Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today

Thread Tools Search this Thread Display Modes
Old 04-15-2004, 03:23 PM   #1
Beta Member
Join Date: Apr 2004
Posts: 1
Default New Enjoysearch Hijack

Hi all. If anybody can help, please do. Every reboot it sets homepage at enjoysearch.info. CWShredder hasn't worked, and this looks different than other problems cited on this site.

Logfile of HijackThis v1.97.7
Scan saved at 4:09:44 PM, on 4/15/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mike\My Documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.enjoysearch.info/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enjoysearch.info
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.enjoysearch.info/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.enjoysearch.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.enjoysearch.info/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enjoysearch.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.enjoysearch.info/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.enjoysearch.info/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.enjoysearch.info/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.enjoysearch.info
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.enjoysearch.info/search.html
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0. dll
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Control Pad (HKLM)
O9 - Extra 'Tools' menuitem: Control Pad (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Real.com (HKLM)

hilldog is offline   Reply With Quote
Old 04-16-2004, 03:17 AM   #2
Site Team
David Lindon's Avatar
Join Date: Dec 2002
Posts: 15,233
Default Re: New Enjoysearch Hijack

Have you deleted the registry entries?

[url=http://www.LNXPS.NET]LNXPS.NET - The XPS Library]
David Lindon is offline   Reply With Quote
Old 04-16-2004, 03:48 AM   #3
Beta Member
Join Date: Apr 2004
Posts: 2
Default Re: New Enjoysearch Hijack

I have the same problem!
zoofish is offline   Reply With Quote
Old 04-16-2004, 09:31 PM   #4
Beta Member
tagar's Avatar
Join Date: Apr 2004
Posts: 2
Default Re: New Enjoysearch Hijack

I had the same problem

Click Start - Run and open msconfig
Remove the checkmark from jushed32.exe from the startup item list
Restart the computer in safe mode, and remove jushed32.exe from the windows directory
Run CWShredder to fix the IE homepage,search,links,etc (usually 14-16)
as a precaution I deleted all my internet history & temporary internet files
Restart the system....

I've so far gotten this far to remove this POS from my system.

Also you may see a desktop.ini on your desktop. The contents look like this if you open it in notepad
Windows Media Player.lnk = @C:\WINDOWS\inf\unregmp2.exe,-4
You must delete this as well as the unregmp2.exe file in the \Windows\inf folder. If you do not your Windows Media Player will no longer work if you click the WMP shortcut

Good Luck... I'll post any further info I come up with
tagar is offline   Reply With Quote
Old 05-02-2004, 05:44 PM   #5
In Runtime
Join Date: Mar 2004
Posts: 191
Default Re: New Enjoysearch Hijack

At0m1x is offline   Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT -5. The time now is 02:56 PM.

Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0