Got a hijacked browser...

[Therat]

Did read post below with no help for me. Start page goes to this little bastard...just.find-itnow com. Anyone familiar with this site/problem and how to rid myself of it? Almost ready to pop-in the original CD's and start anew.
Installed SpyBot S&D, Ad Aware and X-cleaner(from earlier post), to no avail.
Didnt notice anything while doing the msconfig thingy. Wasnt about to delete anything without being absolutely sure.
Running XP Home.
Be advised that when I used the word 'thingy' I'm not that literate with PC's. A newbie with a sledgehammer type.
An early thanks,
therat

 

[Emily]

Have you run a virus scan? Ad-Aware should take care of it... did it come up with any adware or spyware at all?

Maybe look in your add/remove programs list and see if there's anything suspicious in there.

 

[ekÆsine]

you could try to download a trial version of norton anti-virus and do a complete system scan. that has gotten rid of download trojans that download advertisements off the internet on some computers for me.

 

[mobo]

Download hijack this , unzip it and do a scan then save the generated log file. Next step would be to copy and paste the log herer for review.

 

[laroc]

have i been hijacked

hope you can help. I think that Ive got a problem with downloading avg and window updates. My internet connection keeps closing when connecting, (sometime only o n for a few seconds).

my log is here..

Logfile of HijackThis v1.97.7
Scan saved at 6:13:48 PM, on 3/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe

 

[jaun1477]

This detection is for trojans written in Borland Delphi intended to modify the Internet Explorer search and start page settings.

When executed these trojans typically modify the Internet Explorer
Search and Start pages to specific URLs hardcoded in the trojan. For example, the following URLs have been used:

http:// allneedsearch.com
http:// just.find-itnow.com
http:// listincestsites.com
Commonly, several other porn links are added to the Internet Explorer Favorites list.
Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the current engine and the specified DATs (or higher). Older engines may not be able to remove all registry keys created by this threat.
the alias related StartPage-AU, W32.Bizten (NAV)
Distribution channels include IRC, peer-to-peer networks, newsgroup postings, email, etc.
Name: Generic StartPage
Risk Assessment
- Home Users: Low
- Corporate Users: Low
Date Discovered: 1/20/2004
Date Added: 1/22/2004
Origin: Unknown
Length: Varies
Type: Trojan
SubType: Settings Change
DAT Required: 4318
this is so we undestand what we are dealing with (a trojan virus)
so just use your antivirus
GOOD LUCK!

 

[mobo]

Re: have i been hijacked

hope you can help. I think that Ive got a problem with downloading avg and window updates. My internet connection keeps closing when connecting, (sometime only o n for a few seconds).

my log is here..

Logfile of HijackThis v1.97.7
Scan saved at 6:13:48 PM, on 3/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe

This isn't the entire log...