Do not know yet

I was logging on one of the controversial sites on the internet when I encoutered that the site is being downloaded on my computer. I know for sure that this this is a hacking matter the question is
WHAT CAN I DO TO STOP IT AND GET TO THE SITE??
ANY SUGGESTIONS IT SEEMS TO ME ITS A WAY OF GIVING YOU TOO MUCH OF WHAT YOU ARE ASKING FOR TO MAKE YOU FED UP.
Classico

 

Hi classico, and welcome to Wilders.

I am not sure what you are trying to say in your post. Do you think you have been hijacked? Or are you just wanting to know how to better protect your computer from sites that would try and hijack you?

I will be moving your post from this Test Forum into a more appropriate forum, but before I can do that I need to understand more specifically what kind of help you are asking for.

Regards,

snap

 

Hi !
I should have been more specific.
I have spyguard, spywareblaster, adaware and spy sweeper. Further, I have sygate home edition as firwall, as anti virus TDS, avast and micro trend.
What happened is that when Iwent to the site a popup came on, which I know does not belong to that site, it was regarding the download of micromedia, which I crossed away. Yet I could not get on the site and instead the site started downloading in my computer. So the question is my computer infected or is it the site I visited which was hacked? I have the free surfer against pop ups but this micromedia business does not stop poping up.
best regadrs,
Classico

 

Hi classico,

Please follow the instructions in Step2 here:
http://www.wilderssecurity.com/showthread.php?t=15913

And post your HijackThis log here in this thread. An Expert will review it shortly, and advise you if anything needs to be fixed.

Regards,

snap

 

hijack this log list

Hi,
I have had a run with spybot and I down loaded Hijack this and my log looks likes this:
Logfile of HijackThis v1.97.7
Scan saved at 16:41:00, on 2004-04-02
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

====================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Alwil Software\Avast4\aswUpdSv.exe
C:\Program\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Trend Micro\PC-cillin 2003\Tmntsrv.exe
C:\Program\Trend Micro\PC-cillin 2003\tmproxy.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\pctspk.exe
C:\Program\ALWILS~1\Avast4\ashDisp.exe
C:\Program\ALWILS~1\Avast4\ashmaisv.exe
C:\Program\Trend Micro\PC-cillin 2003\pccguide.exe
C:\Program\Trend Micro\PC-cillin 2003\PCCClient.exe
C:\Program\Trend Micro\PC-cillin 2003\Pop3trap.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Exif Launcher\QuickDCF.exe
C:\Program\SpywareGuard\sgmain.exe
C:\Program\SpywareGuard\sgbhp.exe
C:\Program\SpywareBlaster\spywareblaster.exe
C:\Program\TDS3\tds-3.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program\Free Surfer\fs20.exe
C:\Documents and Settings\Ägaren\Lokala inställningar\Temp\Temporär katalog 1 för hijackthis1977.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://10.0.0.6
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sw4.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sw4.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program\SpywareGuard\dlprotect.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SmcService] C:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\Program\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program\Trend Micro\PC-cillin 2003\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program\Trend Micro\PC-cillin 2003\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program\Trend Micro\PC-cillin 2003\Pop3trap.exe"
O4 - HKLM\..\Run: [TDS3] C:\Program\TDS3\TDS-3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe"
O4 - HKCU\..\Run: [PicoZip] C:\Program\PicoZip\PicoZipTray.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - Startup: SpywareGuard.lnk = C:\Program\SpywareGuard\sgmain.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
O4 - Global Startup: hp center.lnk = C:\Program\hp center\137903\Program\BackWeb-137903.exe
O9 - Extra button: Free Surfer (HKLM)
O9 - Extra 'Tools' menuitem: Free Surfer (HKLM)
O9 - Extra button: Favorites Search (HKLM)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38050.1430439815
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

====================

look forward to your comments,
Classico

 

It started with the downloading of the site material when I entered a controversial site.
I have been checking on my side and it seems that there is an unharmful bug on that site that results in a fictive downloading . So the problem was not on my computer. Anyway it is good to know that I am not hacked!
MANY THANKS for your assistance.
Classico