Possible Spyware Hijacker??

Discussion in 'Malware Help (A Specialist Will Reply)' started by Gensuknives, Jan 27, 2007.

  1. Gensuknives

    Gensuknives Grand pooty-meister

    The other day I posted a thread in the Networking Support Forum, concerning a problem I had with Firefox --- http://208.101.7.150/forums/showthread.php?t=115065

    It seemed strange to me because from my laptop going through wireless router, I had no problem clicking on site in email and being directly connected to that site. (www.hypertracker.com) But on this desktop machine (which is the base for my router and internet cable connection) it got the listed error message.

    It was suggested that maybe I had a spyware hyjacker problem.

    I ran all the suggested scans (attached below and next post) but I still think I may have a Zone Alarm problem.

    Help, please? Suggestions?
    Thanx in advance for help and advice.
    :eek:
     

    Attached Files:

    Last edited: Jan 27, 2007
    Gensuknives, Jan 27, 2007
    #1
  2. Gensuknives

    Gensuknives Grand pooty-meister

    Second set of uploads.
     

    Attached Files:

    Gensuknives, Jan 27, 2007
    #2
  3. Gensuknives

    Gensuknives Grand pooty-meister

    I may have uploaded the wrong log file. Here is the CounterSpy log.
     

    Attached Files:

    Gensuknives, Jan 27, 2007
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:


    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r4.attbi.com:8000
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.r4.attbi.com;localhost

    After clicking Fix, exit HJT.


    Do you know what this is? If not, delete it.

    C:\WINDOWS\glhvz.dll


    I'm not seeing anything out of the ordinary (You could have counterspy remove the items from your partypoker...up to you).

    I would think that your problems could be ZoneAlarm. Try disablingor uninstaling it and see what happens.
     
    TimW, Jan 27, 2007
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds