Solve : getting redirected, virus warnings, pop-ups, right click menu – InterviewSolution

InterviewSolution

1.	Solve : getting redirected, virus warnings, pop-ups, right click menu stopped working?
Answer» I am having the following problems: This is the first problem i noticed searching using yahoo when i click on the search result i want I do not get sent to the one i selected I get redirected to off the wall sites i able able to enter the http in the address bar and i have no problem. I use firefox. i am getting a pop saying that my computer is being attacked by viruses and then it pops up a fake My Computer page my right click menu stopped working i have been using MP3 Rocket with no problems for over two years but since yesterday i have been unable to open the application. i have went and uninstalled it and re installed it just like i have done before,..i can download and install it but can not open it to finish to set up.. i even tried to install a older vision but nothing The computer is many used for pictures, downloading music and movies, burning music cds, using the internet to socialize, search, email, some shopping and kid's games and watching movies that we download. Norton shows no viruses windows xp home edition version 2002 service pack 2. intel(R), Celeron(R) CPU2.20 GHz, 768MB of RAM i have 8.16 GB of free space and total size is 38.2 i am using Norton SYSTEMWORKS 2003 professional Edition here are my logs SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 01/20/2010 at 01:05 PM Application Version : 4.33.1000 Core Rules Database Version : 4496 Trace Rules Database Version: 2310 Scan type : Complete Scan Total Scan Time : 03:38:13 Memory items scanned : 500 Memory threats detected : 0 Registry items scanned : 4305 Registry threats detected : 0 File items scanned : 68598 File threats detected : 12 Adware.Tracking Cookie C:\Documents and Settings\Owner\Cookies\[emailprotected][1].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][1].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][1].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][2].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][1].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][2].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][2].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][1].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][1].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][2].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][1].txt C:\Documents and Settings\Owner\Cookies\[emailprotected][2].txt SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 01/21/2010 at 05:20 AM Application Version : 4.33.1000 Core Rules Database Version : 4496 Trace Rules Database Version: 2310 Scan type : Complete Scan Total Scan Time : 01:41:44 Memory items scanned : 441 Memory threats detected : 0 Registry items scanned : 4524 Registry threats detected : 0 File items scanned : 65998 File threats detected : 2 Adware.Tracking Cookie C:\WINDOWS\system32\config\systemprofile\Cookies\[emailprotected][1].txt C:\WINDOWS\system32\config\systemprofile\Cookies\[emailprotected][1].txt SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 01/22/2010 at 11:48 AM Application Version : 4.33.1000 Core Rules Database Version : 4496 Trace Rules Database Version: 2310 Scan type : Complete Scan Total Scan Time : 01:43:06 Memory items scanned : 432 Memory threats detected : 0 Registry items scanned : 4537 Registry threats detected : 0 File items scanned : 67469 File threats detected : 0 Malwarebytes' Anti-Malware 1.41 Database version: 3205 Windows 5.1.2600 Service Pack 2 1/20/2010 9:51:49 AM mbam-log-2010-01-20 (09-51-49).txt Scan type: Quick Scan Objects scanned: 98587 Time elapsed: 36 minute(s), 42 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Adware.Seekmo) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\Owner\My Documents\downloads\setup.exe (Adware.Seekmo) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.44 Database version: 3510 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.13 1/22/2010 12:09:24 PM mbam-log-2010-01-22 (12-09-24).txt Scan type: Quick Scan Objects scanned: 102805 Time elapsed: 9 minute(s), 11 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:13:12 PM, on 1/22/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\GWMDMMSG.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS C:\WINDOWS\System32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13116&gct=&gc=1&q=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gatewaybiz.com/ O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [QD FastAndSafe] C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /scheduler /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0 O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.LNK = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\apitrap.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: AUTOMATIC LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 9682 bytes here is the report after i defragmented last night Volume (C:) Volume size = 38.28 GB Cluster size = 4 KB Used space = 30.11 GB Free space = 8.17 GB Percent free space = 21 % Volume fragmentation Total fragmentation = 16 % File fragmentation = 33 % Free space fragmentation = 0 % File fragmentation Total files = 68,916 Average file size = 572 KB Total fragmented files = 13 Total excess fragments = 3,296 Average fragments per file = 1.04 Pagefile fragmentation Pagefile size = 1.13 GB Total fragments = 1 Folder fragmentation Total folders = 5,173 Fragmented folders = 1 Excess folder fragments = 0 Master File Table (MFT) fragmentation Total MFT size = 112 MB MFT record count = 74,261 Percent MFT in use = 64 % Total MFT fragments = 3 -------------------------------------------------------------------------------- Fragments File Size Files that cannot be defragmented 14 655 MB \Documents and Settings\Owner\Shared\Tom & Jerry Collection (14 cartoons).avi 42 697 MB \Documents and Settings\Owner\Shared\The.Sound.Of.Music 1.avi 18 699 MB \Documents and Settings\Owner\Shared\The.Sound.Of.Music.1965.DVDRip.MP3.DivX-WRD.CD2.avi 16 699 MB \Documents and Settings\Owner\Shared\P90X Beachbody - Turbo Jam - 20 Minute Workout.avi 17 700 MB \Documents and Settings\Owner\Shared\Horton.Hears.A.Who![2008]DvDrip-aXXo.avi 23 700 MB \Documents and Settings\Owner\Shared\Alvin and The CHIPMUNKS and The Chipettes (2009) DVDRip Occor avi.avi 44 701 MB \Documents and Settings\Owner\Shared\Alvin.And.The.Chipmunks.2007.DvDRip.Eng-FxM.avi 17 701 MB \Documents and Settings\Owner\Shared\Wall-E @ 2008 -Disney Pixar - FULL movie(dvd).avi 16 728 MB \Documents and Settings\Owner\Shared\P90X - Part 1 - Chest And Back.mpg 22 773 MB \Documents and Settings\Owner\Incomplete\T-810313728-Red Light District - Out Numbered 2 Cd1 (Lucy Lee,Jessica Fiorentino,Stacy Silver,Karma,Sandra Romain).mpg 3,051 773 MB \Documents and Settings\Owner\Shared\Red Light District - Out Numbered 2 Cd1 (Lucy Lee,Jessica Fiorentino,Stacy Silver,Karma,Sandra Romain).mpg 21 1.75 GB \Documents and Settings\Owner\Shared\Tyler Perry's - I Can Do Bad All By Myself.avi I hope that i have included everything you need to help me. I do appreciate all the work yall do. Thank You so MUCH

Discussion

No Comment Found

Related InterviewSolutions