Page 10 of 10 FirstFirst ... 678910
Results 91 to 97 of 97

Thread: Search redirect problem

  1. #91
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi,

    Run OTL.exe
    • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

      Code:
      :Services
      
      :OTL
      [2012/04/26 17:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
      () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\119CKROL.DEFAULT\EXTENSIONS\MQXABXKPOG@MQXABXKPOG.ORG.XPI
      [2012/04/12 15:44:55 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      
      :Files
      ipconfig /flushdns /c
      
      :Commands
      [purity]
      [resethosts]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered. There will be a log created when it completes that I will need in your next reply. Reboot when it is done.
    • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

  2. #92
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    Hi Jeff,

    Thanks again for taking your time with this.


    All processes killed
    ========== SERVICES/DRIVERS ==========
    ========== OTL ==========
    C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
    C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
    C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Documents and Settings\Owner\Desktop\cmd.bat deleted successfully.
    C:\Documents and Settings\Owner\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========
    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Administrator.MICHAEL-9L4P8YF
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->FireFox cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: All Users
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: michael delwarte
    ->Java cache emptied: 0 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Owner
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 287553 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 26778731 bytes
    ->Flash cache emptied: 1289 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 26.00 mb


    OTL by OldTimer - Version 3.2.42.2 log created on 05022012_143743

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...

  3. #93
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    and here is the new scan log,

    OTL logfile created on: 5/2/2012 2:48:20 PM - Run 5
    OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Owner\Desktop
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1013.99 Mb Total Physical Memory | 403.78 Mb Available Physical Memory | 39.82% Memory free
    2.38 Gb Paging File | 1.96 Gb Available in Paging File | 82.16% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 149.04 Gb Total Space | 43.04 Gb Free Space | 28.88% Space Free | Partition Type: NTFS

    Computer Name: MICHAEL-9L4P8YF | User Name: Owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Documents and Settings\Owner\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    PRC - C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
    PRC - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    PRC - C:\Program Files\UPHClean\uphclean.exe (Windows (R) Codename Longhorn DDK provider)
    PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files\AVAST Software\Avast\defs\12050201\algo.dll ()
    MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
    MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
    MOD - C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
    SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
    SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
    SRV - (UPHClean) -- C:\Program Files\UPHClean\uphclean.exe (Windows (R) Codename Longhorn DDK provider)
    SRV - (QBCFMonitorService) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
    SRV - (STacSV) -- C:\WINDOWS\System32\stacsv.exe (IDT, Inc.)
    SRV - (QBFCService) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
    SRV - (iHCService) Intel(R) -- C:\Program Files\Intel\IDU\IDUServ.exe (OSA Technologies, Inc.)


    ========== Driver Services (SafeList) ==========

    DRV - (WDICA) -- File not found
    DRV - (wanatw) WAN Miniport (ATW) -- system32\DRIVERS\wanatw4.sys File not found
    DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
    DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
    DRV - (PDRFRAME) -- File not found
    DRV - (PDRELI) -- File not found
    DRV - (PDFRAME) -- File not found
    DRV - (PDCOMP) -- File not found
    DRV - (PCIDump) -- File not found
    DRV - (lbrtfdc) -- File not found
    DRV - (igfx) -- system32\DRIVERS\igdkmd32.sys File not found
    DRV - (i2omgmt) -- File not found
    DRV - (ha10kx2k) -- system32\drivers\ha10kx2k.sys File not found
    DRV - (emupia) -- system32\drivers\emupia2k.sys File not found
    DRV - (CTSBLFX.SYS) -- C:\WINDOWS\System32\drivers\CTSBLFX.SYS File not found
    DRV - (CTSBLFX) -- system32\drivers\CTSBLFX.SYS File not found
    DRV - (ctprxy2k) -- system32\drivers\ctprxy2k.sys File not found
    DRV - (CTHWIUT.SYS) -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS File not found
    DRV - (CTHWIUT) -- system32\drivers\CTHWIUT.SYS File not found
    DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS File not found
    DRV - (CTEXFIFX) -- system32\drivers\CTEXFIFX.SYS File not found
    DRV - (CTERFXFX.SYS) -- C:\WINDOWS\System32\drivers\CTERFXFX.SYS File not found
    DRV - (CTERFXFX) -- system32\drivers\CTERFXFX.SYS File not found
    DRV - (CTEDSPSY.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPSY.SYS File not found
    DRV - (CTEDSPSY) -- system32\drivers\CTEDSPSY.SYS File not found
    DRV - (CTEDSPIO.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPIO.SYS File not found
    DRV - (CTEDSPIO) -- system32\drivers\CTEDSPIO.SYS File not found
    DRV - (CTEDSPFX.SYS) -- C:\WINDOWS\System32\drivers\CTEDSPFX.SYS File not found
    DRV - (CTEDSPFX) -- system32\drivers\CTEDSPFX.SYS File not found
    DRV - (CTEAPSFX.SYS) -- C:\WINDOWS\System32\drivers\CTEAPSFX.SYS File not found
    DRV - (CTEAPSFX) -- system32\drivers\CTEAPSFX.SYS File not found
    DRV - (CTAUDFX.SYS) -- C:\WINDOWS\System32\drivers\CTAUDFX.SYS File not found
    DRV - (CTAUDFX) -- system32\drivers\CTAUDFX.SYS File not found
    DRV - (ctaud2k) Creative Audio Driver (WDM) -- system32\drivers\ctaud2k.sys File not found
    DRV - (ctac32k) -- system32\drivers\ctac32k.sys File not found
    DRV - (CT20XUT.SYS) -- C:\WINDOWS\System32\drivers\CT20XUT.SYS File not found
    DRV - (CT20XUT) -- system32\drivers\CT20XUT.SYS File not found
    DRV - (COMMONFX.SYS) -- C:\WINDOWS\System32\drivers\COMMONFX.SYS File not found
    DRV - (COMMONFX) -- system32\drivers\COMMONFX.SYS File not found
    DRV - (Changer) -- File not found
    DRV - (catchme) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys File not found
    DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
    DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
    DRV - (Lbd) -- C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)
    DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
    DRV - (SIODRV) -- C:\WINDOWS\system32\drivers\SIODRV.SYS (Intel Corporation)
    DRV - (mf) -- C:\WINDOWS\system32\drivers\mf.sys (Microsoft Corporation)
    DRV - (PfModNT) -- C:\WINDOWS\system32\drivers\pfmodnt.sys (Creative Technology Ltd.)
    DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
    DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
    DRV - (WPN111) -- C:\WINDOWS\system32\drivers\WPN111.sys (NETGEAR, Inc.)
    DRV - (OsaFsLoc) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys (OSA Technologies)
    DRV - (smbusp) Intel(R) -- C:\WINDOWS\system32\drivers\intelsmb.sys (Intel Corporation)
    DRV - (osaio) -- C:\WINDOWS\system32\drivers\osaio.sys (Avocent/OSA Technologies Inc.)
    DRV - (SMBios) Intel (R) -- C:\WINDOWS\system32\drivers\SMBios.sys (Intel Corporation)
    DRV - (DNINDIS5) -- C:\WINDOWS\system32\DNINDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
    DRV - (BrUsbScn) -- C:\WINDOWS\system32\drivers\BrUsbScn.sys (Brother Industries Ltd.)
    DRV - (brfilt) -- C:\WINDOWS\system32\drivers\BrFilt.sys (Brother Industries Ltd.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKCU\..\SearchScopes,DefaultScope =
    IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&mssrc=ms_chr&mstb=adawaretb&q={searchTerms}
    IE - HKCU\..\SearchScopes\{43BA46F2-627A-4BED-8364-37ADC1A00FAE}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    IE - HKCU\..\SearchScopes\{7D30BC5A-D1FA-43D4-8EC4-535813D28409}: "URL" = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
    IE - HKCU\..\SearchScopes\{9F89937E-611A-4897-B6F5-89E1CCCD03EC}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
    FF - prefs.js..extensions.enabledItems: {fa1cfe8c-66b4-4469-b360-b60c79d70c28}:5.22.35.6030
    FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
    FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=utf-8&mssrc=ms_kwd&mstb=adawaretb&q="
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/15 17:41:36 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/26 17:56:40 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/24 11:39:29 | 000,000,000 | ---D | M]

    [2009/01/26 13:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
    [2012/05/02 14:48:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\119ckrol.default\extensions
    [2010/04/27 17:59:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\119ckrol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/11/17 19:44:45 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\119ckrol.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
    [2009/03/15 13:44:17 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\119ckrol.default\searchplugins\aol-search.xml
    () (No name found) -- C:\DOCUMENTS AND SETTINGS\OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\119CKROL.DEFAULT\EXTENSIONS\MQXABXKPOG@MQXABXKPOG.ORG.XPI
    [2012/04/15 17:41:36 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    [2012/04/20 18:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2011/10/17 11:14:28 | 000,002,149 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
    [2012/04/20 18:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/04/20 18:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    O1 HOSTS File: ([2012/05/02 14:37:49 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
    O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
    O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
    O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/downlo...OGAControl.cab (Office Genuine Advantage Validation Tool)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/wind...?1212714337317 (WUWebControl Class)
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1212769596000 (MUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeup...tent/opuc4.cab (Office Update Installation Engine)
    O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_02)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77B3BB3A-0FAB-42D1-AB17-77A11E5D8029}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5927AE0-655D-4A43-96BF-CDD9CFAB6835}: DhcpNameServer = 192.168.0.1
    O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
    O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008/06/05 16:51:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/05/01 07:12:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/04/27 15:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2012/04/26 17:56:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
    [2012/04/26 17:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
    [2012/04/26 17:53:54 | 016,339,280 | ---- | C] (Mozilla) -- C:\Documents and Settings\Owner\Desktop\Firefox Setup 12.0.exe
    [2012/04/24 11:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader 5.1
    [2012/04/24 11:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
    [2012/04/21 10:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Forum help 4-21-12
    [2012/04/21 10:40:07 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\dds.scr
    [2012/04/21 10:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
    [2012/04/21 10:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
    [2012/04/21 10:27:18 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
    [2012/04/21 10:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Live Add-in
    [2012/04/20 19:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
    [2012/04/20 19:30:54 | 000,185,560 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTSD.sys
    [2012/04/20 19:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
    [2012/04/20 19:30:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
    [2012/04/20 19:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TestApp

    ========== Files - Modified Within 30 Days ==========

    [2012/05/02 14:42:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/05/02 14:37:49 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
    [2012/05/02 14:18:36 | 000,012,852 | ---- | M] () -- C:\WINDOWS\daytimer.ini
    [2012/05/02 14:18:36 | 000,000,069 | ---- | M] () -- C:\WINDOWS\dtodebug.ini
    [2012/05/02 13:54:50 | 000,000,274 | ---- | M] () -- C:\WINDOWS\DTO2KXSV.INI
    [2012/05/02 13:54:48 | 000,000,848 | ---- | M] () -- C:\WINDOWS\DtSync.ini
    [2012/05/02 13:51:07 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2012/05/02 09:31:27 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/04/30 14:24:37 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
    [2012/04/26 18:39:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2012/04/26 17:56:51 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2012/04/26 17:56:51 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    [2012/04/26 17:53:54 | 016,339,280 | ---- | M] (Mozilla) -- C:\Documents and Settings\Owner\Desktop\Firefox Setup 12.0.exe
    [2012/04/26 16:47:46 | 000,000,321 | RHS- | M] () -- C:\boot.ini
    [2012/04/26 13:42:14 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2012/04/24 12:03:05 | 004,163,282 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FoxitReader51_Manual.pdf
    [2012/04/24 11:30:57 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.1.lnk
    [2012/04/23 16:42:55 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
    [2012/04/23 16:42:55 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
    [2012/04/21 23:32:06 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
    [2012/04/21 23:23:48 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\MBR.dat
    [2012/04/21 10:54:59 | 000,004,712 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\attach.zip
    [2012/04/21 10:40:11 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\dds.scr
    [2012/04/21 10:31:37 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2012/04/21 10:26:44 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Owner\Desktop\erunt-setup.exe
    [2012/04/20 19:30:10 | 000,001,427 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\sdsetup.exe.lnk
    [2012/04/15 04:09:53 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/04/12 15:44:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
    [2012/04/12 06:14:19 | 000,444,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2012/04/12 06:14:19 | 000,072,332 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2012/04/12 06:06:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2012/04/02 23:59:34 | 007,576,952 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\12 - Do What You Gotta Do.mp3

    ========== Files Created - No Company Name ==========

    [2012/04/26 17:56:51 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2012/04/26 17:56:51 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
    [2012/04/26 17:56:51 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    [2012/04/24 12:02:51 | 004,163,282 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FoxitReader51_Manual.pdf
    [2012/04/24 11:30:57 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader 5.1.lnk
    [2012/04/21 10:54:59 | 000,004,712 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\attach.zip
    [2012/04/21 10:31:37 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2012/04/20 19:30:10 | 000,001,427 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\sdsetup.exe.lnk
    [2012/04/02 23:59:38 | 007,576,952 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\12 - Do What You Gotta Do.mp3
    [2012/02/16 07:37:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2011/09/18 17:03:25 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
    [2011/06/21 12:20:46 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2011/06/21 12:20:46 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2011/06/21 12:20:46 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2011/06/21 12:20:46 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2011/06/21 12:20:46 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2011/04/26 13:33:27 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
    [2011/04/26 13:33:27 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
    [2010/09/23 17:06:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll

    < End of report >

  4. #94
    Member
    Join Date
    Apr 2012
    Posts
    63

    Default

    Hi Jeff,

    I don't know if this means anything but it is behaving the same way, click on and it goes to Happili - hit back button click again it goes correct.

    BUT the difference is the way the site (Happili) looks it is losing its flair, and the several links with descriptions underneath are gone and there is a gobbledygook warning message and that is all - Please see the attached screen shot if you want.

    It seems to be losing power - but I don't know anything about this stuff.

    Thank you!

    Michael

  5. #95
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi Michael,

    Sorry for the delay...

    We need to reset Firefox to defaults...Before we do so be sure that you have all of your passwords saved someplace. There are many many files related to Firefox and finding the culprit will be like finding a pin in a haystack so this is our best option.

    Once you have all of your passwords saved someplace safe do the following...

    Go to Start >> Run >> copy/paste the following text in the Code Box to the Run bar and press OK

    Code:
    firefox -safe-mode firefox-safe-mode
    You will now be looking at a box showing FireFox Safe Mode.
    Check all the boxes
    Press Make Changes and Restart

    Now open Firefox and let me know if you are still being redirected.

  6. #96
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Hi,

    Are you still with us?

  7. #97
    Emeritus
    Join Date
    Apr 2011
    Location
    USA
    Posts
    1,038

    Default

    Due to lack of feedback, this topic will now be closed.
    If you are the original poster and you still require help, please start a new thread.

    -------------------

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •