Re: Browser hi-jacked by BHO?
From: Shenan Stanley (news_helper_at_hushmail.com)
Date: 04/21/04
- Next message: Shenan Stanley: "Re: default homepage changed to c:\searchpage.html"
- Previous message: Shenan Stanley: "Re: Cannot change my homepage"
- In reply to: tobyz: "Browser hi-jacked by BHO?"
- Next in thread: H Leboeuf: "Re: Browser hi-jacked by BHO?"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 20 Apr 2004 21:07:43 -0500
tobyz wrote:
> I have been hit by a real nuisance in clicking on URL
> links. If the server is not found immediately, the URL
> is reformatted to a search statement and opens a Lycos
> search engine (which I never use otherwise).
>
> If the URL segment can be decomposed into two or more
> words, they become separate search terms. For instance,
> trying to connect to www.linnsoft.com feeds to a Lycos
> search for 'linn' and 'soft'. This is very frustrating
> when you know the URL is valid and get sidetracked to the
> search engine several consecutive times.
>
> Some of my research earlier today (a ZD Net site, I
> believe) suggested a malicious BHO ('browser helper
> object'). I then downloaded BHODemon and disabled three
> of the ten BHO's reported to be in my registry.
>
> The problem with disabling BHO's is that if they support
> a browser application (such as streaming real-time stock
> quotes), the application will not work. I later restored
> two of the three BHO's I had disabled. (Several of the
> BHO's are associated with toolbars or search engines.
> googletoolbar1.dll is an example.)
>
> I have tried to duplicate my URL-diversion-to-search-
> engine as I type this message. I could not duplicate it
> at this time. Possibly the one remaining disabled BHO is
> the culprit.
>
> That BHO is something like 'opncst.dll' (OpenCast?). Does
> anyone have experience with OpenCast?
>
> The above BHO name is vague because I've just opened
> BHODemon again and this time it sees only 7 BHO's, not
> 10. opncst.dll (?) is missing, as are two that are
> supposed to be enabled. We'll see if I have any browser
> applications that don't work.
>
> Does anyone have experience with Browser hi-jacking? Am
> I on the right track to correct it??
Secure your system and keep it protected/updated by following these tips:
Popups and Home Page Hijacks come in several flavors.. However, if
you use most of the items in the list I am about to give you, you will
lessen your popups, security holes and spam all with one list. Your
problem may be Messenger Popups (you should follow the firewall
advice and do a Google search on 'disable messenger service in
windows xp' to fix this) or web page popups (you should follow the
Google Toolbar advice section for these.) You may have
spyware/adware infesting your machine, follow the appropriate
section for that, making sure you use at least THREE of the tools
I list to scan and clean your machine AFTER updating them.
Cleaning up spyware/adware/malware usually solves home page
hijackers as well.
Please Notice that if you use AOL, you should at least upgrade to 9.0 or
greater before doing any of the fixes. I know you can get AOL 9.0 at almost
any convenience store, gas station, super market or other retail outlet in
the world, so this should not be a problem.
Turn on that firewall...
http://www.microsoft.com/WindowsXP/home/using/howto/homenet/icf.asp
(It has been reported that it now works with AOL 9.0+)
Make sure you have all the updates (critical) installed from:
http://windowsupdate.microsoft.com/
(Scan for updates, Review and Install)
Get rid of the spy/ad/mal-ware..
(Yes - using MORE than one of these..
I recommend at least the first three. Also..
UPDATE the definitions for them before using.)
Spybot Search and Destroy
http://www.safer-networking.net/
Lavasoft AdAware
http://www.lavasoft.de
CWSShredder
http://www.spywareinfo.com/~merijn/downloads.html
Hijack This!
http://mjc1.com/mirror/hjt/
I also like "The Cleaner" and "SpywareBlaster" and "SpywareGuard".
- http://www.moosoft.com/
- http://www.javacoolsoftware.com/
The first is a PAY product, but useable for 30 days - it has found and
eliminated problems in the past the others did not. The latter two are
prevention mechanisms. I like SpywareGuard for those with enough processor
to have something running like antivirus software - and it prevents browser
hijacking quite well.
And Assortment of Others:
http://www.merijn.org/downloads.html
After you cleanup your PC somewhat of spy/ad/mal-ware, verify your antivirus
software is updated and run a full scan of your computer. If you have no
antivirus software - get one NOW! Grisoft AntiVirus:
http://www.grisoft.com/us/us_dwnl_free.php
Empty your Temporary Internet Files and shrink the size it stores to about
80 to 120MB (seems to be an optimal size for the normal user)
- Open ONE copy of Internet Explorer.
- Select TOOLS -> Internet Options.
- Under the General tab in the "Temporary Internet Files" section,
do the following:
- Click on "Delete Cookies" (click OK)
- Click on "Settings" and change the
"Amount of disk space to use:" to something between 80MB
and 120MB. (Betting it is MUCH larger right now.)
- Click OK.
- Click on "Delete Files" and select to
"Delete all offline contents" (the checkbox) and click
OK. (If you had a LOT, this could take 2-10 minutes or
more.)
- Once it is done, click OK, close Internet Explorer
- Re-open Internet Explorer.
Uninstall any software you do not use often/ever. (If you have something
installed but never use it, uninstall it.) If you go through Control
Panel -> Add/Remove Programs and see things you seldom if ever use, it is to
your advantage to remove it.
Also, if you are tired of Web Page Pop-Ups/Unders.. You could try the
Google Toolbar.
http://toolbar.google.com/
Stop loading applications at logon.. run MSCONFIG and look under the startup
tab for things you DON'T want to startup! Search the Internet with Google
to discover what things are safe to remove and what things may even be
malware infecting your computer.
Better control your email and lessen the amount of time you spend dealing
with SPAM:
SpamBayes
http://spambayes.sourceforge.net
or
Spamihilator.
http://www.spamihilator.com
-- <- Shenan -> --
- Next message: Shenan Stanley: "Re: default homepage changed to c:\searchpage.html"
- Previous message: Shenan Stanley: "Re: Cannot change my homepage"
- In reply to: tobyz: "Browser hi-jacked by BHO?"
- Next in thread: H Leboeuf: "Re: Browser hi-jacked by BHO?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
