Resolved Browers keeps redirecting me to random unsafe sites

Status
Not open for further replies.

jzero

Posts: 7   +0
Hey guys
the title pretty much says it all
heres my hijack this log:
 

Attachments

  • hijackthis.log
    6.7 KB · Views: 4
Welcome to TechSpot. I'll help with the malware. But we don't 'screen' for malware with HijackThis.

If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

When you have finished, paste the logs for review into your next reply . OK to use more than one post if needed.

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

Could you clarify this for me please: I note several different drives: C,E, G, H are these partitions? And I note that you have Eset AV on Drive H and a-Squared on Drive E.

I also note the absence of either a hompage or a search page.
 
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4174

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

12/10/2010 8:19:16 AM
mbam-log-2010-10-12 (08-19-16).txt

Scan type: Quick scan
Objects scanned: 130851
Time elapsed: 3 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
and yes i keep both nod32 and a squared installed
Multiple antivirus programs can cause vulnerabilities to the system.

Please include the remaining logs.
 
Here are the gmer and dds logs
 

Attachments

  • DDS.txt
    11.9 KB · Views: 1
  • gmer.log
    8.5 KB · Views: 1
  • attach.zip
    4.6 KB · Views: 1
Just in case you didnt want the attach in zip form like on the other threads
 

Attachments

  • Attach.txt
    13.2 KB · Views: 1
When you have finished, paste the logs for review into your next reply . OK to use more than one post if needed.

Please either uninstall or don't use these file sharing programs while am helping you:
µTorrent
Tunngle beta > referred to as "Next generation peer-to-peer VPN tool"


There are error events when you booted saying "The pipe state is invalid".
The pipe state is invalid.> http://support.microsoft.com/kb/823830
A "pipe" is used for communication between programs running on your computer this may be either a faulty or malicious program running as Administrator (you'd need to be confirming this with the UAC dialog, so you should know- or a driver is faulty.
This problem occurs when the Srvsvc.dll file generates an access violation error. This error stops the Svchost.exe process that loads services such as Workstation and Server. As a result, Winlogon.exe and other processes stop responding.
This was first addressed in SP2, but there is also a hot fix available. See MS Update site for:
Hotfix: Date Time Version Size File name
-----------------------------------------------------
08-Jul-2003 00:39 5.1.2600.1243 77,824 Srvsvc.dll

===============================================
As far as the multiple AV programs, I've addressed that. But I also see the following:
NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up in addition to ESET NOD32 Antivirus.
============================================
Please Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner
  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the Active X control to install
  4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  5. Click Start
  6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  7. Click Scan
  8. Wait for the scan to finish
  9. Re-enable your Antivirus software.
  10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Paste that log in for me to review
=====================
Then go on to download ComboFix from Here and save to your Desktop.

  • [1]. Do NOT rename Combofix unless instructed.
    [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    [3].Close any open browsers.
    [4]. Double click combofix.exe & follow the prompts to run.
  • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
    [5]. If Combofix asks you to install Recovery Console, please allow it.
    [6]. If Combofix asks you to update the program, always allow.
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    [7]. A report will be generated after the scan. Please paste the C:\ComboFix.txt in next reply.
Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note: Make sure you re-enable your security programs, when you're done with Combofix..
 
Status
Not open for further replies.
Back