Is this a hijack? - Footslog's Web Boards

For information on how to deal with, and protect your computer, please go down to the bottom of the help desk to the archive section (main page). From there select how to combat Spyware, in this archive there are many tools, which will help you combat this problem. Problems concerning the Windows XP Operating System should go in this forum.

Thread Closed

Email This Page to Someone

Footslog's Web Boards

Windows XP

Is this a hijack?

profile | register | preferences | faq | search

This topic has been transferred to this forum: Cyber safety .

next newest topic | next oldest topic

Author	Topic: Is this a hijack?
Josh1 Administrator	posted June 15, 2005 12:15 PM I am going to move your topic to Cyber Safety you can go to your topic here: http://www.footslog.com/board/Forum18/HTML/000537.html ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. [This message has been edited by Josh1 (edited June 15, 2005).] IP: Logged
Josh1 Administrator	posted June 13, 2005 02:06 PM I do not think that it is in Windows update yet, I think that this program will come installed in Microsoft Codename Longhorn, with Microsoft OneCare (MS antivirus), you can get MS Antispyware and others here http://www.footslog.com/board/Archives/Archive-000003/HTML/20050327-16-000026.html you are welcome for the help ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sweetsue Member	posted June 13, 2005 09:23 AM Should that come down as an update ? The "Microsoft free anti-spyware program" that is. I did not think of a BHO.....thanks. Will look further on that one. Sue. IP: Logged
wedor Moderator	posted June 09, 2005 07:17 AM The page jump is ususally caused by a BHO (Browser Helper Object) and won't necessarily show up in a scan. Xoftspy was a scam company that "found" stuff that wasn't necessarily there and other such tricks of the scam trade, supposedly they have cleaned up their act but their product does not rate all that high for actually doing anything other than making itself look good by inflating its own statistics. Uss the Microsoft free anti-spyware program, hard to beat and it's free. IP: Logged
Josh1 Administrator	posted June 08, 2005 01:56 PM Never heard of that software will have to check it out, you will not have to reformat if you get all that stuff of the computer. ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sweetsue Member	posted June 08, 2005 08:12 AM I am using Xoftspy. It is up there with the rest I recon. Actually I had adaware on it and took it off to use Xoftspy and found more with it than adaware found. So I now use Xoftspy. I am contemplating a format and re-install. Sue. IP: Logged
Josh1 Administrator	posted June 06, 2005 01:45 PM Do you have any programs such as Adaware , Spybot, and MS Antispyware, if not then go here to get them, and then run them. http://www.footslog.com/board/Archives/Archive-000003/HTML/20050327-16-000026.html ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sweetsue Member	posted June 06, 2005 09:00 AM These are some of the sites that it just jumped to. http://www.accoona.com/?utm_id=2001&utm_source=kcedeet&utm_medium=redir&utm_campa ign=kcedeet1 http://www.888.com/default.htm?lang=en&SR=684600 http://www.loadingwebsite.com/normal/yyy75.html There are others and it does it nearly all the time. Sue [This message has been edited by sweetsue (edited June 06, 2005).] IP: Logged
Josh1 Administrator	posted June 06, 2005 01:16 AM I cannot find anything incriminating on your hijack scan, what WebPages does it jump too? And does it do it all the time? ------------------ Powered by Intelligent Computing Solutions. ------------------------ www.footslog.com www.compsol.8k.com For every problem, there is a solution. IP: Logged
sweetsue Member	posted June 05, 2005 07:27 AM This pc will jump to another page when it wants to. It is random. If I do a search it will jump for sure. It jumps to a page named spotresults.com etc, ect....it just did it while I was typing this now. Most anoying. I have results of a scan of hijack and here are the results if you please help me with this. Sue. Logfile of HijackThis v1.99.1 Scan saved at 11:45:02 AM, on 5/06/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\ctfmon.exe C:\Hij\HijackThis.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0CCFAB28-F00D-4D04-B3BD-6850BA602449}: NameServer = 203.49.70.20 139.134.2.190 O17 - HKLM\System\CS1\Services\Tcpip\..\{0CCFAB28-F00D-4D04-B3BD-6850BA602449}: NameServer = 203.49.70.20 139.134.2.190 O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\dnp8017ue.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe IP: Logged

All times are CT (US)	next newest topic \| next oldest topic
Administrative Options: Open Topic \| Archive/Move \| Delete Topic
	Hop to:

Contact Us | Footslog Home

The information presented on FootsloG.com is copyrighted as a collective work. FootsloG.com is free for personal use (non-commercial). Any other use FootsloG.com, including copying or reproducing any portion of this web site is strictly prohibited without the express written consent of FootsloG.com. If you have any questions about the usage term please contact us via email: webmaster@footslog.com.

Problems, Knowledge, and Power, powered by intelligent Computing Solutions