Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Firefox-> redirecting to diff websites, IE- opening adverts

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 16th, 2010, 10:43 am

Hello Gringo,

There is a problem with all the thumbnails across all folders if any item had an icon / thumbnail earlier it no longer does and the desktop background works only if its a bit bmp file

Edit: Also I have a problem of not being able to hear the sound for youtube and other online video sources. Also the windows startup sounds and when volume is adjusted the volume beeper are not functioning too.

The DDS log file is here:
DDS (Ver_09-12-01.01) - NTFSx86
Run by Natarajan at 7:26:23.48 on Tue 03/16/2010
Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2550.1297 [GMT -7:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe
C:\Windows\System32\iprntctl.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Windows\ehome\ehtray.exe
C:\ProgramData\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\Windows\ehome\ehmsas.exe
C:\Users\Natarajan\AppData\Local\Google\Update\1.2.183.17\GoogleCrashHandler.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Windows\system32\dlcxcoms.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\igfxext.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Natarajan\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 4.0\aoltb.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: NRITB Toolbar: {9c0ce3e8-2eb9-44e2-9ad5-d3b87be68fd8} - c:\program files\nritb\tbNRIT.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 4.0\aoltb.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: NRITB Toolbar: {9c0ce3e8-2eb9-44e2-9ad5-d3b87be68fd8} - c:\program files\nritb\tbNRIT.dll
TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [googletalk] c:\users\natarajan\appdata\roaming\google\google talk\googletalk.exe /autostart
uRun: [Google Update] "c:\users\natarajan\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [cdloader] "c:\users\natarajan\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [VAIO Center Access Bar] "c:\program files\sony\vaio center access bar\VCAB.exe" 1
mRun: [VWLASU] "c:\program files\sony\vaio pc wireless lan wizard\AutoLaunchWLASU.exe"
mRun: [VAIOSurvey] c:\program files\sony\vaio survey\Vista VAIO Survey.exe
mRun: [iPrint Tray] c:\windows\system32\iprntctl.exe TRAY_ICON
mRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\mobile2\application launcher\Application Launcher.exe" /startoptions
mRun: [dlcxmon.exe] "c:\program files\dell photo aio printer 926\dlcxmon.exe"
mRun: [MemoryCardManager] "c:\program files\dell photo aio printer 926\memcard.exe"
mRun: [DLCXCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCXtime.dll,_RunDLLEntry@16
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Skytel] Skytel.exe
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\users\natara~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\cit200.lnk - c:\program files\linksys\cit200\cit200.exe
StartupFolder: c:\users\natara~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\ding!.lnk - c:\program files\southwest airlines\ding\Ding.exe
StartupFolder: c:\users\natara~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\natara~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\aolddi~1.lnk - c:\ddi\AOLICON.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\gatorl~1.lnk - c:\windows\installer\{ccbaa1f7-e5e1-48b2-9ed9-a79c6a37ce78}\Icon3E5562ED7.ico
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launch~1.lnk - c:\windows\installer\{d8e363a7-88b7-446d-b2c0-e26ce4dc8e54}\_294823.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 4.0\aoltb.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: catglobal.com\www
Trusted Zone: dreamzhut.com\lnx03
Trusted Zone: sicherglobal.com\apps
Trusted Zone: sicherglobal.com\r12
Trusted Zone: solutionbeacon.net\vis1200
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resour ... cctrl2.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\natara~1\appdata\roaming\mozilla\firefox\profiles\p9kaqvdj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox ... S:official
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\users\natarajan\appdata\roaming\mozilla\firefox\profiles\p9kaqvdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\DictionaryCompressionFF.dll
FF - component: c:\users\natarajan\appdata\roaming\mozilla\firefox\profiles\p9kaqvdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa2.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13118.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13121.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npnipp.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\users\natarajan\appdata\local\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\users\natarajan\appdata\roaming\move networks\plugins\npqmp071505000010.dll
FF - plugin: c:\users\natarajan\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\users\natarajan\appdata\roaming\mozilla\plugins\npatgpc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrvtx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSvx.sys [2010-3-2 25096]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-3-2 52872]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2010-3-2 24856]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-3-2 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-3-2 29512]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-3-2 242696]
R1 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-4 308064]
R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2010-3-4 2325816]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-3-4 5888008]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2007-10-25 204800]
R3 AVGIDSDrivervtx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSDriver.sys [2010-3-2 122376]
R3 AVGIDSFiltervtx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSFilter.sys [2010-3-2 30216]
R3 AVGIDSShimvtx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSShim.sys [2010-3-2 27144]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-8-26 812544]
S2 FLEXlm License Manager;FLEXlm License Manager;c:\seflex\program\lmgrd.exe --> c:\seflex\program\lmgrd.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-5 135664]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2008-1-9 13352]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2007-10-25 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2007-10-25 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2007-10-25 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2007-8-26 292152]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2007-8-26 79736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-10 369688]

=============== Created Last 30 ================

2010-03-15 21:53:58 0 d-----w- C:\SQL Server 2000 Sample Databases
2010-03-14 10:01:47 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-14 10:01:46 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-14 10:01:46 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-03-14 08:04:42 0 d-----w- C:\$RECYCLE.BIN
2010-03-14 07:12:54 98816 ----a-w- c:\windows\sed.exe
2010-03-14 07:12:54 77312 ----a-w- c:\windows\MBR.exe
2010-03-14 07:12:54 261632 ----a-w- c:\windows\PEV.exe
2010-03-14 07:12:54 161792 ----a-w- c:\windows\SWREG.exe
2010-03-14 07:12:41 0 d-----w- C:\ComboFix
2010-03-13 06:00:54 0 d-----w- c:\users\natara~1\appdata\roaming\Quest Software
2010-03-13 05:52:55 0 d-----w- c:\users\natara~1\appdata\roaming\Software
2010-03-13 05:52:47 0 d-----w- c:\programdata\Quest Software
2010-03-13 05:52:26 0 d-----w- c:\program files\common files\Quest Shared
2010-03-13 05:36:26 0 d-----w- c:\program files\Microsoft SQL Server 2008 DM Add-Ins
2010-03-11 06:45:36 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2010-03-11 06:45:08 79896 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
2010-03-11 06:42:53 0 d-----w- c:\windows\system32\RsFx
2010-03-11 06:39:41 0 d-----w- c:\windows\system32\1033
2010-03-10 18:18:58 0 d-----w- c:\program files\Microsoft SQL Server 2008 Upgrade Advisor
2010-03-10 15:44:23 73216 ----a-w- c:\windows\system32\msiexec.exe
2010-03-10 15:44:23 332800 ----a-w- c:\windows\system32\msihnd.dll
2010-03-10 15:44:23 2560 ----a-w- c:\windows\system32\msimsg.dll
2010-03-10 15:44:22 2241536 ----a-w- c:\windows\system32\msi.dll
2010-03-07 23:38:01 0 d-----w- c:\program files\Microsoft WSE
2010-03-07 23:33:28 0 d-----w- c:\programdata\SAS
2010-03-07 21:33:30 0 d-----w- c:\program files\Alcohol Soft
2010-03-07 20:36:55 0 d-----w- c:\program files\Elaborate Bytes
2010-03-07 20:00:39 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-07 19:59:45 0 d-----w- c:\users\natara~1\appdata\roaming\DAEMON Tools Lite
2010-03-07 19:59:40 0 d-----w- c:\programdata\DAEMON Tools Lite
2010-03-04 23:33:48 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-03-04 21:15:10 0 d-----w- c:\programdata\SpeedBit
2010-03-04 21:13:57 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2010-03-04 21:12:54 0 d-----w- c:\program files\DAP
2010-03-04 21:09:11 378368 ----a-w- c:\windows\system32\winhttp.dll
2010-03-04 20:58:13 0 d-----w- c:\users\natara~1\appdata\roaming\AVG9
2010-03-04 17:31:15 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-03 22:55:30 3597912 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-03-03 22:55:30 3546200 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-03-03 22:55:25 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-03-03 22:55:24 270848 ----a-w- c:\windows\system32\schannel.dll
2010-03-03 19:54:07 20 ----a-w- c:\windows\system32\SYSTEM
2010-03-03 16:27:31 0 d-----w- c:\program files\Trend Micro
2010-03-02 16:13:50 0 d-----w- C:\$AVG
2010-03-02 16:13:45 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-03-02 16:13:45 25096 ----a-w- c:\windows\system32\drivers\AVGIDSvx.sys
2010-03-02 16:13:44 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-03-02 16:13:43 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-02 16:13:42 0 d-----w- c:\windows\system32\drivers\Avg
2010-03-02 15:42:18 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys
2010-03-02 15:42:16 0 d-----w- c:\program files\AVG
2010-03-02 15:42:12 0 d-----w- c:\programdata\avg9
2010-03-01 19:04:38 0 d-----w- c:\users\natara~1\appdata\roaming\Malwarebytes
2010-03-01 19:04:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-01 19:04:28 0 d-----w- c:\programdata\Malwarebytes
2010-03-01 19:04:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-01 19:04:27 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-01 05:16:13 897624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-03-01 05:16:07 281600 ----a-w- c:\windows\system32\raschap.dll
2010-03-01 05:16:07 244224 ----a-w- c:\windows\system32\rastls.dll
2010-03-01 05:16:02 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-03-01 05:16:02 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-03-01 05:16:01 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-03-01 05:16:01 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-03-01 05:16:01 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-03-01 05:16:01 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-03-01 05:16:01 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-03-01 05:16:01 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-03-01 05:16:01 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-03-01 05:16:01 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2010-03-01 05:15:55 105472 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-03-01 05:15:54 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-16 16:42:56 26112 ----a-w- C:\a1.xls

==================== Find3M ====================

2010-03-07 20:37:31 86016 ----a-w- c:\windows\inf\infpub.dat
2010-03-07 20:37:31 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-03-07 20:37:31 143360 ----a-w- c:\windows\inf\infstor.dat
2010-02-24 16:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-03 02:57:18 1948 ----a-w- c:\users\natara~1\appdata\roaming\wklnhst.dat
2010-01-23 09:44:02 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2008-08-10 22:02:55 174 --sha-w- c:\program files\desktop.ini
2008-08-10 21:43:37 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2006-05-03 09:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll
2009-08-06 03:47:29 278528 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat
2007-08-26 21:25:27 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 7:29:05.38 ===============
nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm
Advertisement
Register to Remove

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby gringo_pr » March 17th, 2010, 12:22 am

Hello

Can you post defogger_disable.log which should be on your Desktop?

thanks gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 17th, 2010, 12:45 am

This is the log file I got it says defogger enable though:

defogger_enable by jpshortstuff (23.02.10.1)
Log created at 22:29 on 15/03/2010 (Natarajan)

Parsing file...
SPTD -> Enabled (0)


-=E.O.F=-
nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 17th, 2010, 1:29 am

http://en.kioskea.net/forum/affich-2233 ... n-internet

Should I try the suggestion on this page the part where it says to create a new .reg file and add it to the registry?
nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby gringo_pr » March 17th, 2010, 3:57 am

No don't try it

I am asking around about this


gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 18th, 2010, 2:03 am

Hello Gringo,

Do you have any suggestion yet ? What should I do ?

Regards,
Natarajan
nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby gringo_pr » March 18th, 2010, 9:05 am

Hello

I would like you to do a system restore to before this happened.

if you don't know how to do this
http://support.microsoft.com/kb/306084

gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 18th, 2010, 10:56 am

Hello Gringo,

This happened on the 15th today's the 18th so the restore points from the 15th were overwritten by dumb avg updates & windows updates system restore points from 16th or later. Now what should I do ?

Thanks
Natarajan
nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby gringo_pr » March 18th, 2010, 11:34 pm

Hello nataraj007

I am going to have to send you to a tech support site as this out of my area.
these guys I have listed below are the best around and should be able to help you get that problem fixed.
I don't think it was caused by one of our tools as I have talked to the develepers of the tools and they can't think of anything that could have gone wrong.
I would like to follow the thread you open so I can find out what happened, please come back here and let me have the link to the thread that you open - thanks

Tech support guy

or
what the tech
or
techsupportforum
  • windows- problems with operating systems and windows problems
  • vista - Vista support

Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 19th, 2010, 2:06 am

nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 21st, 2010, 1:41 pm

Hello Gringo I just ran AVG scan and found these 3 viruses

"C:\Users\Natarajan\Downloads\softwares\vlc-0.8.6d-win32.exe:\$JP\plugins\libpva_plugin.dll";"Trojan horse Generic17.KSB";"Infected"
"C:\Users\Natarajan\Downloads\softwares\vlc-0.8.6d-win32.exe";"Trojan horse Generic17.KSB";"Infected"
"C:\Program Files\VideoLAN\VLC\plugins\libpva_plugin.dll";"Trojan horse Generic17.KSB";"Infected"

What are these would I be affected if I delete these ?
nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby gringo_pr » March 21st, 2010, 11:20 pm

Hello nataraj007

that seems to be a legit program but we will remove it and update it.

uninstall some programs

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and paste the following into the box
Code: Select all
appwiz.cpl

  • click ok
  • Right click on each of these programs and select uninstall
      VideoLAN VLC media player 0.8.6d
    Once finished, close the Programs and Features window

Next.

Download and run OTM

Download OTM by Old Timer and save it to your Desktop.
  • Double-click OTM.exe to run it.
  • Right-click then copy the following code, Do not include the word Code.
    Code: Select all
    :Files
    C:\Users\Natarajan\Downloads\softwares\vlc-0.8.6d-win32.exe
    C:\Program Files\VideoLAN\VLC\plugins\libpva_plugin.dll
    :Commands
    [emptytemp]
    

    • Return to OTM, right-click then paste the code into the blank box below Image
    • Push the large Image button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • Copy everything in the Results window (under the green bar), and paste it in your next reply.


NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Next I would like you to go here and download the newest virsion of this software

VLC Media Player 1.0.5

it is on the right hand side - Download latest virsion

Now rerun AVG and lets see if it helped

Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 22nd, 2010, 4:43 am

Hello Gringo,


All processes killed
========== FILES ==========
C:\Users\Natarajan\Downloads\softwares\vlc-0.8.6d-win32.exe moved successfully.
File/Folder C:\Program Files\VideoLAN\VLC\plugins\libpva_plugin.dll not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Natarajan
->Temp folder emptied: 405498246 bytes
->Temporary Internet Files folder emptied: 138355944 bytes
->Java cache emptied: 12268886 bytes
->FireFox cache emptied: 74112069 bytes
->Google Chrome cache emptied: 22311416 bytes
->Apple Safari cache emptied: 202433059 bytes
->Flash cache emptied: 585140 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2549742 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 52895478 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 25747983 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 893.00 mb


OTM by OldTimer - Version 3.1.10.1 log created on 03222010_000731

Files moved on Reboot...
File C:\Users\Natarajan\AppData\Local\Temp\LMIC8E2.tmp\LMIRhook.000.dll not found!
File C:\Users\Natarajan\AppData\Local\Temp\LMIC8E2.tmp\rahook.dll not found!
File C:\Users\Natarajan\AppData\Local\Temp\~DFC348.tmp not found!
File C:\Users\Natarajan\AppData\Local\Temp\~DFC352.tmp not found!
File C:\Users\Natarajan\AppData\Local\Temp\~DFC6E4.tmp not found!
File C:\Users\Natarajan\AppData\Local\Temp\~DFC6F9.tmp not found!
File C:\Users\Natarajan\AppData\Local\Temp\~DFC797.tmp not found!
File C:\Users\Natarajan\AppData\Local\Temp\~DFC7AE.tmp not found!
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NV69E8T4\default[2].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NV69E8T4\getSegment[2].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NV69E8T4\iepngfix[1].htc moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NV69E8T4\viewdocument_appFooter[2].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NV69E8T4\viewdocument_forFrameset_Metadata[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FW94WX0U\1036609180[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FW94WX0U\ADSAdClient31[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FW94WX0U\extIFrame[2].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FW94WX0U\support-info[1].pl moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FW94WX0U\viewdocument_appHeader[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F166V8OD\communities[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F166V8OD\csshover[1].htc moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F166V8OD\default[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F166V8OD\documentLink[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F166V8OD\lightbox.15af31b73a3eb29d5bb023140bc5710d[1].html moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F166V8OD\model-home[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F166V8OD\sidenav-kb[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F166V8OD\viewdocument_rating[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7YI9UWOQ\bg_323232[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7YI9UWOQ\csshover[1].htc moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7YI9UWOQ\csshover[2].htc moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7YI9UWOQ\viewContent[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7YI9UWOQ\viewdocument_forFrameset_Header[1].htm moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Users\Natarajan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...
nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby nataraj007 » March 22nd, 2010, 12:07 pm

Are there any other vista tech help sites where people respond ?

Edit: Looks like the registry got corrupted Gringo no one replied so I just tried the missing.reg file from the link I sent to you earlier and it worked for the missing sounds but the desktop and thumbnails are still the same !
nataraj007
Regular Member
 
Posts: 17
Joined: March 3rd, 2010, 12:02 pm

Re: Firefox-> redirecting to diff websites, IE- opening adverts

Unread postby gringo_pr » March 22nd, 2010, 4:53 pm

User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1817
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 315 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware