Thread: google redirect
View Single Post
Old 04-18-2009, 06:56 PM   #1 (permalink)
chipnmissy
Registered User
 
Join Date: Apr 2009
Location: vermont
Posts: 3
OS: xp


google redirect
Hi, and thanks for your help in advance.
I have something that redirects my google links, sometimes once, sometimes two or three times. Often when I get redirected, I hit the back button, and instead of returning to my search, I land on google's home page. I have spyware doctor with anti virus, and it has found some things, but nothing seems to repair the problem. I am running firefox, I believe the latest version.

this is the dds log.

DDS (Ver_09-03-16.01) - NTFSx86
Run by Owner at 20:38:42.78 on Sat 04/18/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.95 [GMT -4:00]

AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\eM\Bay Reader\Shwicon2k.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Spotmau\Desktop_Secretary\Spotmau_S.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\dds.scr
C:\WINDOWS\System32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - c:\program files\asksearch\bin\DefaultSearch.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [MoneyAgent] "c:\program files\microsoft money\system\mnyexpr.exe"
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [CHotkey] zHotkey.exe
mRun: [showicon2k] c:\program files\\em\bay reader\Shwicon2k.exe
mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\photosmart\hp share-to-web\hpgs2wnd.exe
mRun: [CXMon] "c:\program files\hewlett-packard\photosmart\photo imaging\Hpi_Monitor.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SpotmauSecretary] c:\program files\spotmau\desktop_secretary\Spotmau_S.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\frostw~1.lnk - c:\program files\frostwire\FrostWire.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bigfix.lnk - c:\program files\bigfix\BigFix.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc2~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
IE: Add to AMV Converter... - c:\program files\mp3 player utilities 4.19\amvconverter\grab.html
IE: {6224f700-cba3-4071-b251-47cb894244cd} - c:\program files\icq\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.3.1/jinstall-131-win.cab
DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\1spbq164.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-4-16 130424]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009-4-16 51520]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009-4-16 38208]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-4-16 159600]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-4-16 348752]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-4-16 1095560]
R2 supersafer;supersafer;c:\windows\system32\drivers\supersafer.sys [2009-4-4 354176]
R3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009-4-16 64392]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009-4-16 33088]
R3 ThreatFire;ThreatFire;c:\program files\spyware doctor\tfengine\tfservice.exe service --> c:\program files\spyware doctor\tfengine\TFService.exe service [?]

=============== Created Last 30 ================

2009-04-18 20:13 <DIR> --d----- c:\program files\Trend Micro
2009-04-18 13:52 <DIR> --d----- c:\program files\UNICCodec
2009-04-16 22:55 38,208 a------- c:\windows\system32\drivers\TfSysMon.sys
2009-04-16 22:55 33,088 a------- c:\windows\system32\drivers\TfNetMon.sys
2009-04-16 22:55 12,608 a------- c:\windows\system32\drivers\TfKbMon.sys
2009-04-16 22:55 51,520 a------- c:\windows\system32\drivers\TfFsMon.sys
2009-04-16 22:39 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-04-16 22:39 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-04-16 22:39 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-04-16 22:39 <DIR> --d----- c:\program files\common files\PC Tools
2009-04-16 22:39 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-04-16 22:39 <DIR> --d----- c:\program files\Spyware Doctor
2009-04-16 22:39 <DIR> --d----- c:\docume~1\owner\applic~1\PC Tools
2009-04-16 22:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-04-16 22:34 <DIR> --d----- c:\program files\CCleaner
2009-04-14 18:54 <DIR> --d----- c:\documents and settings\owner\.tuxguitar-1.1
2009-04-14 18:54 <DIR> --d----- c:\program files\tuxguitar-1.1
2009-04-14 18:49 1,200 a------- c:\windows\system32\rzeksfsp.dat
2009-04-14 18:49 <DIR> --d----- c:\program files\SFaxTools
2009-04-12 17:27 <DIR> --d----- c:\program files\Blockland
2009-04-11 19:24 <DIR> --d----- c:\docume~1\owner\applic~1\Unity
2009-04-11 18:54 <DIR> --d----- c:\program files\Unity
2009-04-11 13:37 247,494 a------- c:\windows\PUZZLES.DAT
2009-04-11 13:24 92,208 a------- c:\windows\system\WING.DLL
2009-04-11 13:24 30 a------- c:\windows\PUZZLES.INI
2009-04-07 04:15 54,156 a---h--- c:\windows\QTFont.qfn
2009-04-07 04:15 1,409 a------- c:\windows\QTFont.for
2009-04-06 11:56 <DIR> --d----- c:\program files\Yahoo!
2009-04-05 14:41 72 a------- c:\windows\MediaManager.INI
2009-04-05 14:29 <DIR> --d----- c:\windows\system32\LogFiles
2009-04-05 14:28 <DIR> --d----- c:\program files\MP3 Player Utilities 4.19
2009-04-05 13:24 <DIR> --d----- c:\docume~1\owner\applic~1\FrostWire
2009-04-05 13:23 73,728 a------- c:\windows\system32\javacpl.cpl
2009-04-05 13:21 <DIR> --d----- c:\program files\AskSearch
2009-04-05 13:21 <DIR> --d----- c:\program files\AskBarDis
2009-04-04 19:44 <DIR> --d----- c:\docume~1\owner\applic~1\WinCare2009
2009-04-04 18:18 354,176 a------- c:\windows\system32\drivers\supersafer.sys
2009-04-04 18:18 470,528 a------- c:\windows\system32\wxmsw28u_html_vc_custom.dll
2009-04-04 18:18 2,771,968 a------- c:\windows\system32\wxmsw28u_core_vc_custom.dll
2009-04-04 18:18 1,163,776 a------- c:\windows\system32\wxbase28u_vc_custom.dll
2009-04-04 18:18 681,472 a------- c:\windows\system32\wxmsw28u_adv_vc_custom.dll
2009-04-04 18:18 118,784 a------- c:\windows\system32\wxbase28u_xml_vc_custom.dll
2009-04-04 18:18 <DIR> --d----- c:\program files\Spotmau
2009-04-04 13:21 31,768 a------- c:\windows\system32\wucltui.dll.mui
2009-04-04 13:21 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui
2009-04-04 13:21 18,456 a------- c:\windows\system32\wuaueng.dll.mui
2009-04-04 13:21 23,576 a------- c:\windows\system32\wuapi.dll.mui

==================== Find3M ====================

2004-11-29 21:32 0 a---h--- c:\documents and settings\owner\hpothb07.dat
2004-01-26 19:45 0 ac--h--- c:\program files\hpothb07.dat
2004-01-26 19:44 15,628 a---h--- c:\program files\hpothb07.tif
2003-03-31 08:00 94,784 ---sh--- c:\windows\twain.dll
2004-08-04 03:56 50,688 ---sh--- c:\windows\twain_32.dll
2004-08-04 03:56 1,028,096 ---sh--- c:\windows\system32\mfc42.dll
2004-08-04 03:56 54,784 ---sh--- c:\windows\system32\msvcirt.dll
2004-08-04 03:56 413,696 a--sh--- c:\windows\system32\msvcp60.dll
2004-08-04 03:56 343,040 a--sh--- c:\windows\system32\msvcrt.dll
2004-08-04 03:56 11,776 ---sh--- c:\windows\system32\regsvr32.exe

============= FINISH: 20:38:57.67 ===============
Attached Files
File Type: zip attach.zip.zip (2.9 KB, 4 views)
chipnmissy is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here