:26:14 5120 ----a-w- c:\windows\system32\wmi.dll
2011-05-25 08:26:14 152576 ----a-w- c:\windows\system32\imagehlp.dll
2011-05-25 08:26:14 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2011-05-25 08:25:44 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2011-05-25 08:25:07 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-05-25 08:21:52 274432 ----a-w- c:\windows\system32\raschap.dll
2011-05-25 08:21:51 232960 ----a-w- c:\windows\system32\rastls.dll
2011-05-25 08:20:18 321536 ----a-w- c:\windows\system32\WSDApi.dll
2011-05-25 08:14:25 633856 ----a-w- c:\windows\system32\user32.dll
2011-05-25 08:13:08 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2011-05-25 08:13:08 22528 ----a-w- c:\windows\system32\msyuv.dll
2011-05-25 08:13:08 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2011-05-25 08:13:07 65024 ----a-w- c:\windows\system32\avicap32.dll
2011-05-25 08:13:07 1327616 ----a-w- c:\windows\system32\quartz.dll
2011-05-25 08:13:07 123904 ----a-w- c:\windows\system32\msvfw32.dll
2011-05-25 08:13:06 88576 ----a-w- c:\windows\system32\avifil32.dll
2011-05-25 08:13:06 82944 ----a-w- c:\windows\system32\mciavi32.dll
2011-05-25 08:13:06 31232 ----a-w- c:\windows\system32\msvidc32.dll
2011-05-25 08:13:06 13312 ----a-w- c:\windows\system32\msrle32.dll
2011-05-25 08:12:09 750080 ----a-w- c:\windows\system32\qmgr.dll
2011-05-25 08:11:11 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-05-24 04:10:55 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2011-05-23 22:33:14 -------- d-----w- c:\windows\ShellNew
2011-05-23 22:27:33 401462 ----a-w- c:\windows\system32\~GLH0024.TMP
2011-05-23 22:24:03 401462 ----a-w- c:\windows\system32\~GLH0023.TMP
2011-05-23 22:10:43 -------- d-----w- c:\program files\Jasc Software Inc
2011-05-23 21:29:56 -------- d-----w- c:\users\dragonfly\appdata\local\IM
2011-05-23 21:29:55 -------- d-----w- c:\program files\IncrediMail
2011-05-23 21:09:29 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-23 20:44:56 -------- d-----w- C:\ATI
2011-05-23 19:02:59 924632 ----a-w- c:\program files\mozilla firefox\firefox.exe
2011-05-23 19:02:59 269272 ----a-w- c:\program files\mozilla firefox\freebl3.dll
2011-05-23 19:02:59 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-05-23 19:02:59 19416 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2011-05-23 19:02:59 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-05-23 19:02:59 125912 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2011-05-23 18:23:08 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-05-23 18:22:33 97792 ----a-w- c:\windows\system32\cabview.dll
2011-05-23 18:07:23 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-05-23 18:05:38 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-05-23 18:04:44 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-05-23 18:04:43 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-05-23 17:52:04 -------- d--h--w- c:\users\dragonfly\appdata\local\PowerDVD DX
2011-05-23 17:49:07 -------- d--h--w- c:\users\dragonfly\appdata\local\VirtualStore
2011-05-23 17:37:45 -------- d-sh--we C:\Documents and Settings
.
==================== Find3M ====================
.
2011-05-26 08:06:32 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2011-05-25 11:27:19 72704 ----a-w- c:\windows\system32\admparse.dll
2011-05-25 11:27:17 832512 ----a-w- c:\windows\system32\wininet.dll
2011-05-25 11:27:17 52736 ----a-w- c:\windows\apppatch\iebrshim.dll
2011-05-25 11:27:11 389120 ----a-w- c:\windows\system32\html.iec
2011-05-25 11:27:10 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-05-25 11:27:10 48128 ----a-w- c:\windows\system32\mshtmler.dll
2011-05-25 11:27:09 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-25 11:27:05 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-25 11:27:03 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-25 10:07:03 4608 ----a-w- c:\windows\system32\drivers\en-us\mouclass.sys.mui
2011-05-25 10:07:03 3072 ----a-w- c:\windows\system32\drivers\en-us\mouhid.sys.mui
2011-05-25 10:07:02 5632 ----a-w- c:\windows\system32\drivers\en-us\sermouse.sys.mui
2011-05-25 10:07:02 4608 ----a-w- c:\windows\system32\drivers\en-us\kbdclass.sys.mui
2011-05-25 10:07:02 3072 ----a-w- c:\windows\system32\drivers\en-us\kbdhid.sys.mui
2011-05-25 10:07:02 10752 ----a-w- c:\windows\system32\drivers\en-us\i8042prt.sys.mui
2011-05-25 09:57:06 40960 ----a-w- c:\windows\apppatch\apihex86.dll
.
============= FINISH: 22:10:57.77 ===============

shelf life
2011-06-25, 23:08
hi Lady Dragonfly,

Your post is a few days old. If you still need help simply reply back.

Lady Dragonfly
2011-06-27, 09:58
Well I let my sister use my computer and she went ahead and installed the updates when the popup showed up now the problem seems to have corrected itself but I have trouble believing that just a regular windows update could correct the problem so if there is any help I could get just to let me know that there is no problem that would be great.

The problem was all my files (desk top, documents, pictures and music) all went hidden, then google would rediect my searches. Also even though I only had firefox open there seemed to be a second browser open as I could hear advertisments and could only get rid of it using the task manager and killing iexplorer. (it no longer shows up in task manager since the update)

shelf life
2011-06-28, 02:22
a regular windows update could correct the problem
I doubt it. Are you still getting redirected when browsing?

I see you have Malwarebytes. Lets start with that for now. Check for updates first then do a full system scan and post the log when its finished;

Launch Malwarebytes, check for updates then: select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.

Lady Dragonfly
2011-06-28, 09:03
Ok,
No I am no longer being redirected. Everything seems fine now.
I ran Malwarebytes and did as you asked but forgot to save the log so I
ran it again. During the first run it did find 3 things and successfully removed them. Two were rogue spybot something (I previously uninstalled that) and one other that I cannot remember what it was. But here is the second log file.
Thanks for your time and help :thanks:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6964

Windows 6.0.6000
Internet Explorer 7.0.6000.16982

6/28/2011 12:51:48 AM
mbam-log-2011-06-28 (00-51-47).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 258804
Time elapsed: 48 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

shelf life
2011-06-29, 02:44
Ok. Your welcome. Remember that malwarebytes must be updated manually and a scan started manually. some tips to help you remain malware free:

10 Tips for Prevention and Avoidance of Malware:
There is no reason why your computer can not stay malware free.

No software can think for you. Help yourself. In no special order:

1) It is essential to keep your operating system (Windows) browser (IE, FireFox, Chrome, Opera) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update (http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us) frequently or use the Windows auto-update feature. (http://www.microsoft.com/windows/downloads/windowsupdate/automaticupdate.mspx) Staying updated is also essential for web based applications, browser plugins and add-ons like Java, Adobe Flash/Reader, iTunes etc. More and more third party applications are being targeted. Use the auto-update features available in most software. Not sure if you are using the latest version of software? Check their version status and get the updates here. (http://secunia.com/vulnerability_scanning/online/)

2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. More and more legitimate software is installing useless toolbars if not unchecked first. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and you are then prompted to install software to remedy this. See also the signs (http://www.malwarevault.com/signs.html)that you may have malware on your computer.

3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.

4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem. Do you trust the source? See also E-mail phishing Tricks (http://www.fraud.org/tips/internet/phishing.htm).

5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.

6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website to install components?

7) Consider the use of limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts (http://www.microsoft.com/protect/computer/advanced/useraccount.mspx) can help prevent *malware from installing and lessen its potential impact.* This is exactly what user account control (UAC) in Windows Vista and Windows 7 attempts to address.

8) Install and understand the *limitations* of a software firewall.

9) A slide show how to for securing Internet Explorer 8.0 (http://threatpost.com/en_us/slideshow/How%20to%20configure%20Internet%20Explorer%20for%20secure%20surfing) for safer surfing. How to harden FireFox. (http://threatpost.com/en_us/slideshow/How-to-configure-Mozilla-Firefox-for-secure-surfing?utm_source=Second+Sidebar&utm_medium=Featured+Slideshows&utm_campaign=Configure+Mozilla+Firefox) for safer surfing.

10) Warez, cracks etc are very popular for carrying malware payloads.If you download/install files via p2p networks you will encounter malware. A file can be named anything be nothing but malware or have malware bundled in it. Can you really trust the source of the file?


More info/tips with pictures, links below