Blurredman
08-30-2007, 05:46 PM
Well.
Whenever i type something into google,
And i get results. I click on that results (lets say its youtube.com).
I click on the appropriate one and it does not take me to youtube (or anything else) but to something like http://adtera.com/youtube.cfm?pt=2&rpt=1&kt=1
I have installed and used, zonealarm, AVG 7.5, Spyware, Ad-adware, Crap Cleaner, Hijackthis etc but it does not get rid of it. How do i get rid of it without having to re-install XP, because if i do, i would have to start from scratch for reasons i cant explane. Please help
heres an Hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 02:51:33, on 31/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\LAUNCH~1\LManager.exe
E:\AVG\avgcc.exe
E:\Zone Alarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
E:\Iconoid\iconoid.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\acs.exe
E:\Norton GoBack\GBTray.exe
D:\Call of Duty\X-fire\xfire.exe
e:\AVG\avgamsvr.exe
e:\AVG\avgupsvc.exe
e:\Norton GoBack\GBPoll.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Matt\Desktop\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogonStudio] "e:\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AVG7_CC] e:\AVG\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Zone Alarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKCU\..\Run: [Iconoid] "E:\Iconoid\iconoid.exe"
O4 - Startup: Xfire.lnk = D:\Call of Duty\X-fire\xfire.exe
O4 - Global Startup: Norton GoBack.lnk = E:\Norton GoBack\GBTray.exe
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\acs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - e:\AVG\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - e:\AVG\avgupsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - e:\Norton GoBack\GBPoll.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Management Service - Unknown owner - C:\WINDOWS\system32\dmldq.exe
Whenever i type something into google,
And i get results. I click on that results (lets say its youtube.com).
I click on the appropriate one and it does not take me to youtube (or anything else) but to something like http://adtera.com/youtube.cfm?pt=2&rpt=1&kt=1
I have installed and used, zonealarm, AVG 7.5, Spyware, Ad-adware, Crap Cleaner, Hijackthis etc but it does not get rid of it. How do i get rid of it without having to re-install XP, because if i do, i would have to start from scratch for reasons i cant explane. Please help
heres an Hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 02:51:33, on 31/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\LAUNCH~1\LManager.exe
E:\AVG\avgcc.exe
E:\Zone Alarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
E:\Iconoid\iconoid.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\acs.exe
E:\Norton GoBack\GBTray.exe
D:\Call of Duty\X-fire\xfire.exe
e:\AVG\avgamsvr.exe
e:\AVG\avgupsvc.exe
e:\Norton GoBack\GBPoll.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Matt\Desktop\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogonStudio] "e:\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [AVG7_CC] e:\AVG\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Zone Alarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKCU\..\Run: [Iconoid] "E:\Iconoid\iconoid.exe"
O4 - Startup: Xfire.lnk = D:\Call of Duty\X-fire\xfire.exe
O4 - Global Startup: Norton GoBack.lnk = E:\Norton GoBack\GBTray.exe
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\acs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - e:\AVG\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - e:\AVG\avgupsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - e:\Norton GoBack\GBPoll.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Management Service - Unknown owner - C:\WINDOWS\system32\dmldq.exe