Re: Hijacking that can't be fixed????
From: S.Sengupta (ssengupta__at_msn.com)
Date: 07/28/04
- Next message: Don Wash: "Re: Turn-On Computer at Specific Time?"
- Previous message: Don Wash: "Re: Turn-On Computer at Specific Time?"
- In reply to: peter v.: "Hijacking that can't be fixed????"
- Next in thread: Danny Mingledorff: "Re: Hijacking that can't be fixed????"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 28 Jul 2004 06:28:15 +0530
Are you using those tools with the latest updates?Run them in safe
mode.Scan your system with latest virus definitioned antivius.
Online scan:-housecall.antivirus.com/
www.pandasoftware.com/activescan/
regards,
ssg MS-MVP
pronetworks.org
peter v. wrote:
>>-----Original Message-----
>>I run Windows XP Home Edition and the current version of
>
> IE. I seem to have some kind of hijack being done on my
> computer. Before you say "Use Spy-Bot, Ad-aware 6.0,
> Google Tool Bar, and CW Shredder," I currently do use all
> of those.
>
>>This doesn't solve the problem. Here are my problems:
>>
>>1. My home page is always routed to either "about:blank"
>
> or "http://easy-search.biz." I can no longer log onto a
> search engine, do a search, find a link, and then
> right-click and open a new window without the page coming
> up saying "Page cannot be displayed" of "Invalid url."
>
>>When on ebay for instance, I'll do a search for say "Les
>
> Paul guitar." I'll get many hits. I like to right-click
> on an item and open a new window. The page always comes up
> "page cannot be displayed" until I hit the refresh button
> about three times.
>
>>2. Because of this problem, I cannot log onto any site
>
> where I am required to enter a username and password
> (yahoo, hotmail, bank site, you name it). I can get to the
> site, but as soon as I enter my info, it immediately says
> the page cannot be displayed. This, unfortunately, isn't
> solved by hitting the refresh button three times. No dice
> whatsoever.
>
>>3. I have a pop-up for "Casino Palazzo" that is so far
>
> imbedded on my machine that it is not traceable by all of
> the software mentioned above. This is a timed pop-up that
> will come our of nowhere and open right in the middle of
> being online. I have noticed that when this pop-up
> happens, I immediately run Ad-aware and it always shows
> three items that involve "Cool Web Searches."
>
>>People tell me I need to wipe my hard drive, but I think
>
> that's a little extreme. Is there any hope of
> counteracting this stuff without having to do that? I'm
> sure I'm not the only computer user out there that has this
> same problem. The problem is, when I mention this,
> everyone's first reaction is to use Spy-Bot, Ad-aware, etc.
> That's not doing the trick - wondering if there's
> something out there that will?
>
>>Do I need to unistall IE and install a new one? Could it
>
> be that simple?
>
>>Any/all advice or suggestions would be GREATLY APPRECIATED!!!
>>
>>Thanks!
>>
>>Gtrcoop
>>.
>>
>
>
> Hi
>
> I had a similar pest on my son's XP Home system. His IE was
> hijacked to some search page.
> I came within two minutes of reaching for the crash and
> burn CD. Now all he has is an occasional backdoor trojan
> that Norton intercepts so this is much better.
> SpyBot mostly isolates low level stuff and there is a
> problem with DSO Exploit currently that it will not remove
> until next week.
>
> Anyway: You WILL need CWShredder plus the following:
>
> spywareblaster
>
> bhodemon
>
> PestPatrol
>
> taskmanager16
>
> Look like a lot but this is the set I used to kill the
> sp.html, xxyyzz.dll, help.dll and other nasties.
>
> Download the tools listed. Start with BHOdemon and
> PestPatrol and then TaskMan.
> When BHOdemon runs it will probably show four DLLs ready to
> launch when IE opens. On a typical machine three are
> "normal". One is the bad guy and can have any name (it
> changes itself). Mine was like "bclkdw.dll" or something.
> The three "good" DLLs are usually Symantec, Adobe and
> SpyBot if installed).
> Once you have the name of the bad guy, run TaskMan.
> This shows a graphic display with degree of "badness" of
> all processes running. Look for the "bad guy" and
> quarantine him or kill him. You may see other potentially
> "bad" ones but be careful: some are legit, like IBM,
> Symantec, Adobe, etc.
> Now run PestPAtrol and clobber those things in the registry
> which look suspicious (the demo version will not do this
> for you so use REGEDIT).
>
> You might want to get the tool AdwareAway. It is a
> shareware trial but is updatable for a short time and
> clobbers most known CWS and trojans plus other things.
>
> Using the above goulash of tools and getting the most
> recent NAV defs every day I got rid of this CWS thing.
>
> Once you remap your IE to the preferred page go quickly to
> search and get rid of any sp.html file and rename any
> help.dll or hlp.dll with a recent date in the system32
> directory.
>
> Good luck
>
> Peter v.
- Next message: Don Wash: "Re: Turn-On Computer at Specific Time?"
- Previous message: Don Wash: "Re: Turn-On Computer at Specific Time?"
- In reply to: peter v.: "Hijacking that can't be fixed????"
- Next in thread: Danny Mingledorff: "Re: Hijacking that can't be fixed????"
- Messages sorted by: [ date ] [ thread ]
