Go Back   Velocity Reviews > Newsgroups > Computer Information
Google search hijacker help. Google search hijacker help.
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

Computer Information - Google search hijacker help.
 
Thread Tools Search this Thread
Old 12-27-2008, 03:09 AM   #1
Default Google search hijacker help.


A program is hijacking my Google search results and going to ads. It
is also blocking http://www.trendmicro.com, the hijack this site, and
Microsoft Update. I tried installing hijack this from http://www.download.com
but that does not install. I tried IE because I'm a Firefox user and
it affects it. Installing google chrome triggers an error. Every site
i go for help is blocked. Ad Aware says the hosts file is modified and
when i click on fix it does nothing. I also scanned my pc useing avg
and it did not find a virus. Avg will not update too. In my hosts file
i get this #Start of lines by win help 2002.


pat@patsemail.tk
  Reply With Quote
Old 12-27-2008, 03:36 AM   #2
pat@patsemail.tk
 
Posts: n/a
Default Re: Google search hijacker help.
Hijack this result.
I managed to get hijack this to run and here is my log

va\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin
\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\hi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigpond.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=22028
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-
B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat
\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection -
{53707962-6F74-2D53-2644-206D7942484F} - C:
\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:
\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck
\HDeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime
\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes
\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE
\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java
\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /
STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe
\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon
\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter
\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files
\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft
\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files
\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search
& Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /
background
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft
\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft
\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft
\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft
\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}
- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:
\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:
\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files
\Common Files\Apple\Mobile Device Support\bin
\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS
\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS
\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o.
- C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:
\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:
\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour
\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib - Canon Inc. -
C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown
owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin
\iPodService.exe

--
End of file - 6103 bytes


pat@patsemail.tk
  Reply With Quote
Old 12-28-2008, 02:06 AM   #3
gnu / linux
 
Posts: n/a
Default Re: Google search hijacker help.
On Dec 26, 9:36*pm, p...@patsemail.tk wrote:
> Hijack this result.
> I managed to get hijack this to run and here is my log
>
> va\jre1.6.0_03\bin\jusched.exe
> C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
> C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
> C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
> C:\WINDOWS\system32\ctfmon.exe
> C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
> C:\Program Files\Messenger\msmsgs.exe
> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
> C:\Program Files\Common Files\Apple\Mobile Device Support\bin
> \AppleMobileDeviceService.exe
> C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
> C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
> C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
> C:\Program Files\Bonjour\mDNSResponder.exe
> C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
> C:\WINDOWS\system32\svchost.exe
> C:\Program Files\Canon\CAL\CALMAIN.exe
> C:\Program Files\iPod\bin\iPodService.exe
> C:\Program Files\Mozilla Firefox\firefox.exe
> C:\WINDOWS\system32\wuauclt.exe
> C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
> C:\Program Files\hi\HijackThis.exe
>
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.bigpond.com/
> R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://go.microsoft.com/fwlink/?LinkId=22028
> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
> Settings,ProxyOverride = *.local
> O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-
> B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat
> \ActiveX\AcroIEHelper.dll
> O2 - BHO: Spybot-S&D IE Protection -
> {53707962-6F74-2D53-2644-206D7942484F} - C:
> \PROGRA~1\SPYBOT~1\SDHelper.dll
> O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:
> \Program Files\Java\jre1.6.0_03\bin\ssv.dll
> O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck
> \HDeck.exe 1
> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime
> \QTTask.exe" -atboottime
> O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes
> \iTunesHelper.exe"
> O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE
> \Core-Static\CLIStart.exe"
> O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java
> \jre1.6.0_03\bin\jusched.exe"
> O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /
> STARTUP
> O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe
> \Reader 8.0\Reader\Reader_sl.exe"
> O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon
> \SolutionMenu\CNSLMAIN.exe /logon
> O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter
> \BJMyPrt.exe /logon
> O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files
> \Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
> O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft
> \OmniPageSE4\OpwareSE4.exe"
> O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files
> \Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
> O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
> O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search
> & Destroy\TeaTimer.exe
> O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /
> background
> O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft
> \AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
> O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft
> \AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
> O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft
> \AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
> O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft
> \AVG7\avgw.exe /RUNONCE (User 'Default user')
> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
> - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
> O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-
> AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
> O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}
> - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
> O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
> {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:
> \PROGRA~1\SPYBOT~1\SDHelper.dll
> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
> - C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-
> BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
> O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:
> \Program Files\Lavasoft\Ad-Aware\aawservice.exe
> O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files
> \Common Files\Apple\Mobile Device Support\bin
> \AppleMobileDeviceService.exe
> O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS
> \system32\Ati2evxx.exe
> O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS
> \system32\ati2sgag.exe
> O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o.
> - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
> O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:
> \PROGRA~1\Grisoft\AVG7\avgupsvc.exe
> O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:
> \PROGRA~1\Grisoft\AVG7\avgemc.exe
> O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour
> \mDNSResponder.exe
> O23 - Service: Canon Camera Access Library 8 (CCALib - Canon Inc. -
> C:\Program Files\Canon\CAL\CALMAIN.exe
> O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown
> owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
> O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin
> \iPodService.exe
>
> --
> End of file - 6103 bytes

good ole Windows


gnu / linux
  Reply With Quote
Reply

« Re: boot.ini file question | Retroengineering »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Catching Google Search Keywords Using Http Handler Class nagaraj309 Software 0 12-02-2008 06:43 AM
Google redirects me to another search engine Markymark74 General Help Related Topics 2 09-21-2007 10:50 AM
Google Groups Killfile - No more annoying posts! Jordan DVD Video 2 09-01-2007 11:26 PM
Why It Make Sense For Google To Buy YouTube @ The TechZone Silverstrand Front Page News 0 10-10-2006 08:30 PM
36168 Mining the Web: Jacobian Matrix Constructs with eigenVectorSearching 36168 Web Science DVD Video 0 11-16-2004 10:01 PM


Contact Us - - Archive - Privacy Statement - Top


SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46