Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

home page in the internet has been locked

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

home page in the internet has been locked

Unread postby borundia » October 16th, 2011, 1:33 am

I have tried changing the home page, disabled tool bar extensions in Internet explorer but still Internet explorer keeps opening a chinese website every time I open it. Please solve my issue.
I am sending you the DDS logs
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.2180
Run by admin at 10:52:33 on 2011-10-16
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.241 [GMT 5.5:30]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Aladdin\eToken\PKIClient\x32\eTSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\System32\Svchost.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\14.0.835.202\npchrome_frame.dll
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [eTMonitor] "c:\program files\aladdin\etoken\pkiclient\x32\PKIMonitor.exe"
mRun: [<NO NAME>]
mExplorerRun: [Systesm] c:\program files\common files\Systesm.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {BE90DF74-A983-4BBB-A9C1-F2C90807F548} - hxxp://www.mca.gov.in/DCAPortalWeb/dca/ ... ontrol.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://download.macromedia.com/pub/sho ... wflash.cab
TCP: Interfaces\{8FFC94C6-FB1A-4CC6-B4D2-8FA844F3E5C7} : NameServer = 192.168.1.1
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\14.0.835.202\npchrome_frame.dll
Notify: AtiExtEvent - Ati2evxx.dll
mASetup: {Y21B03AB-B921-11D2-9CBD-0000F87A216E} - c:\program files\common files\services\svchost.exe -Restart
IFEO: 360deepscan.exe - ntsd -d
IFEO: 360hotfix.exe - ntsd -d
IFEO: 360rp.exe - ntsd -d
IFEO: 360rpt.exe - ntsd -d
IFEO: 360Safe.exe - ntsd -d
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R2 eTSrv;ETOKSRV;c:\program files\aladdin\etoken\pkiclient\x32\eTSrv.exe [2009-12-31 12640]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-14 136176]
S2 Tally License Server;Tally License Server (NT);f:\praveen\other backup tally\tally9\tallylicserver.exe -s --> f:\praveen\other backup tally\tally9\tallylicserver.exe -s [?]
S3 AKSUP;AKSUP;c:\windows\system32\drivers\aksup.sys [2008-7-29 34472]
S3 DrvKiller;DrvKiller;\??\c:\documents and settings\admin\swgft --> c:\documents and settings\admin\swgft [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-14 136176]
S3 hrdna;hrdna;\??\c:\docume~1\admin\locals~1\temp\~hrdna.tmp --> c:\docume~1\admin\locals~1\temp\~hrdna.tmp [?]
S3 OZSCR;O2Micro SmartCardBus Smartcard Reader;c:\windows\system32\drivers\ozscr.sys [2010-1-18 92550]
.
=============== Created Last 30 ================
.
2011-10-07 15:04:59 15360 ----a-w- c:\documents and settings\admin\ehllq.drv
2011-09-23 06:44:35 -------- d-----w- c:\windows\system32\LogFiles
.
==================== Find3M ====================
.
2011-09-08 09:41:42 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-01-19 11:01:38 89088 --sh--w- c:\program files\common files\Systesm.exe
.
============= FINISH: 10:52:56.80 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/5/2010 7:50:24 PM
System Uptime: 10/16/2011 9:11:16 AM (1 hours ago)
.
Motherboard: Dell Computer Corporation | | 0X8957
Processor: Intel(R) Pentium(R) M processor 1.70GHz | Microprocessor | 1694/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 12 GiB total, 5.554 GiB free.
D: is FIXED (NTFS) - 26 GiB total, 6.953 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP69: 8/25/2011 3:12:49 PM - Installed Install
RP70: 8/25/2011 3:13:30 PM - Installed Install
RP71: 8/25/2011 3:28:43 PM - Installed Install
RP72: 8/25/2011 4:48:13 PM - Installed Install
RP73: 8/26/2011 5:09:27 PM - System Checkpoint
RP74: 8/29/2011 11:48:39 AM - System Checkpoint
RP75: 8/30/2011 1:59:50 PM - System Checkpoint
RP76: 9/5/2011 4:50:15 PM - System Checkpoint
RP77: 9/6/2011 5:13:25 PM - System Checkpoint
RP78: 9/8/2011 2:19:44 PM - System Checkpoint
RP79: 9/9/2011 3:38:01 PM - System Checkpoint
RP80: 9/12/2011 1:50:21 PM - System Checkpoint
RP81: 9/14/2011 12:56:32 PM - System Checkpoint
RP82: 9/16/2011 2:21:50 PM - System Checkpoint
RP83: 9/21/2011 7:20:25 PM - System Checkpoint
RP84: 10/1/2011 6:20:39 PM - System Checkpoint
RP85: 10/14/2011 11:32:29 AM - System Checkpoint
RP86: 10/15/2011 12:10:38 PM - System Checkpoint
.
==== Image File Execution Options =============
.
IFEO: 360deepscan.exe - ntsd -d
IFEO: 360hotfix.exe - ntsd -d
IFEO: 360rp.exe - ntsd -d
IFEO: 360rpt.exe - ntsd -d
IFEO: 360Safe.exe - ntsd -d
IFEO: 360safebox.exe - ntsd -d
IFEO: 360sd.exe - ntsd -d
IFEO: 360tray.exe - ntsd -d
IFEO: adam.exe - ntsd -d
IFEO: AgentSvr.exe - ntsd -d
IFEO: AntiArp.exe - ntsd -d
IFEO: AppSvc32.exe - ntsd -d
IFEO: arvmon.exe - ntsd -d
IFEO: AutoGuarder.exe - ntsd -d
IFEO: autoruns.exe - ntsd -d
IFEO: avgrssvc.exe - ntsd -d
IFEO: AvMonitor.exe - ntsd -d
IFEO: avp.com - ntsd -d
IFEO: avp.exe - ntsd -d
IFEO: CCenter.exe - ntsd -d
IFEO: ccSvcHst.exe - ntsd -d
IFEO: DSMain.exe - ntsd -d
IFEO: egui.exe - ntsd -d
IFEO: ekrn.exe - ntsd -d
IFEO: FileDsty.exe - ntsd -d
IFEO: findt2005.exe - ntsd -d
IFEO: FTCleanerShell.exe - ntsd -d
IFEO: HijackThis.exe - ntsd -d
IFEO: IceSword.exe - ntsd -d
IFEO: iparmo.exe - ntsd -d
IFEO: Iparmor.exe - ntsd -d
IFEO: IsHelp.exe - ntsd -d
IFEO: isPwdSvc.exe - ntsd -d
IFEO: kabaload.exe - ntsd -d
IFEO: KaScrScn.SCR - ntsd -d
IFEO: KASMain.exe - ntsd -d
IFEO: KASTask.exe - ntsd -d
IFEO: KAV32.exe - ntsd -d
IFEO: KAVDX.exe - ntsd -d
IFEO: KAVPFW.exe - ntsd -d
IFEO: KAVSetup.exe - ntsd -d
IFEO: KAVStart.exe - ntsd -d
IFEO: killhidepid.exe - ntsd -d
IFEO: KISLnchr.exe - ntsd -d
IFEO: kissvc.exe - ntsd -d
IFEO: KMailMon.exe - ntsd -d
IFEO: KMFilter.exe - ntsd -d
IFEO: KPFW32.exe - ntsd -d
IFEO: KPFW32X.exe - ntsd -d
IFEO: KPFWSvc.exe - ntsd -d
IFEO: KRepair.COM - ntsd -d
IFEO: krnl360svc.exe - ntsd -d
IFEO: KsLoader.exe - ntsd -d
IFEO: kswebshield.exe - ntsd -d
IFEO: KVCenter.kxp - ntsd -d
IFEO: KvDetect.exe - ntsd -d
IFEO: kvfw.exe - ntsd -d
IFEO: KvfwMcl.exe - ntsd -d
IFEO: KVMonXP.kxp - ntsd -d
IFEO: KVMonXP_1.kxp - ntsd -d
IFEO: kvol.exe - ntsd -d
IFEO: kvolself.exe - ntsd -d
IFEO: KvReport.kxp - ntsd -d
IFEO: KVScan.kxp - ntsd -d
IFEO: KVSrvXP.exe - ntsd -d
IFEO: KVStub.kxp - ntsd -d
IFEO: kvupload.exe - ntsd -d
IFEO: kvwsc.exe - ntsd -d
IFEO: KvXP.kxp - ntsd -d
IFEO: KvXP_1.kxp - ntsd -d
IFEO: KWatch.exe - ntsd -d
IFEO: KWatch9x.exe - ntsd -d
IFEO: KWatchX.exe - ntsd -d
IFEO: LiveUpdate360.exe - ntsd -d
IFEO: loaddll.exe - ntsd -d
IFEO: MagicSet.exe - ntsd -d
IFEO: mcconsol.exe - ntsd -d
IFEO: mmqczj.exe - ntsd -d
IFEO: mmsk.exe - ntsd -d
IFEO: NAVSetup.exe - ntsd -d
IFEO: nod32krn.exe - ntsd -d
IFEO: nod32kui.exe - ntsd -d
IFEO: PFW.exe - ntsd -d
IFEO: PFWLiveUpdate.exe - ntsd -d
IFEO: QHSET.exe - ntsd -d
IFEO: Ras.exe - ntsd -d
IFEO: Rav.exe - ntsd -d
IFEO: RavCopy.exe - ntsd -d
IFEO: RavMon.exe - ntsd -d
IFEO: RavMonD.exe - ntsd -d
IFEO: RavStore.exe - ntsd -d
IFEO: RavStub.exe - ntsd -d
IFEO: ravt08.exe - ntsd -d
IFEO: RavTask.exe - ntsd -d
IFEO: RegClean.exe - ntsd -d
IFEO: RegEx.exe - ntsd -d
IFEO: rfwcfg.exe - ntsd -d
IFEO: RfwMain.exe - ntsd -d
IFEO: rfwolusr.exe - ntsd -d
IFEO: rfwProxy.exe - ntsd -d
IFEO: rfwsrv.exe - ntsd -d
IFEO: RsAgent.exe - ntsd -d
IFEO: Rsaupd.exe - ntsd -d
IFEO: RsMain.exe - ntsd -d
IFEO: rsnetsvr.exe - ntsd -d
IFEO: RSTray.exe - ntsd -d
IFEO: runiep.exe - ntsd -d
IFEO: safebank.exe - ntsd -d
IFEO: safeboxTray.exe - ntsd -d
IFEO: safelive.exe - ntsd -d
IFEO: scan32.exe - ntsd -d
IFEO: ScanFrm.exe - ntsd -d
IFEO: shcfg32.exe - ntsd -d
IFEO: smartassistant.exe - ntsd -d
IFEO: SmartUp.exe - ntsd -d
IFEO: SREng.exe - ntsd -d
IFEO: SREngPS.exe - ntsd -d
IFEO: SuperKiller.exe - ntsd -d
IFEO: symlcsvc.exe - ntsd -d
IFEO: syscheck.exe - ntsd -d
IFEO: Syscheck2.exe - ntsd -d
IFEO: SysSafe.exe - ntsd -d
IFEO: ToolsUp.exe - ntsd -d
IFEO: TrojanDetector.exe - ntsd -d
IFEO: Trojanwall.exe - ntsd -d
IFEO: TrojDie.kxp - ntsd -d
IFEO: UIHost.exe - ntsd -d
IFEO: UmxAgent.exe - ntsd -d
IFEO: UmxAttachment.exe - ntsd -d
IFEO: UmxCfg.exe - ntsd -d
IFEO: UmxFwHlp.exe - ntsd -d
IFEO: UmxPol.exe - ntsd -d
IFEO: UpLive.exe - ntsd -d
IFEO: WoptiClean.exe - ntsd -d
IFEO: ZhuDongFangYu.exe - ntsd -d
IFEO: zxsweep.exe - ntsd -d
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.2
ALPS Touch Pad Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Broadcom 440x 10/100 Integrated Controller
Broadcom Advanced Control Suite
Broadcom Gigabit Integrated Controller
C-Major Audio
Conexant D480 MDC V.92 Modem
Dell Wireless WLAN Card
eToken PKI Client 5.1 SP1
Google Chrome Frame
Google Update Helper
Intel(R) PROSet/Wireless Software
Java Auto Updater
Java(TM) 6 Update 22
mCore
mDriver
mDrWiFi
mHlpDell
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
mIWA
mLogView
mMHouse
mPfMgr
mPfWiz
mProSafe
mSCfg
mSSO
MSXML 6.0 Parser
mWlsSafe
mWMI
mZConfig
O2Micro Smartcard Driver
Tally.ERP 9
WebFldrs XP
WildTangent Web Driver
WinZip
.
==== Event Viewer Messages From Past Week ========
.
10/10/2011 11:17:54 AM, error: Service Control Manager [7000] - The DrvKiller service failed to start due to the following error: The system cannot find the file specified.
10/10/2011 11:17:50 AM, error: Service Control Manager [7000] - The Tally License Server (NT) service failed to start due to the following error: The system cannot find the path specified.
.
==== End Of File ===========================
borundia
Active Member
 
Posts: 1
Joined: October 16th, 2011, 1:26 am
Advertisement
Register to Remove

Re: home page in the internet has been locked

Unread postby Gary R » October 16th, 2011, 5:02 am

Computers using Operating Systems no longer supported by Microsoft
It appears you are using a computer with an unsupported Operating System.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.

This topic is now closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 63 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware