Browers keeps redirecting me to random unsafe sites

By jzero · 9 replies
Oct 11, 2010
  1. hey guys
    the title pretty much says it all
    heres my hijack this log:

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Welcome to TechSpot. I'll help with the malware. But we don't 'screen' for malware with HijackThis.

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, paste the logs for review into your next reply . OK to use more than one post if needed.

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

    Could you clarify this for me please: I note several different drives: C,E, G, H are these partitions? And I note that you have Eset AV on Drive H and a-Squared on Drive E.

    I also note the absence of either a hompage or a search page.
  3. jzero

    jzero TS Rookie Topic Starter

    yes i have partitioned my hard drives
    and yes i keep both nod32 and a squared installed
  4. jzero

    jzero TS Rookie Topic Starter

    Malwarebytes' Anti-Malware 1.46

    Database version: 4174

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 6.0.2900.5512

    12/10/2010 8:19:16 AM
    mbam-log-2010-10-12 (08-19-16).txt

    Scan type: Quick scan
    Objects scanned: 130851
    Time elapsed: 3 minute(s), 46 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Multiple antivirus programs can cause vulnerabilities to the system.

    Please include the remaining logs.
  6. jzero

    jzero TS Rookie Topic Starter

    here are the gmer and dds logs

    Attached Files:

  7. jzero

    jzero TS Rookie Topic Starter

    just in case you didnt want the attach in zip form like on the other threads

    Attached Files:

  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Please either uninstall or don't use these file sharing programs while am helping you:
    Tunngle beta > referred to as "Next generation peer-to-peer VPN tool"

    There are error events when you booted saying "The pipe state is invalid".
    The pipe state is invalid.>
    A "pipe" is used for communication between programs running on your computer this may be either a faulty or malicious program running as Administrator (you'd need to be confirming this with the UAC dialog, so you should know- or a driver is faulty.
    This problem occurs when the Srvsvc.dll file generates an access violation error. This error stops the Svchost.exe process that loads services such as Workstation and Server. As a result, Winlogon.exe and other processes stop responding.
    This was first addressed in SP2, but there is also a hot fix available. See MS Update site for:
    Hotfix: Date Time Version Size File name
    08-Jul-2003 00:39 5.1.2600.1243 77,824 Srvsvc.dll

    As far as the multiple AV programs, I've addressed that. But I also see the following:
    NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up in addition to ESET NOD32 Antivirus.
    Please Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Paste that log in for me to review
    Then go on to download ComboFix from Here and save to your Desktop.

    • [1]. Do NOT rename Combofix unless instructed.
      [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3].Close any open browsers.
      [4]. Double click combofix.exe & follow the prompts to run.
    • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
      [5]. If Combofix asks you to install Recovery Console, please allow it.
      [6]. If Combofix asks you to update the program, always allow.
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      [7]. A report will be generated after the scan. Please paste the C:\ComboFix.txt in next reply.
    Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
    Note: Make sure you re-enable your security programs, when you're done with Combofix..
  9. jzero

    jzero TS Rookie Topic Starter

    close this please
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Closed at members' request.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...