Browser Redirect Problem

T

Timestone2000

New member
Hello everyone I am having a problem if I click on certain websites it sends me to a website saying I have a virus could someone please help this has only just started today

I have ran
Spybot
SUPERAntiSpyware
AVG
Spyware Terminater
Malewearbytes

and they all come up clean

here is my HijackThis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:29:42, on 06/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3

(6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Virgin Broadband

Wireless\AffinegyService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\WinPcap\rpcapd.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program

Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Virgin Broadband

Wireless\Wireless Manager.exe
C:\Program Files\Virgin Broadband

Wireless\ndis_events.exe
C:\Program Files\Virgin Broadband

Wireless\wpa_supplicant.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Downloads\HiJackThis(1).exe

R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://www.google.co.uk/
O2 - BHO: btorbit.com -

{000123B4-9B42-4900-B3F7-F4B073EFC214} -

C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat

7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper -

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -

{DBC80044-A445-435b-BC74-9C25C1C588A9} -

C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} -

C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program

Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG8_TRAY]

C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program

Files\Spyware

Terminator\SpywareTerminatorShield.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL

SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK

SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\CTFMON.EXE (User 'Default

user')
O8 - Extra context menu item: &Download by Orbit

- res://C:\Program

Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by

Orbit - res://C:\Program

Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected

by Orbit - res://C:\Program

Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by

Orbit - res://C:\Program

Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001

- {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}

(Facebook Photo Uploader 5 Control) -

http://upload.facebook.com/controls/2008.10.10_v5

.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}

(MSN Photo Upload Tool) -

http://gfx1.hotmail.com/mail/w3/resources/MSNPUpl

d.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}

(WUWebControl Class) -

http://www.update.microsoft.com/windowsupdate/v6/

V5Controls/en/x86/client/wuweb_site.cab?123237947

1546
O18 - Protocol: linkscanner -

{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program

Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter -

C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AffinegyService - Affinegy LLC -

C:\Program Files\Virgin Broadband

Wireless\AffinegyService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG

Technologies CZ, s.r.o. -

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter

(JavaQuickStarterService) - Sun Microsystems,

Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Remote Packet Capture Protocol v.0

(experimental) (rpcapd) - CACE Technologies -

C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Terminator Realtime Shield

Service (sp_rssrv) - Crawler.com - C:\Program

Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Broadcom Wireless LAN Tray Service

(wltrysvc) - Unknown owner -

C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 5335 bytes


Any help would be great as Im not that technical savvy
 
im bumping this tread to ask is this problem easy to fix because my local PC shop will try to fix it and im hoping it wont be a big job
 
You must log in or register to reply here.
Back
Top