Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

My Facebook and my My Space links have been hijacked

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

My Facebook and my My Space links have been hijacked

Unread postby jldcallahan » August 30th, 2008, 6:37 am

My Facebook and my My Space links have been hijacked. Have any of you had any experience with this problem? My Space comes up with a page that says in the title "MySpacea place for friends". Exactly like this. The "a" is right up against the e in Space. I don't have enough computer savvy to tell you more than this. Please help!

TrendSecure
Trend Micro
Your current Web browser may not display this site properly.

TrendSecure performs best when opened with the latest version of either Microsoft Internet Explorer or Mozilla Firefox.
Comparison of your HijackThis log file items to others

The table below compares the items HijackThis found on your computer with those on other people's computers. The column "% of PCs with item" indicates what percent of other people's HijackThis log files contain the item in that row of the table. Additional information will be provided as more HijackThis log files are added to the AnalyzeThis database.

Each entry is coded to indicate the type of item it is on your computer. An explanation of these codes may be found at the bottom of this page.

Index % of PCs with item Code Data
1 0.1% O1 ::1 localhost
2 0.4% O16 {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
3 0.1% O16 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
4 1.3% O2 Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
5 0.6% O2 Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
6 0.4% O2 Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
7 0.0% O2 AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
8 0.0% O2 SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
9 0.0% O20 avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
10 1.4% O23 Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11 0.5% O23 AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
12 0.5% O23 AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
13 0.5% O23 iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
14 0.4% O23 Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
15 0.4% O23 AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
16 0.2% O23 Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
17 0.2% O23 Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
18 0.2% O23 Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
19 0.1% O23 Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
20 0.1% O23 Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
21 0.1% O23 COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
22 0.1% O23 Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23 0.1% O23 Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
24 0.0% O23 AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
25 0.0% O23 XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
26 0.0% O23 Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
27 0.0% O23 Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
28 0.0% O23 Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
29 0.0% O23 Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
30 0.0% O23 Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
31 0.0% O23 DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
32 0.0% O23 Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
33 0.0% O23 Blue Coat K9 Web Protection (WebFilter) - Unknown owner - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
34 0.0% O23 lxbm_device - - C:\WINDOWS\System32\lxbmcoms.exe
35 0.0% O23 Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
36 0.0% O23 Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
37 0.4% O3 &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
38 0.1% O3 Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
39 0.0% O3 AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
40 1.8% O4 [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
41 1.0% O4 Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
42 0.9% O4 [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
43 0.9% O4 [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
44 0.8% O4 [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
45 0.6% O4 [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
46 0.5% O4 [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
47 0.3% O4 [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
48 0.3% O4 Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
49 0.3% O4 [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
50 0.1% O4 [Persistence] C:\WINDOWS\system32\igfxpers.exe
51 0.0% O4 [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
52 0.0% O4 [Launcher] %WINDIR%\SMINST\launcher.exe
53 0.0% O4 [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
54 0.0% O4 [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
55 0.0% O4 [lxbmmon.exe] "C:\Program Files\Lexmark 4200 Series\lxbmmon.exe"
56 0.0% O4 [Lexmark 4200 Series Fax Server] "C:\Program Files\Lexmark 4200 Series\fm3032.exe" /s
57 0.0% O4 [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
58 0.0% O4 [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
59 0.0% O8 &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
60 0.0% O9 AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
61 0.0% O9 (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
62 0.0% O9 Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
63 6.2% P01 C:\WINDOWS\Explorer.EXE
64 2.4% P01 C:\Program Files\Internet Explorer\iexplore.exe
65 1.5% P01 C:\WINDOWS\system32\wuauclt.exe
66 0.9% P01 C:\Program Files\iTunes\iTunesHelper.exe
67 0.8% P01 C:\WINDOWS\System32\hkcmd.exe
68 0.8% P01 C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
69 0.4% P01 C:\WINDOWS\system32\igfxpers.exe
70 0.2% P01 C:\WINDOWS\system32\igfxsrvc.exe
71 0.2% P01 C:\Windows\system32\taskeng.exe
72 0.2% P01 C:\Windows\system32\Dwm.exe
73 0.1% P01 C:\Windows\system32\wbem\unsecapp.exe
74 0.1% P01 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
75 0.1% P01 C:\Program Files\Internet Explorer\ieuser.exe
76 0.1% P01 C:\Program Files\Grisoft\AVG7\avgcc.exe
77 0.0% P01 C:\Windows\WindowsMobile\wmdSync.exe
78 0.0% P01 C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
79 0.0% P01 C:\Program Files\Lexmark 4200 Series\LXBMmon.exe
80 0.0% P01 c:\program files\aol\aim toolbar 5.0\AolTbServer.exe
81 0.0% P01 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
82 0.4% R0 HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
83 0.3% R0 HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
84 0.3% R0 HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
85 0.0% R0 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
86 0.0% R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
87 2.3% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
88 2.2% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
89 0.1% R1 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
90 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
91 0.0% R3 AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll

Explanation of the codes

R - Registry, StartPage/SearchPage changes

* R0 - Changed registry value
* R1 - Created registry value
* R2 - Created registry key
* R3 - Created extra registry value where only one should be

F - IniFiles, autoloading entries

* F0 - Changed inifile value
* F1 - Created inifile value
* F2 - Changed inifile value, mapped to Registry
* F3 - Created inifile value, mapped to Registry

N - Netscape/Mozilla StartPage/SearchPage changes

* N1 - Change in prefs.js of Netscape 4.x
* N2 - Change in prefs.js of Netscape 6
* N3 - Change in prefs.js of Netscape 7
* N4 - Change in prefs.js of Mozilla

O - Other, several sections which represent:

* O1 - Hijack of auto.search.msn.com with Hosts file
* O2 - Enumeration of existing MSIE BHO's
* O3 - Enumeration of existing MSIE toolbars
* O4 - Enumeration of suspicious autoloading Registry entries
* O5 - Blocking of loading Internet Options in Control Panel
* O6 - Disabling of 'Internet Options' Main tab with Policies
* O7 - Disabling of Regedit with Policies
* O8 - Extra MSIE context menu items
* O9 - Extra 'Tools' menuitems and buttons
* O10 - Breaking of Internet access by New.Net or WebHancer
* O11 - Extra options in MSIE 'Advanced' settings tab
* O12 - MSIE plugins for file extensions or MIME types
* O13 - Hijack of default URL prefixes
* O14 - Changing of IERESET.INF
* O15 - Trusted Zone Autoadd
* O16 - Download Program Files item
* O17 - Domain hijack
* O18 - Enumeration of existing protocols and filters
* O19 - User stylesheet hijack
* O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys
* O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key
* O22 - SharedTaskScheduler autorun Registry key
* O23 - Enumeration of NT Services
* O24 - Enumeration of ActiveX Desktop Components

Privacy Policy | About Trend Micro | Contact Us

Copyright © 2007 Trend Micro, Inc.
jldcallahan
Active Member
 
Posts: 1
Joined: August 30th, 2008, 6:26 am
Top
Advertisement
Register to Remove

Re: My Facebook and my My Space links have been hijacked

Unread postby NonSuch » September 8th, 2008, 7:59 pm

We are sorry you have waited so long for a response. As you can see, we are quite busy as are all the other help forums. However, in order for us to help you it is necessary that you provide us with a HijackThis log.

This topic is now closed. If you still require help, please start a new topic by following the HijackThis Guideline posted here: >Guideline for posting your HijackThis log<
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Top
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 212 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index