Your Ad Here

Friday, February 6, 2009

VIRUS? opens new tabs when click links, takes to ad sites

I have recently encountered a problem on my computer. Whenever i click on links in google it opens new tabs and takes me to different ad sites. I have tried several anti-spyware and anti-virus programs but none of them seemed to get rid of the problem. I have run a scan using hijack this and this is the log file that came up:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:36:14 AM, on 06/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:hpsupporthpsysdrv.exe
C:Program FilesHewlett-PackardOn-Screen OSD IndicatorOSD.exe
C:Program FilesJavajre1.6.0_01binjusched.exe
C:Program FilesHPHP Software UpdatehpwuSchd2.exe
c:Program FilesCommon FilesSymantec SharedccSvcHst.exe
C:Program FilesAVGAVG8avgtray.exe
C:WindowsSystem32rundll32.exe
C:Program FilesVMwareVMware Workstationvmware-tray.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Windowsehomeehtray.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Windowsehomeehmsas.exe
C:UsersJesse DesveauxAppDataLocalGoogleUpdateGoogleUpdate.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
C:WindowsSystem32mobsync.exe
N:Program FilesMagicDiscMagicDisc.exe
C:UsersJesse DesveauxAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersJesse DesveauxAppDataLocalGoogleChromeApplicationchrome.exe
C:hpkbdkbd.exe
C:Windowssystem32wuauclt.exe
C:UsersJesse DesveauxAppDataLocalGoogleChromeApplicationchrome.exe
C:Windowssystem32SearchFilterHost.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG8avgssie.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.0coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.0CoIEPlg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [hpsysdrv] c:hpsupporthpsysdrv.exe
O4 - HKLM..Run: [KBD] C:HPKBDKbdStub.EXE
O4 - HKLM..Run: [OsdMaestro] "C:Program FilesHewlett-PackardOn-Screen OSD IndicatorOSD.exe"
O4 - HKLM..Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-PackardHP Health CheckHPHC_Scheduler.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"
O4 - HKLM..Run: [HP Software Update] c:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [ccApp] "c:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [D-Link RangeBooster G WUA-2340] C:Program FilesD-LinkRangeBooster G WUA-2340AirPlusCFG.exe
O4 - HKLM..Run: [ANIWZCS2Service] C:Program FilesANIANIWZCS2 ServiceWZCSLDR2.exe
O4 - HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 - HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [vmware-tray] "C:Program FilesVMwareVMware Workstationvmware-tray.exe"
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [DAEMON Tools Lite] "C:Program FilesDAEMON Tools Litedaemon.exe" -autorun
O4 - HKCU..Run: [AdobeUpdater] C:Program FilesCommon FilesAdobeUpdater5AdobeUpdater.exe
O4 - HKCU..Run: [LightScribe Control Panel] C:Program FilesCommon FilesLightScribeLightScribeControlPanel.exe -hidden
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesNeroLibNMBgMonitor.exe"
O4 - HKCU..Run: [Google Update] "C:UsersJesse DesveauxAppDataLocalGoogleUpdateGoogleUpdate.exe" /c
O4 - HKCU..Run: [RGSC] C:Program FilesRockstar GamesRockstar Games Social ClubRGSCLauncher.exe /silent
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKCU..Run: [SUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User NETWORK SERVICE)
O4 - Startup: MagicDisc.lnk = N:Program FilesMagicDiscMagicDisc.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll
O9 - Extra Tools menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra Tools menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:program filesvmwarevmware workstationvsocklib.dll
O10 - Unknown file in Winsock LSP: c:program filesvmwarevmware workstationvsocklib.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG8avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:Program FilesSUPERAntiSpywareSASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:Program FilesHP GamesMy HP Game ConsoleGameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:Program FilesVMwareVMware Workstationvmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:Program FilesVMwareVMware Workstationvmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:Windowssystem32vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:Windowssystem32vmnat.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

--
End of file - 11786 bytes


If anyone could help with this problem it would be greatly appreciated. Thank You

Read More...

[Source: Webmaster Forum - Posted by Kishore Vengala]
Your Ad Here
Posted by Kishore Vengala at 10:18 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)