Ask Experts Questions for FREE Help !
Ask
    sillygirl's Avatar
    sillygirl Posts: 12, Reputation: 2
    New Member
     
    #1

    Sep 3, 2008, 04:06 PM
    Browser hijacker?
    Hi,
    I've picked up a redirect/browswer hijack bug ,as yet none of my security measures have picked it up ,
    But I can't access any web pages other than ad sites.

    So I'm posting my hijackthis log could somebody please have a look at it for me .

    I'm running xp sp3
    sillygirl's Avatar
    sillygirl Posts: 12, Reputation: 2
    New Member
     
    #2

    Sep 3, 2008, 04:08 PM
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\kdx\KHost.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Internet Explorer\Iexplore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\WINDOWS\system32\wuauclt.exe
    Scleros's Avatar
    Scleros Posts: 2,165, Reputation: 262
    Hardware Expert
     
    #3

    Sep 3, 2008, 05:58 PM
    I don't recognize C:\WINDOWS\kdx\KHost.exe (doesn't mean it's not legit). Also, it may be a browser helper object that executes in the context of Internet Explorer and won't show up in the process list without a utility to show all loaded modules like Process Explorer. Look at the start page and BHO sections of the Hijack log or the IE add-ons interface. Also check contents of hosts file in %SystemRoot%\system32\drivers\etc\.

    Firefox?
    invisibleman_productions's Avatar
    invisibleman_productions Posts: 207, Reputation: 12
    Full Member
     
    #4

    Sep 9, 2008, 09:06 AM
    Hi sillygirl

    Your hijackthis log is incomplete . We need to see the 01 ,02 ,03 entries .To know what is causing the browser re directions.

    Also run the 3 programs listed below

    1. Run Malwarebytes Anti-Malware
    Spyware Fighter: Malwarebytes' Anti-Malware

    2. Run Superantispyware
    Spyware Fighter: SUPERAntiSpyware Home Edition (free version)

    3 . Run a complete scan with Dr. Web CureIt
    Spyware Fighter: Dr. Web CureIt

    Use Firefox or Google chrome to prevent browser redirection.

Not your question? Ask your question View similar questions

 

Question Tools Search this Question
Search this Question:

Advanced Search

Add your answer here.


Check out some similar questions!

Browser [ 2 Answers ]

Does anyone know how to disable your internet browser so it does not record the web sites you have visited?

Ie 6 browser [ 3 Answers ]

How can I reinstall i.e. 6 after being unsuccessful in installing i.e. 7?

Hijacker.Agent.a [ 8 Answers ]

I did a scan with Ewido and it found Hijacker.Agent.a which it quarantined. On doing another scan it again appeared so this time I deleted it but next time I scanned it was back. What is this and how can I get rid of it. Thanks.

AOL Browser [ 13 Answers ]

I click on the shortcut to launch the browser and it launches, but after it loads my home page, the browser closes . Any ideas? Thanks. I have some bookmarks that I would like to get and backup before I uninstall and re install


View more questions Search