I am getting re-directed to miscellaneous sites (such as gateway.admarketplace) and a bunch of others when I click on a new link after a Google search. This is very frustrating when doing research. I have to either copy/paste the Google listed URL into the http line or type it in manually to get the desired page to come up.
Below is my HJT log. Any ideas?
Thanks,
Bruce
=====================
Logfile of HijackThis v1.99.1
Scan saved at 8:18:47 PM, on 5/13/2008
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.6000.16640)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec
Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec
Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2
F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec
Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec
Shared\SPBBC\SPBBCSvc.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common
Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\Program
Files\Symantec\LiveUpdate\ALUScheduler
Svc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware
7.5\guard.exe
C:\WINNT\SYSTEM32\GEARSEC.EXE
C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
C:\Program
Files\CA\SharedComponents\CA_LIC\Log
WatNT.exe
C:\Program Files\Norton Internet
Security\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\alg.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\HP
Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\HEWLET~1\HP
Share-to-Web\hpgs2wnf.exe
C:\WINNT\System32\NILaunch.exe
C:\WINNT\SM1BG.EXE
C:\WINNT\system32\LVCOMSX.EXE
C:\Program
Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Common Files\Symantec
Shared\ccApp.exe
C:\WINNT\system32\WDBtnMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Panicware\Pop-Up Stopper
Free Edition\PSFree.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google
Updater\GoogleUpdater.exe
C:\Program Files\Hewlett-Packard\AiO\hp
officejet k series\Bin\hpoorn07.exe
C:\Program
Files\Logitech\Video\FxSvr2.exe
C:\Program
Files\Iomega\Tools\IMGICON.EXE
C:\Program
Files\Logitech\SetPoint\SetPoint.exe
C:\Program
Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Intuit\QuickBooks
Pro\Components\QBAgent\qbdagent2001.e
xe
C:\Program Files\My Book\WD
Backup\uBBMonitor.exe
C:\Program Files\Common
Files\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bi
n\hpoevm07.exe
C:\WINNT\system32\hpoipm07.exe
C:\Program Files\Common Files\Symantec
Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Outlook
Express\msimn.exe
C:\Program
Files\Hewlett-Packard\AiO\Shared\bin\hpO
STS07.exe
C:\Program
Files\Hewlett-Packard\AiO\Shared\bin\hpO
FXM07.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\unzipped\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft....nk/?LinkId=5489
6
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.apsvideo.com/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft....nk/?LinkId=6915
7
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft....nk/?LinkId=5489
6
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft....nk/?LinkId=5489
6
O2 - BHO: Adobe PDF Reader Link Helper
-
{06849E9F-C8D7-4D59-B87D-784B7D6BE0
B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.
dll
O2 - BHO: Norton Internet Security 2006 -
{9ECB9560-04F9-4bbc-943D-298DDF1699E
1} - C:\Program Files\Common
Files\Symantec
Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper -
{A8F38D8D-E480-4D52-B7A2-731BB6995F
DD} - C:\Program Files\Norton Internet
Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD2
05D} - C:\Program
Files\Google\GoogleToolbarNotifier\2.1.615.
5858\swg.dll
O3 - Toolbar: Norton Internet Security 2006
-
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676
A7} - C:\Program Files\Common
Files\Symantec
Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus -
{C4069E3A-68F1-403E-B40E-20066696354
B} - C:\Program Files\Norton Internet
Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Share-to-Web
Namespace Daemon] C:\Program
Files\Hewlett-Packard\HP
Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Synchronization
Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Net-It Launcher]
C:\WINNT\System32\NILaunch.exe
O4 - HKLM\..\Run: [SM1BG]
C:\WINNT\SM1BG.EXE
O4 - HKLM\..\Run: [LVCOMSX]
C:\WINNT\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair]
C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray]
C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [NapsterShell]
C:\Program Files\Napster\napster.exe
/systray
O4 - HKLM\..\Run: [ccApp] "C:\Program
Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [WD Button Manager]
WDBtnMgr.exe
O4 - HKLM\..\Run: [Symantec PIF
AlertEng] "C:\Program Files\Common
Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2
F227FCA9A08}\PIFSvc.exe" /a /m
"C:\Program Files\Common
Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2
F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [iTunesHelper]
"C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed
Launcher] "C:\Program Files\Adobe\Reader
8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [NAVNT 2006Seq]
C:\WINNT\TEMP\LUProdRg.exe
/f:C:\WINNT\TEMP\2006LUProdRg.ini
/s:SPW_Set_Sequence
O4 - HKCU\..\Run:
[PopUpStopperFreeEdition]
"C:\PROGRA~1\Panicware\Pop-Up Stopper
Free Edition\PSFree.exe"
O4 - HKCU\..\Run: [MSMSGS]
"C:\Program
Files\Messenger\msmsgs.exe"
/background
O4 - HKCU\..\Run: [Yahoo! Pager]
C:\Program
Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run:
[LogitechSoftwareUpdate] "C:\Program
Files\Logitech\Video\ManifestEngine.exe"
boot
O4 - HKCU\..\Run: [updateMgr] C:\Program
Files\Adobe\Acrobat
7.0\Reader\AdobeUpdateManager.exe
AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINNT\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma
Loader.exe.lnk = C:\Program Files\Program
Files\Common
Files\Adobe\Calibration\Adobe Gamma
Loader.exe
O4 - Global Startup: Google Updater.lnk =
C:\Program Files\Google\Google
Updater\GoogleUpdater.exe
O4 - Global Startup: HPAiODevice(hp
officejet k series) - 1.lnk = C:\Program
Files\Hewlett-Packard\AiO\hp officejet k
series\Bin\hpoorn07.exe
O4 - Global Startup: Iomega Backup
Scheduler.lnk = C:\Program
Files\Iomega\Iomega Backup\dtiom98.exe
O4 - Global Startup: Iomega Icons.lnk =
C:\Program
Files\Iomega\Tools\IMGICON.EXE
O4 - Global Startup: Iomega Startup
Options.lnk = C:\Program
Files\Iomega\Tools\IMGSTART.EXE
O4 - Global Startup: IomegaWare.lnk =
C:\Program
Files\Iomega\Iomegaware\COMMANDER.E
XE
O4 - Global Startup: Logitech SetPoint.lnk
= C:\Program
Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Lotus QuickStart.lnk =
C:\lotus\wordpro\ltsstart.exe
O4 - Global Startup: Microsoft Office.lnk =
C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 - Global Startup: QuickBooks 2001
Delivery Agent.lnk = C:\Program
Files\Intuit\QuickBooks
Pro\Components\QBAgent\qbdagent2001.e
xe
O4 - Global Startup: QuikSync.lnk =
C:\Program
Files\Iomega\QuikSync\QUIKSYNC.EXE
O4 - Global Startup: WD Backup
Monitor.lnk = C:\Program Files\My
Book\WD Backup\uBBMonitor.exe
O8 - Extra context menu item: &Search -
http://edits.mywebse...m/toolbaredits/
menusearch.jhtml?p=ZUxdm484MFUS
O9 - Extra button: Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0
AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo!
Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0
AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM -
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE
45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F79568
3} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F79568
3} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF:
{44990200-3C9D-426D-81DF-AAB636FA43
45} (Symantec SmartIssue) -
https://www-secure.s...tec.com/techsup
p/asa/ctrl/tgctlsi.cab
O16 - DPF:
{44990301-3C9D-426D-81DF-AAB636FA43
45} (Symantec Script Runner Class) -
https://www-secure.s...tec.com/techsup
p/asa/ctrl/tgctlsr.cab
O16 - DPF:
{49232000-16E4-426C-A231-62846947304B
} -
http://ipgweb.cce.hp...dqna/downloads/
sysinfo.cab
O16 - DPF:
{6A344D34-5231-452A-8A57-D064AC9B786
2} (Symantec Download Manager) -
https://webdl.symant...m/activex/symdl
mgr.cab
O16 - DPF:
{6E32070A-766D-4EE6-879C-DC1FA91D2F
C3} (MUWebControl Class) -
http://update.micros.../microsoftupdat
e/v6/V5Controls/en/x86/client/muweb_site.c
ab?1164682347843
O16 - DPF:
{9600F64D-755F-11D4-A47F-0001023E6D5
A} (Shutterfly Picture Upload Plugin) -
http://web1.shutterf...downloads/Uploa
der.cab
O16 - DPF:
{CE28D5D2-60CF-4C7D-9FE8-0F47A33080
78} -
http://www.symantec....echsupp/asa/ctr
l/SymAData.cab
O16 - DPF:
{DE625294-70E6-45ED-B895-CFFA13AEB
044} (AxisMediaControlEmb Class) -
http://207.111.165.30/activex/AMC.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{2E1
DB1AD-92B4-40E9-8228-D56D3EAEEDE6}
: NameServer =
85.255.116.174,85.255.112.76
O17 -
HKLM\System\CCS\Services\Tcpip\..\{81A
E8400-7D97-424B-8F43-769BECA2D115}:
NameServer =
85.255.116.174,85.255.112.76
O17 -
HKLM\System\CCS\Services\Tcpip\..\{FDF
55522-0B10-4D18-99FD-29C1CA8A6E24}:
NameServer =
85.255.116.174,85.255.112.76
O17 -
HKLM\System\CS1\Services\Tcpip\Parame
ters: NameServer = 85.255.116.174
85.255.112.76
O17 -
HKLM\System\CS3\Services\Tcpip\Parame
ters: NameServer = 85.255.116.174
85.255.112.76
O17 -
HKLM\System\CCS\Services\Tcpip\Parame
ters: NameServer = 85.255.116.174
85.255.112.76
O20 - Winlogon Notify: WgaLogon -
C:\WINNT\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj -
{AAA288BA-9A4C-45B0-95D7-94D524869D
B5} -
C:\WINNT\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple,
Inc. - C:\Program Files\Common
Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: AutoComplete Service
(Autocomplete) - Internet Washer -
C:\PROGRA~1\Internet Washer
Pro\autocomp.exe
O23 - Service: Automatic LiveUpdate
Scheduler - Symantec Corporation -
C:\Program
Files\Symantec\LiveUpdate\ALUScheduler
Svc.exe
O23 - Service: AVG Anti-Spyware Guard -
GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: CA License Client
(CA_LIC_CLNT) - Unknown owner -
C:\Program
Files\CA\SharedComponents\CA_LIC\\lic98
rmt.exe (file missing)
O23 - Service: Symantec Event Manager
(ccEvtMgr) - Symantec Corporation -
C:\Program Files\Common Files\Symantec
Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security
Password Validation (ccISPwdSvc) -
Symantec Corporation - C:\Program
Files\Norton Internet
Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy
(ccProxy) - Symantec Corporation -
C:\Program Files\Common Files\Symantec
Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager
(ccSetMgr) - Symantec Corporation -
C:\Program Files\Common Files\Symantec
Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) -
Symantec Corporation - C:\Program
Files\Norton Internet Security\comHost.exe
O23 - Service: GEARSecurity - GEAR
Software -
C:\WINNT\SYSTEM32\GEARSEC.EXE
O23 - Service: Google Updater Service
(gusvc) - Google - C:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Common
Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec
Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LuCo
mServer_3_0.EXE
O23 - Service: Event Log Watch
(LogWatch) - Computer Associates -
C:\Program
Files\CA\SharedComponents\CA_LIC\Log
WatNT.exe
O23 - Service: Norton AntiVirus
Auto-Protect Service (navapsvc) -
Symantec Corporation - C:\Program
Files\Norton Internet Security\Norton
AntiVirus\navapsvc.exe
O23 - Service: Norton LiveConnect Service -
Unknown owner - C:\Program
Files\Common Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2
F227FCA9A08}\PIFSvc.exe" /m
"C:\Program Files\Common
Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2
F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Norton Protection Center
Service (NSCService) - Symantec
Corporation - C:\Program Files\Common
Files\Symantec Shared\Security
Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan
(SAVScan) - Symantec Corporation -
C:\Program Files\Norton Internet
Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers
Service (SNDSrvc) - Symantec Corporation
- C:\Program Files\Common
Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc
(SPBBCSvc) - Symantec Corporation -
C:\Program Files\Common Files\Symantec
Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC -
Unknown owner - C:\Program
Files\Common Files\Symantec
Shared\CCPD-LC\symlcsvc.exe
O23 - Service: ZipToA - Iomega Corporation
- C:\WINNT\System32\ZipToA.exe