Front Page Hi Jack Issue

This is my first post and I appreciate the opportunity.

Currently I run Ad-Ware and Spy Bot daily and have Start Page Guard v2.51

Recently my front page was Hi-Jacked and I've tried all sorts of ways
to defeat it and finally decided to post here and ask for HELP. The above programs have not provided a cure.

Whenever I try to bring my front page URL up the URL below hi jacks the page:

http://t.swapx.cc/h.php?aid=20009

Thank you in advance for any help.

Golftp

 

Golftp,
Welcome to Major Geeks.

I would like to direct you to our tutorial

http://forums.majorgeeks.com/showthread.php?t=35407
MajorGeeks Support Forums - READ ME FIRST: Basic Spyware, Trojan And Virus Removal.

 

Again, I want to thank you for having this service available.

Per your instructions I did read and perform the tasks today at

http://forums.majorgeeks.com/showthread.php?t=35407

I'm running Windows 98 and downloaded the programs you did
suggest. Unfortunately I still am having problems with my front
page being hi jacked and the hi jack page is even popping up when I'm
trying to work on other pages.

Thank you in advance for any additional help.

Golftp

 

Again thank you for the assistance. Attached is my log file per your
request.

Golftp

 

you have a remote trojan on your PC.

Make sure NAV is up to date and scan again. If it is still found then you may need to try a specific Trojan Cleaner like A-Squared.
http://www.majorgeeks.com/download.php?det=4281


C:\WINDOWS\SYSTEM\SUCHOST.EXE
C:\WINDOWS\SYSTEM\SUCHOSTP.EXE
C:\WINDOWS\SYSTEM\GBFY5LCYI0Z1.EXE

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [jopa] C:\WINDOWS\SYSTEM\SYSSTARTUP.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

It would be a good idea to go to add/remove and uninstall anything you don't recognize and all search toolbars like mywebsearch , websearch.. etc.

I don't know if the following are legit so stand by for chaslang to confirm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://super-spider.com/sp.htm?id=80
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O4 - HKLM\..\Run: [SpyBlocs] C:\PROGRAM FILES\SPYBLOCS\SpyBlocs.exe
O4 - HKCU\..\Run: [Spyware Begone] C:\FREESCAN\FREESCAN.EXE -FastScan

 

Thanks Kodo, I'll stand by for Chaslang to confirm.

 

ChasLang thank you for your time.

Performed the tasks you asked me to do.

Spyblocs.exe was not there.
FREESCAN.EXE was not there.

I attached the new HGT log per your request.

Please advise.

My home page is still HiJacked.

Golftp

 

You still have quite a problem.
Coolweb is still there and so is the Treb Trojan.
Download this

http://www.majorgeeks.com/download172.html
|MG| Free Download - a-squared (a²) Personal Edition 1.1

Run through the tutorial again but dot not reboot to normal mode. Run teh A2 trojan scanner. Then Run HJT and get rid of the following

C:\WINDOWS\SYSTEM\SUCHOST.EXE
C:\WINDOWS\SYSTEM\SUCHOSTP.EXE
(see if you can manually delete this files too)
C:\WINDOWS\SYSTEM\GBFY5LCYI0Z1.EXE

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\SYSTEM\SRU6ET~1.DLL

O4 - HKLM\..\Run: [Olive System] C:\WINDOWS\SYSTEM\suchost.exe
O4 - HKLM\..\Run: [jopa] C:\WINDOWS\SYSTEM\SYSSTARTUP.EXE
O4 - HKCU\..\Run: [romahere2] C:\WINDOWS\SYSTEM\GBFY5LCYI0Z1.EXE
O4 - HKCU\..\Run: [uninstal] regsvr32 /u /s image.dll
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\SYSTEM\SRU6ET~1.DLL

O4 - HKLM\..\Run: [Olive System] C:\WINDOWS\SYSTEM\suchost.exe
O4 - HKLM\..\Run: [SpyBlocs] C:\PROGRAM FILES\SPYBLOCS\SpyBlocs.exe
O4 - HKLM\..\Run: [jopa] C:\WINDOWS\SYSTEM\SYSSTARTUP.EXE
O4 - HKCU\..\Run: [romahere2] C:\WINDOWS\SYSTEM\GBFY5LCYI0Z1.EXE
O4 - HKCU\..\Run: [Spyware Begone] C:\FREESCAN\FREESCAN.EXE -FastScan
O4 - HKCU\..\Run: [uninstal] regsvr32 /u /s image.dll