Jump to content

Firefox redirect & opening up of pages automatically


Recommended Posts

Hello,

I have been having this problem since a few days now: in Firefox/internet explorer if I search something on Google and click on a link, it does not actually bring me to the expected page but usually on another search engine or commercial page and I have no idea how to sove this.

I ran Malware antispamware, nothing, spybot, nothing, Antivir scan,nothing, Macafee scan nothing, and I also reinstalled a fresh verison of Firefox.

I looked at the preparation guide and when I ran GMER to have a log I have a critical error (blue screen) and have to restart my computer so apologies for not posting this log here (Ark.txt).

I ran DDS, plesase see the log copied below and the Attach.txt with the message

Any suggestions would be most appreciated.

Thanks a million.

DDS (Ver_10-03-17.01) - NTFSx86

Run by GREL at 12:10:37.76 on 2010-08-03

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_20

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3536.2401 [GMT 1:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\drivers\audio\r205445\stacsv.exe

C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

svchost.exe

C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe

"C:\WINDOWS\system32\svchost.exe"

C:\WINDOWS\Explorer.EXE

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\WINDOWS\system32\AESTFltr.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe

C:\Program Files\Wave Systems Corp\SecureUpgrade.exe

C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\GREL\Local Settings\Application Data\Lexar Media\LxrAutorun.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe

C:\Program Files\Kyocera\FileUtility\NsCatCom.exe

C:\Program Files\TimeLeft3\TimeLeft.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Intel\ASF Agent\ASFAgent.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe

C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\LxrSII1s.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\Program Files\McAfee\MSK\MskSrver.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Kyocera\FileUtility\SFUSVC.exe

C:\Program Files\Kyocera\FileUtility\nsCatCom.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe

C:\Program Files\Avira\AntiVir Desktop\avscan.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\Documents and Settings\GREL\Desktop\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java

Attach.txt

Link to post
Share on other sites

Hello rems, :rolleyes:

You may ask a mod/admin to move this topic (or repost the logs) to the malware removal -HJT Logs forum, as expert helpers do not analyse logs in this forum (this forum is to serve customers about questions on MBAM).

Just a few notes for you when you post your logs in malware removal forum -

  • If you have already submitted for assistance at one of the other support sites on the Internet, then you should not post a new topic here and stay working with the helper from that site until the issue is resolved.
  • Then post a NEW topic here, remember to describe your problem along with the necessary logs (MBAM ,DDS, GMER) in that topic. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.
  • One of the expert helpers there will give you one-on-one assistance when one becomes available.
  • After posting your new topic, make sure under options (top right of your topic screen), you select Track this topic and choose one of the Email options (prefer Immediate Email Notification) so that you're alerted when someone has replied to your post.
  • Please be patient when waiting for an expert help as the expert helpers can get a bit busy.
  • Please try not to post back (bump) your topic within the first 48 hours. Expert helpers will find the topics which has a zero post count first. If you bump your topic, expert helpers may think the topic is replied and jump to other posts.
    If there is no reply from any experts after 48 hours, you can reply the topic for asking help again or send a Private Message to a Moderator asking for assistance.
  • Please do not alter the system (eg install or uninstall any software, conduct some fixes, use any removal/scanning tool) after posting unless it is told by the expert helper. Using these other tools often makes the cleanup task more difficult and time consuming.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or via here for a prioritized support. Please remember to quote your cleverbridge Reference Number from the confirmation e-mail when requesting assistance.

If you're a Corporate or Technician Licensed customer seeking assistance please send an email to corporate-support@malwarebytes.org. Please quote your order reference number when you send the request.

Thank You :lol:

PS Please use the "ADDREPLY" t_reply.gif button at bottom of forum window instead of other ones when you start replying. :lol:

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.