• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
josh198

Homepage is hijacked!!!

2 posts in this topic

My homepage has been hijacked with some dodgy icanfindit.net website! HELP!!! i have tried Hijackthis, adware, CWS shredder and VX2 finder and it isn't working. It also puts a bunch of websites (mostly porn) that I don't want in my favorites too. I would really like to get this taken care of without having to destroy my computer. Please help me as this is very annoying

Here is the HijackThis Notepad file:

 

Logfile of HijackThis v1.98.0

Scan saved at 3:24:43 PM, on 29/07/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\sistray.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\htpatch.exe

C:\Program Files\Telstra\Toolbar\bpumTray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\system32\32hhms.exe

C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\Aston Villa\Screen Saver\TaskTray.exe

C:\WINDOWS\system32\winproc32.exe

C:\WINDOWS\SPSPSPntnt.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe

C:\WINDOWS\system32\drivers\dcfssvc.exe

C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\System32\E_S00RP2.EXE

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\transfer\hjtlog.exe

c:\hijackthis\hijackthis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\sp.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: ActivateBand Class - {4C7B6DE1-99A4-4CF1-8B44-68889900E1D0} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: BigPond Toolbar - {7A431EC4-CC21-4DF7-9DB1-A2CF74C4CC98} - C:\Program Files\Telstra\Toolbar\bpumToolBand.dll

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE

O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe

O4 - HKLM\..\Run: [bigPond Toolbar] "C:\Program Files\Telstra\Toolbar\bpumTray.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [32hhms] C:\WINDOWS\system32\32hhms.exe

O4 - HKCU\..\Run: [Aston Villa screen saver] "C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\Aston Villa\Screen Saver\TaskTray.exe"

O4 - HKCU\..\Run: [spywareGuard] C:\WINDOWS\system32\winproc32.exe

O4 - HKCU\..\Run: [32hhms] C:\WINDOWS\system32\32hhms.exe

O4 - HKCU\..\Run: [Windows Update Checker] C:\WINDOWS\SPSPSPntnt.exe

O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://telstra.com

O16 - DPF: {11111111-1111-1111-1111-111111111732} - file://c:\progra~1\pl.exe

O16 - DPF: {2646205B-878C-11D1-B07C-0000C040BCDB} (NSIEMisc Class) - file://D:\HD\nskey.dll

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au,vic.bigpond.net.au

O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au,vic.bigpond.net.au

O17 - HKLM\System\CS2\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au

O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au,vic.bigpond.net.au

O17 - HKLM\System\CS3\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au

O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = nsw.bigpond.net.au,vic.bigpond.net.au

 

thanks

josh

Share this post


Link to post
Share on other sites

Click here to download FindnFix.exe (2K/XP only!) by freeatlast. Double-click on the FINDnFIX.exe and it will install a folder called FINDnFIX on your system. Go to that folder and double-click on !LOG!.bat. The program takes a few minutes to collect the necessary information. When done post the contents of Log.txt in this thread.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0