Technology Forum

Technology Forum


Google redirect virus

This is a discussion on Google redirect virus within the Spyware forums, part of Technology category; Hi, I have a problem with my browser... whenever I search on google, the search results redirect me to another ...




Go Back   Technology Forum > Technology > Spyware

Google redirect virus Google redirect virus

Register FAQ Members List Calendar Search Today's Posts Mark All Read

Reply

 

Thread Tools Display Modes
  #1  
Old 09-07-2008, 03:46 PM
Tech Ace Tech Ace is offline
Senior Member
  
Join Date: Apr 2008
Posts: 30,703
Default Google redirect virus



Hi, I have a problem with my browser... whenever I search on google, the search results redirect me to another totally unrelated site. And firefox often "resets" the connection with support sites. Here is my log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:46:47, on 2008-09-07 Platform: windows xp SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\SYSTEM32\GEARSEC.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\hphmon05.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program\Java\jre1.6.0_07\bin\jusched.exe C:\Program\ESET\ESET Smart Security\egui.exe C:\Program\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\uTorrent\uTorrent.exe C:\WINDOWS\system32\drivers\svchost.exe C:\Program\NETGEAR\WG111T Configuration Utility\wlan111t.exe C:\Program\Personal\bin\Personal.exe C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program\MSN Messenger\usnsvc.exe C:\WINDOWS\System32\WISPTIS.EXE C:\Program\Ashampoo\Ashampoo Burning Studio 7\burningstudio.exe C:\Program\Ashampoo\Ashampoo Burning Studio 7\CancelAutoplay.exe C:\Program\Avant Browser\avant.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\PROGRAM\MOZILL~1\FIREFOX.EXE C:\Program\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about_:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.onoff.se R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SafeGuard Protect PCShield - {564FFB73-9EEF-4969-92FA-5FC4A92E2C2A} - C:\WINDOWS\system32\sfg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Popup Blocker Pro - {A44B961C-8C36-470f-8555-EDA0EFC1E710} - C:\Program\SafeGuard Pop-up Blocker Pro FREE Edition\popupblocker.dll (file missing) O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [CamMonitor] C:\Program\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Program\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [HP Software Update] C:\Program\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [egui] "C:\Program\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\system32\sfg.dll" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ? O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Documents and Settings\Nils\Skrivbord\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Documents and Settings\Nils\Skrivbord\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Documents and Settings\Nils\Skrivbord\Free Download Manager\dlpage.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Documents and Settings\Nils\Skrivbord\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.onoff.se O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {16E166F9-35E8-4CA5-B50D-5CEFABF45B09} - http://www.sfonditalia.biz/dialers/1746/AUTO_1746_N.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - https://skolwebb.stockholm.se/Secure...AB/saxfile.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by108fd.bay108.hotmail.msn.co...s/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/175abc08...p/RdxIE601.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O16 - DPF: {C8CE8EAB-8B03-484B-B348-A2442D38E7AF} (Intermezzon Player Control) - http://download.intermezzon.com/3.3/designerplayer.cab O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://mail.lycos.com/hanmail-ax/AttachMail.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by117fd.bay117.hotmail.msn.co...x/HMAtchmt.ocx O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{58D953C0-9E65-4928-952A-AA0C6E2D36D2}: NameServer = 192.168.0.1 O17 - HKLM\System\CS60\Services\Tcpip\..\{58D953C0-9E65-4928-952A-AA0C6E2D36D2}: NameServer = 192.168.0.1 O17 - HKLM\System\CS61\Services\Tcpip\..\{58D953C0-9E65-4928-952A-AA0C6E2D36D2}: NameServer = 192.168.0.1 O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program\ESET\ESET Smart Security\ekrn.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program\NOS\bin\getPlus_HelperSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Unknown owner - C:\Program\iPod\bin\iPodService.exe (file missing) O23 - Service: LF Connection Keeper Service (LFCK) - Unknown owner - C:\Program\LFConnectionKeeper\lfck.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program\Delade filer\Nero\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 11119 bytes
Reply With Quote
Reply

« New Computer with Viruses? | Malware problem / error log »
Thread Tools
Display Modes
Linear Mode Linear Mode


Similar Threads

Thread Thread Starter Forum Replies Last Post
PC has google redirect virus Tech Ace Spyware 0 09-30-2008 02:54 PM
Redirect virus.. double google? Tech Ace Spyware 0 09-27-2008 02:35 AM
Google Redirect Virus Help Tech Ace Spyware 0 09-23-2008 11:01 PM
Google Redirect Virus Tech Ace Windows XP 0 08-28-2008 12:24 AM
redirect virus with Google Tech Ace Spyware 0 08-17-2008 12:50 AM

Networking | Windows Vista | Motherboards | Hard Drives | Virus Information | 0x8007f0f1 | hellzlittlespy | Chrome Plugins

Your Computer Networking, Hardware, Software, Windows, Spyware and Malware Info source.


Tech Articles: Cameras | Cell Phones | Security | Hardware | Software | Television

SEO | Domain Forum


All times are GMT. The time now is 01:07 PM.

Contact Us - Tech Forum - Sitemap - Tags - Privacy Statement - Top


Powered by vBulletin® Version 3.7.3