• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3951
  • Last Modified:

Is this Google virus or what???

Hi all,
I use XP Home. For some days now, Google have been giving me alot of headache. Most times it doesn't allow me visit other websites. I did not place Google as my home page in my explorer but where does this problem come from?

If I type another website's address in the address bar and click "GO", Google will just appear from nowhere.

If I follow a link to a website that has nothing to do with Google, Google will just appear. And whenever it appears, refreshing will hardly remove it.

Mostly what appears is annoying Google error page. What will I do to stop this crap!! I have used Adware and Norton to check my system for craps and still it persists.

Please can someone give me a helping hand here before I go crazy over this issue. I will appriciate any opinion. Thanks.


0
Agamlizard
Asked:
Agamlizard
  • 2
1 Solution
 
akbossCommented:
have you changed your start page at all in the Tools>internet options area?

if you didnt do it then try downloading this.
CWShredder direct download:
http://209.133.47.200/~merijn/files/CWShredder.exe

also downloading and posting the log file here from Hijackthis is helpful.
HijackThis  
http://209.133.47.200/~merijn/files/HijackThis.exe
http://www.spywareinfo.com/~merijn/downloads.html
0
 
AgamlizardAuthor Commented:
akboss,

Thank you so much, I did exactly as you all instructed and I removed few craps with Hijack-This and my system is recovering, little by little.

I will watch its improvement in few days to know if the disease is finally eradicated. My instinct tells me that its over. I will report to you in few days time if my system is still sick.

Below is just the final log after removing the craps, if there is anything you see bad there you let me. Again, I'm so grateful to you. Thanks!!!

 Logfile of HijackThis v1.97.7
Scan saved at 12:53:36 AM, on 4/7/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\TBridge\Flatbed.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
G:\j2 Messenger\HotTray.exe
G:\j2 Messenger\Dllcmd32.exe
C:\WINDOWS\System32\wpabaln.exe
D:\Clean KMD\clean.kmd
C:\Program Files\A4Proxy\A4Proxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
G:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=127.0.0.1:8080;http=127.0.0.1:8080;https=127.0.0.1:8080
F1 - win.ini: load=C:\TBridge\Flatbed.exe
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - D:\FreshDevices\FreshDownload\fdcatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "G:\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [WordPerfect Office 1115] C:\Program Files\Common Files\Corel\Registration\EN\Registration.exe /title="WordPerfect Office 11" /date=041004 serial=WS11WTD-9999998-BHS
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: j2 Tray Menu.lnk = G:\j2 Messenger\HotTray.exe
O4 - Global Startup: Live Menu.lnk = G:\j2 Messenger\Dllcmd32.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akamaitools.com.edgesuite.net/dlmanager/live/code/DownloadManager.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38082.356724537


0
 
akbossCommented:
get rid of kazza...it will just cause you more trouble in the long run.

D:\Clean KMD\clean.kmd

"This will update anything that is old in K-Lite 2.4.3. Just run the install program and there you go, you are up to date. "

0
 
mal4macCommented:
For an overview of Google viruses and Google worms try:

http://www.321books.co.uk/mega-search-engines/google-virus.htm
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now