|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
07-27-2009, 07:34 PM
|
#1 (permalink) |
|
Registered User
Join Date: Aug 2004
Posts: 18
OS: XP
|
Google Redirects to Blank Pages and PC Runs Slow
My PC seems to be infected with the "Google Redirect Virus", whenever I complete a Google search the results display as they should, but when I click on a result Google redirects to a random blank page always with a different URL. After trying each result 3-4 times, the correct page will usually load. Most of the time a URL beginning with hxxp://www.clickover.net... or hxxp://www.clickover.com... will appear before going to another random URL. The pages the browser isredirected to are always blank. In addition to the redirecting issue, my PC is running very slow, although the CPU usage never seems to rise. Thanks in advance for any help.
DDS (Ver_09-06-26.01) - NTFSx86 Run by Travis at 22:08:59.57 on Mon 07/27/2009 Internet Explorer: 6.0.2900.5512 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.483 [GMT -4:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\WINDOWS\system32\igfxsrvc.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe C:\WINDOWS\system32\igfxext.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Documents and Settings\Travis\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File uRun: [EPSON WorkForce 600 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatieka.exe /fu "c:\windows\temp\E_S5E.tmp" /EF "HKCU" uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [EDS] c:\program files\samsung\samsung eds\EDSAgent.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [DMHotKey] c:\program files\samsung\easy display manager\DMLoader.exe mRun: [BatteryManager] c:\program files\samsung\samsung battery manager\BatteryManager.exe mRun: [MagicKeyboard] c:\program files\samsung\magickbd\PreMKBD.exe mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe" mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl.sun.com/webapps/download/AutoDL?BundleId=27986 DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-7-26 64160] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-7-26 335752] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-7-26 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-7-26 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-7-26 298776] R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [2008-11-11 4300] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1029456] R2 SNM WLAN Service;SNM WLAN Service;c:\program files\samsung\samsung network manager\SNMWLANService.exe [2006-10-30 36864] R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [2008-1-14 30208] R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [2008-11-11 238464] S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-7-7 20480] S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2008-5-9 174336] =============== Created Last 30 ================ 2009-07-27 21:41 <DIR> --d----- c:\docume~1\travis\applic~1\Malwarebytes 2009-07-27 21:41 15,504 a------- c:\windows\system32\drivers\mbam.sys 2009-07-27 21:41 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-27 21:41 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-07-27 21:41 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-07-26 23:13 <DIR> --d-h--- C:\$AVG8.VAULT$ 2009-07-26 23:06 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-07-26 23:06 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-07-26 23:06 335,752 a------- c:\windows\system32\drivers\avgldx86.sys 2009-07-26 23:06 <DIR> --d----- c:\windows\system32\drivers\Avg 2009-07-26 23:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar 2009-07-26 23:05 <DIR> --d----- c:\program files\AVG 2009-07-26 23:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8 2009-07-26 23:05 <DIR> --d----- c:\program files\Eusing Free Registry Cleaner 2009-07-26 22:44 <DIR> --d----- c:\docume~1\travis\applic~1\AVG8 2009-07-26 21:37 15,688 a------- c:\windows\system32\lsdelete.exe 2009-07-26 21:25 0 a------- c:\windows\EEventManager.INI 2009-07-26 21:23 64,160 a------- c:\windows\system32\drivers\Lbd.sys 2009-07-26 21:21 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{EF63305C-BAD7-4144-9208-D65528260864} 2009-07-26 21:21 <DIR> --d----- c:\program files\Lavasoft 2009-07-26 20:32 <DIR> --d----- c:\program files\Spybot - Search & Destroy 2009-07-26 20:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2009-07-26 20:12 <DIR> --d----- c:\program files\Trend Micro 2009-07-26 19:15 <DIR> --d----- c:\windows\pss 2009-07-26 00:27 <DIR> --d----- c:\windows\system32\wbem\Repository 2009-07-23 16:57 <DIR> --d----- c:\program files\Epson Software 2009-07-23 16:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\EPSON 2009-07-23 16:26 71,680 a------- c:\windows\system32\escwiad.dll 2009-07-23 16:26 9,216 a------- c:\windows\system32\escdev.dll 2009-07-23 16:26 <DIR> --d----- c:\program files\epson 2009-07-23 16:14 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys 2009-07-23 16:14 25,856 a------- c:\windows\system32\drivers\usbprint.sys 2009-07-15 10:17 256 a------- c:\windows\system32\pool.bin 2009-07-15 10:17 <DIR> --d----- c:\docume~1\travis\applic~1\Research In Motion 2009-07-15 10:13 <DIR> --d----- c:\program files\Roxio 2009-07-15 10:13 <DIR> --d----- c:\program files\common files\Sonic Shared 2009-07-15 10:12 <DIR> --d----- c:\windows\RegisteredPackages 2009-07-15 10:11 26,496 a----r-- c:\windows\system32\drivers\RimSerial.sys 2009-07-15 10:11 <DIR> --d----- c:\program files\common files\Research In Motion 2009-07-15 10:11 <DIR> --d----- c:\program files\Research In Motion 2009-06-29 14:21 <DIR> --d----- c:\documents and settings\travis\Logitech 2009-06-29 14:20 <DIR> --d----- c:\program files\common files\Remote Control Software Common 2009-06-29 14:20 <DIR> --d----- c:\program files\common files\Remote Control USB Driver 2009-06-29 14:20 127,034 -----r-- c:\windows\bwUnin-8.1.1.50-8876480SL.exe ==================== Find3M ==================== 2009-06-16 10:36 119,808 a------- c:\windows\system32\t2embed.dll 2009-06-16 10:36 81,920 a------- c:\windows\system32\fontsub.dll 2009-06-03 15:09 1,291,264 a------- c:\windows\system32\quartz.dll 2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll 2009-04-29 00:46 666,624 a------- c:\windows\system32\wininet.dll 2009-04-29 00:46 81,920 a------- c:\windows\system32\ieencode.dll 2009-02-23 20:35 18,232 a------- c:\docume~1\travis\applic~1\GDIPFONTCACHEV1.DAT ============= FINISH: 22:10:56.56 =============== |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
