Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Is this Google virus or what???

Posted on 2004-04-06
4
Medium Priority
?
3,915 Views
Last Modified: 2010-04-11
Hi all,
I use XP Home. For some days now, Google have been giving me alot of headache. Most times it doesn't allow me visit other websites. I did not place Google as my home page in my explorer but where does this problem come from?

If I type another website's address in the address bar and click "GO", Google will just appear from nowhere.

If I follow a link to a website that has nothing to do with Google, Google will just appear. And whenever it appears, refreshing will hardly remove it.

Mostly what appears is annoying Google error page. What will I do to stop this crap!! I have used Adware and Norton to check my system for craps and still it persists.

Please can someone give me a helping hand here before I go crazy over this issue. I will appriciate any opinion. Thanks.


0
Comment
Question by:Agamlizard
  • 2
4 Comments
 
LVL 6

Accepted Solution

by:
akboss earned 120 total points
ID: 10769791
have you changed your start page at all in the Tools>internet options area?

if you didnt do it then try downloading this.
CWShredder direct download:
http://209.133.47.200/~merijn/files/CWShredder.exe

also downloading and posting the log file here from Hijackthis is helpful.
HijackThis  
http://209.133.47.200/~merijn/files/HijackThis.exe
http://www.spywareinfo.com/~merijn/downloads.html
0
 

Author Comment

by:Agamlizard
ID: 10770634
akboss,

Thank you so much, I did exactly as you all instructed and I removed few craps with Hijack-This and my system is recovering, little by little.

I will watch its improvement in few days to know if the disease is finally eradicated. My instinct tells me that its over. I will report to you in few days time if my system is still sick.

Below is just the final log after removing the craps, if there is anything you see bad there you let me. Again, I'm so grateful to you. Thanks!!!

 Logfile of HijackThis v1.97.7
Scan saved at 12:53:36 AM, on 4/7/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\TBridge\Flatbed.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\ctfmon.exe
G:\j2 Messenger\HotTray.exe
G:\j2 Messenger\Dllcmd32.exe
C:\WINDOWS\System32\wpabaln.exe
D:\Clean KMD\clean.kmd
C:\Program Files\A4Proxy\A4Proxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
G:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=127.0.0.1:8080;http=127.0.0.1:8080;https=127.0.0.1:8080
F1 - win.ini: load=C:\TBridge\Flatbed.exe
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - D:\FreshDevices\FreshDownload\fdcatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "G:\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [WordPerfect Office 1115] C:\Program Files\Common Files\Corel\Registration\EN\Registration.exe /title="WordPerfect Office 11" /date=041004 serial=WS11WTD-9999998-BHS
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: j2 Tray Menu.lnk = G:\j2 Messenger\HotTray.exe
O4 - Global Startup: Live Menu.lnk = G:\j2 Messenger\Dllcmd32.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {3EB4F9EA-51A6-48DA-846A-0D69DCBA39EF} (DownloadManager Control) - http://download.akamaitools.com.edgesuite.net/dlmanager/live/code/DownloadManager.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38082.356724537


0
 
LVL 6

Expert Comment

by:akboss
ID: 10778346
get rid of kazza...it will just cause you more trouble in the long run.

D:\Clean KMD\clean.kmd

"This will update anything that is old in K-Lite 2.4.3. Just run the install program and there you go, you are up to date. "

0
 
LVL 1

Expert Comment

by:mal4mac
ID: 11573881
For an overview of Google viruses and Google worms try:

http://www.321books.co.uk/mega-search-engines/google-virus.htm
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
Spectre and Meltdown, how it affects me and my clients?
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question