Results 1 to 2 of 2

Thread: hijack (ie7)

  1. #1
    4 Star Lounger
    Join Date
    May 2003
    Location
    Manchester, Gtr Manchester, England
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts

    hijack (ie7)

    Hi, Ihave vista prem home and when I browse I get a pop up tab startinghttp://fp.pc-on-internet.com...then then usually re directas to any of MULTITUDE of shopping sites. NOt sure how to stop, any help is appreciated. This is my hijack this log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:25:46, on 18/12/2007
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
    Boot mode: Normal

    Running processes:
    C:Program FilesMcAfeeMPSmpsevh.exe
    C:Windowssystem32Dwm.exe
    C:WindowsExplorer.EXE
    C:Program FilesWindows DefenderMSASCui.exe
    C:Program FilesSynapticsSynTPSynTPEnh.exe
    C:Program FilesJavajre1.6.0binjusched.exe
    C:Windowssttray.exe
    C:Windowssystem32taskeng.exe
    C:Program FilesATI TechnologiesATI.ACECLI.EXE
    C:WindowsSystem32WLTRAY.EXE
    C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe
    C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatchTray9.exe
    C:Program FilesMcAfeeMSKmskagent.exe
    C:Program FilesSiteAdvisor6172SiteAdv.exe
    C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
    C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
    C:Windowssystem32wbemunsecapp.exe
    C:Program FilesiTunesiTunesHelper.exe
    c:PROGRA~1mcafee.comagentmcagent.exe
    C:Program FilesWindows Sidebarsidebar.exe
    C:Program FilesDellSupportDSAgnt.exe
    C:Windowsehomeehtray.exe
    C:Program FilesWindows Media Playerwmpnscfg.exe
    C:Program FilesDigital Line DetectDLG.exe
    C:Program FilesDellQuickSetquickset.exe
    C:Windowsehomeehmsas.exe
    C:Program FilesWindows MailWinMail.exe
    C:Program FilesCommon FilesRoxio Shared9.0SharedCOMCPSHelpRunner.exe
    C:Program FilesInternet Explorerieuser.exe
    C:Program FilesInternet Exploreriexplore.exe
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe
    C:Windowssystem32wuauclt.exe
    C:Program FilesSiteAdvisor6253SiteAdv.exe
    C:Windowssystem32MacromedFlashFlashUtil9d.exe
    C:UsersdarrenAppDataLocalMicrosoftWindowsTemporary Internet

    FilesContent.IE58PRRRTRJHiJackThis[1].exe

    R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =

    http://www.google.co.uk/
    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =

    http://www.google.co.uk/ig/dell?hl=en&clie...=uk&ibd=0070427
    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =

    http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
    R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet

    Explorer provided by Dell
    R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-

    784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:Program

    FilesSiteAdvisor6253SiteAdv.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-

    0BBC1D38A37E} - C:Program FilesMicrosoft OfficeOffice12

    GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

    c:Program FilesJavajre1.6.0binssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - crogram

    filesmcafeevirusscanscriptcl.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-

    5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows

    LiveWindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-

    A07C3DB8F777} - C:Program FilesBAEBAE.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} -

    C:Program FilesSiteAdvisor6253SiteAdv.dll
    O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows

    DefenderMSASCui.exe -hide
    O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
    O4 - HKLM..Run: [SunJavaUpdateSched] "c:Program FilesJavajre1.6.0

    binjusched.exe"
    O4 - HKLM..Run: [ATICCC] "C:Program FilesATI

    TechnologiesATI.ACECLIStart.exe"
    O4 - HKLM..Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM..Run: [Broadcom Wireless Manager UI] C:Windowssystem32

    WLTRAY.exe
    O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesCommon

    FilesInstallShieldUpdateServiceissch.exe" -start
    O4 - HKLM..Run: [RoxWatchTray] "C:Program FilesCommon FilesRoxio

    Shared9.0SharedCOMRoxWatchTray9.exe"
    O4 - HKLM..Run: [MskAgentexe] C:Program FilesMcAfeeMSKMskAgent.exe
    O4 - HKLM..Run: [ECenter] c:dellE-CenterEULALauncher.exe
    O4 - HKLM..Run: [ISUSPM Startup] C:PROGRA~1COMMON~1INSTAL~1

    UPDATE~1ISUSPM.exe -startup
    O4 - HKLM..Run: [SiteAdvisor] C:Program FilesSiteAdvisor6253SiteAdv.exe
    O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft OfficeOffice12

    GrooveMonitor.exe"
    O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon

    FilesRealUpdate_OBrealsched.exe" -osboot
    O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -

    atboottime
    O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
    O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe

    /autoRun
    O4 - HKCU..Run: [DellSupport] "C:Program FilesDellSupportDSAgnt.exe"

    /startup
    O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
    O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe"

    /background
    O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media

    PlayerWMPNSCFG.exe
    O4 - HKUSS-1-5-18..RunOnce: [DelayShred] "crogram

    filesmcafeemshrShrCL.EXE" /P7 /q

    C:UsersdarrenAppDataLocalTemp~DFB253.tmp

    C:UsersdarrenAppDataLocalTemp~DFB238.tmp

    C:UsersdarrenAppDataLocalTemp~DF64ED.tmp

    C:UsersdarrenAppDataLocalTemp~DF64DE.tmp

    C:UsersdarrenAppDataLocalTempLowHSPERF~1.SH! (User 'SYSTEM')
    O4 - HKUS.DEFAULT..RunOnce: [DelayShred] "crogram

    filesmcafeemshrShrCL.EXE" /P7 /q

    C:UsersdarrenAppDataLocalTemp~DFB253.tmp

    C:UsersdarrenAppDataLocalTemp~DFB238.tmp

    C:UsersdarrenAppDataLocalTemp~DF64ED.tmp

    C:UsersdarrenAppDataLocalTemp~DF64DE.tmp

    C:UsersdarrenAppDataLocalTempLowHSPERF~1.SH! (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program

    FilesAdobeAcrobat 7.0Readerreader_sl.exe
    O4 - Global Startup: Digital Line Detect.lnk = C:Program FilesDigital Line

    DetectDLG.exe
    O4 - Global Startup: QuickSet.lnk = ?
    O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1

    MICROS~3Office12EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

    c:Program FilesJavajre1.6.0binnpjpi160.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-

    00401C608501} - c:Program FilesJavajre1.6.0binnpjpi160.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

    C:PROGRA~1MICROS~3Office12ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-

    5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

    C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: McAfee Wi-FiScan - http://download.mcafee.com/molbin/iss-

    loc/mwfs/3.1.0.0/WscWlanScannerCtrl.cab
    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) -

    http://dl.tvunetworks.com/TVUAx.cab
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo

    Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient

    Class) -

    http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) -

    http://static.photobox.co.uk/sg/common/uploader_uni.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -

    C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:Program FilesCommon

    FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. -

    C:Windowssystem32Ati2evxx.exe
    O23 - Service: dlcx_device - - C:Windowssystem32dlcxcoms.exe
    O23 - Service: DSBrokerService - Unknown owner - C:Program

    FilesDellSupportbrkrsvc.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:PROGRA~1

    COMMON~1McAfeeEmProxyemproxy.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

    C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:Program

    FilesCommon FilesMcAfeeHackerWatchHWAPI.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. -

    C:PROGRA~1McAfeeMSCmcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:PROGRA~1

    McAfeeMSCmcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - crogram

    filescommon filesmcafeemnamcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:PROGRA~1

    McAfeeVIRUSS~1mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. -

    C:PROGRA~1McAfeeMSCmcpromgr.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:PROGRA~1

    COMMON~1mcafeemcproxymcproxy.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. -

    c:PROGRA~1COMMON~1mcafeeredirsvcredirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. -

    C:PROGRA~1McAfeeVIRUSS~1mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:PROGRA~1

    McAfeeVIRUSS~1mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. -

    C:Program FilesMcAfeeMPFMPFSrv.exe
    O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:PROGRA~1

    McAfeeMPSmps.exe
    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. -

    C:Program FilesMcAfeeMSKMskSrver.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon

    FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions -

    C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatch9.exe
    O23 - Service: SiteAdvisor Service - Unknown owner - C:Program

    FilesSiteAdvisor6253SAService.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:Program

    FilesSigmaTelC-Major AudioWDMSTacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon

    FilesSureThing Sharedstllssvr.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner -

    C:WindowsSystem32WLTRYSVC.EXE
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32

    DRIVERSxaudio.exe

    --
    End of file - 11228 bytes

  2. #2
    5 Star Lounger
    Join Date
    Aug 2004
    Location
    Connecticut, USA
    Posts
    816
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: hijack (ie7)

    <P ID="edit" class=small>(Edited by mbarron on 18-Dec-07 09:54. Added link to HijackThis Log Help - Tech Support Forum)</P>iksotof,
    You'd probably be better served at a site/forum that deals with hijackthis log files. The first one from Google: HijackThis Log Help - Tech Support Forum. You can "self analyze" here HijackThis Log Analyzer

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •