Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Hijacker--PERSISTENT!

  1. #1
    dannyoh Guest

    Default Hijacker--PERSISTENT!

    Hello,

    RE:

    ZoneAlarm Pro version:6.5.737.000
    TrueVector version:6.5.737.000
    Driver version:6.5.737.000
    Anti-spyware engine version:5.0.83.0
    Anti-spyware signature DAT file version:01.200611.575

    I'm a long-term user of Zone Alarm Pro, but (curiously now that my subscription is up for renewal) I've got a persistent browser hijacker--my first ever--that ZoneAlarm Pro simply will not shift! (Nor will Spycatcher, Pest Patrol or Desktop Armor.) I've tried several registry cleaners too, but to no avail

    It keeps redirecting my brower to jpuk.com (and skenzo.com)

    I'm DESPERATE to shift this thing.

    Can anybody help?

    ATB,
    DannyOH

    Operating System:Windows XP Pro
    Product Name:ZoneAlarm Pro
    Software Version:6.5

  2. #2
    billc Guest

    Default Re: Hijacker--PERSISTENT!

    Your best option is probably to use a tool called HijackThis with the advice and guidance of a HijackThis expert. My suggestion would be to try Castle Cops Forum under the "Privacy" section and HijackThis subsection. You likely have an unwanted BHO (Browser Helper Object) that can not be remove with the security software you're using.

  3. #3
    dannyoh Guest

    Default Re: Hijacker--PERSISTENT!

    Hello Bill,

    Yes. thanks. I have an HJT Log, but do not know how to interpret it--and many help forums are reluctant to let its users post complete HJT logs.

    Partially, however, I have BHO's associated with Adobe, Norton Antivirus, Google--and one that I have no notion of:

    "BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - (no file)"

    does that look suspicious to you?

    ATB,
    DannyOH

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Hijacker--PERSISTENT!

    You could try Ewido (=AVG antispyware) and/or superantispyware and if that fails Oldsod have given you the address where to post HJLogs...
    http://www.ewido.net/en/download/
    http://www.superantispyware.com/
    Cheers,Fax


    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    Join Date
    Apr 2004
    Location
    East Coast of Florida - Lightening/Shark Bite Capital of the World
    Posts
    2,477

    Default Re: Hijacker--PERSISTENT!

    Hi DannyOH,

    This specific file belongs to SpyCatcher, http://www.castlecops.com/tk1861-SCActiveBlock_dll.html

    Hope this info has helped you and have a nice day!

    SlyFox
    "Politeness costs nothing and gains everything".

    Click here for ZA Support

    Avail. 24x7 - Excl. Holiday













  6. Default Re: Hijacker--PERSISTENT!

    Hi, Sly Fox and "Fax".
    In addition to my ZoneAlarm Installation, I've already and also
    downloaded and tried: Spycatcher, Pest Patrol and Desk Armor. I guess I could work my way through every anti-spyware program out there, but I think I've already got the message that this thing beats them all!
    (I also find it interesting that, after my having uninstalled Spycatcher AND cleaned out my registry--several times-- its residues are still on my system.
    I use Regvac, by the way, which I have always found thorough.)
    BTW, I've got--SEVEN--017 ("domain Hijack&quot
    listings in my HJT log,
    beside each one of which are the addresses:
    " 85.255.116.72,
    85.255.112.140 "
    I can't recall, immediately, my ISP number, but I know these aren't it!
    (It has a "121" in it somewhere)
    Could these be the bad guys?


    I'll give your options some thought.
    ATB,DannyOH

  7. #7
    dannyoh Guest

    Default Re: Hijacker--PERSISTENT!

    Back again.

    Tried Superantispyware. Same result. This thing is Superpooperooper of spies! It just doesn't want to shift.

    Still thinking about trying ewido.net, but I suspect the result will be the same. Anyway, the thought of downloading Ewido's program makes me nervous. The more I download and install--then uninstall--the more chance I take of really screwing up my rig.

    Hey, FAX: what was that about "oldsod"? Sorry, but I didn't catch the meaning.

    Regards,
    DannyOH

  8. #8
    Join Date
    Apr 2004
    Location
    East Coast of Florida - Lightening/Shark Bite Capital of the World
    Posts
    2,477

    Default Re: Hijacker--PERSISTENT!

    Hi DannyOH,

    To find out your ISP, PLEASE do the following and you will find out your ISP Address. Go to Run type in command , hit 'ok', and type ipconfig /all then press enter. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side. Scroll down list until you see IP Address, there will be your info about your IP Address. To find out about those other IP Addresses, PLEASE go to the following site and insert the addresses in question and it will tell you all sorts of really interesting info about any type of IP Addresses. www.checkdomain.com
    Here is a great assortment of sites that offer free online scanning for bugs. http://www.nod32sse.com/scanners.php

    SlyFox
    "Politeness costs nothing and gains everything".

    Click here for ZA Support

    Avail. 24x7 - Excl. Holiday













  9. Default Re: Hijacker--PERSISTENT!

    It is ok to post your HJT log at Castle Cops. That's what they do there. If you do not know how to interpret the log, it is prudent to let others do it. I do know of an online HJT log-checker that catches a lot, but not all the nasty critters. Try Help2Go where you can copy and paste your log. That might work but the site does miss stuff real human eyes won't. Here's another German site that does the same thing. Click here. I'd try both but you may still need real eyes.

  10. #10
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Hijacker--PERSISTENT!


    <blockquote><hr>DannyOH wrote:
    Back again.

    Hey, FAX: what was that about &quot;oldsod&quot;? Sorry, but I didn't catch the meaning.

    Regards,
    DannyOH
    <hr></blockquote>Ups... I meant &quot;BillC&quot;, sorry mixed up GURUS Fax
    EDIT: EWIDO is supposed to be one of the best antibugs...

    Message Edited by fax on 12-01-200602:19 PM

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •