Hijacked browser??????

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Whenever I try to use IE6 I am asked for a login ID and password (BellSouth,
my old ISP). I now have cable connection and was able to use IE with no
problems. This just started a couple of weeks ago. I use Netscape also. I
have Windows XP Home Editon and it is set up for auto updates. I have never
had this problem before. I also have Norton Systemworks and Internet
Security. I cannot re-install Windows or IE, get a message stating that my
current version is newer than my version on disc. I do have never dial a
connection marked and have been through the usual fixes, nothing has worked
so far. Any help would be greatly appreciated, as there are those things
that you are forced to use IE to do. Thanks.
 
Hi Orphie :-)

You may have a hijacker, malware, spyware or other scumware on your system
causing this problem. Thus, in addition to running your updated anti-virus
program, you should do the following to be sure none of these are present on
your system. Although you may have already run one or more of the programs,
please do so again according to the instructions below. Be aware that, some
very aggressive and damaging variants of malware can replicate themselves
repeatedly, or mutate, if not removed properly. Please follow all
instructions carefully to be sure your system is thoroughly cleaned


Dealing with Unwanted Spyware and Parasites:
http://mvps.org/winhelp2002/unwanted.htm
Be sure to run CWShredder here

http://www.majorgeeks.com/download3019.html

and AdAware and Spybot.
Download the newest version of HiJackThis here:
http://www.bleepingcomputer.com/files/hijackthis.php
(or Spybot - Search and Destroy DSO Exploit Fix 1.3.1 TX)
http://www.majorgeeks.com/download4392.html



Also visit these two sites to test for parasites and help basic cleaning:

On-Line Check

http://aumha.org/a/noads.htm

and

Quick-Fix Protocol.
http://aumha.org/a/quickfix.php

Basically, throw everything here at your "infection".

And be sure to use the HijackThis. Please DO NOT post your log to this
newsgroup, but to the HiJackThis Support Forums below:
http://www.hijackthis.de/forum/forumdisplay.php?f=10&guestlanguageid=4
the Aumha HiJackThis Forum
http://forum.aumha.org/viewforum.php?f=30

or Bleeping Computer Forum

http://www.bleepingcomputer.com/forums/forum22.html

to allow the experts there to evaluate your log and advise you of any
necessary steps to clean your system.

(Note: You will have to Register before posting on these Forums. Please
follow all posting instructions carefully to avoid having your log deleted
or ignored.



Also this program searches for hidden .dlls that recreate the malware.
About Buster:
http://www.majorgeeks.com/download4289.html

CAUTION!!!!! Before you try to remove spyware using any of the programs
below, download a copy of LSPFIX from any of the following sites:
http://www.cexx.org/lspfix.htm
http://www.spychecker.com/program/winsockxpfix.html
(if your OS is Win2k or XP) The process of removing certain malware may kill
your internet connection. If this should occur, this program, LSPFIX, will
enable you to regain your connection.

You should also get a copy of WINSOCKXPFIX available at:
http://www.spychecker.com/program/winsockxpfix.html
and
WinsockXP Fix- WinXP
http://www.spychecker.com/program/winsockxpfix.html
with instructions, at
http://www.iup.edu/house/resnet/winfix.shtm
Also
From LavaSoft- all versions of Windows-
http://digital-solutions.co.uk/lavasoft/whndnfix.zip
(NOTE: It is reported that in XP SP2, the command netsh winsock reset
will fix this problem without the need for these programs.)

or ........

Winsock Fix Utility
http://www.dfwonline.net/files/WinsockFix.zip



Also.........

Courtesy of Jim Byrd -

Download Sysclean.com, from Trend Micro, here:
http://www.trendmicro.com/download/dcs.asp along with the latest pattern
file, here:
http://www.trendmicro.com/download/pattern.asp
Be sure to read the "How-to" info here:
http://www.trendmicro.com/ftp/products/tsc/readme.txt
You might also want to get Art's updater, SYS-UP.Zip, here for future
updating of these: http://home.epix.net/~artnpeg/.
(If you download and use the updater from the beginning, it will
automatically handle downloading the other files. Place them in a dedicated
folder after appropriate unzipping, and then run. This scan may take a long
time, as Sysclean is VERY extensive and thorough



NOTE: If you can not download these programs from the Internet, if your PC
has CD read capabilities, go to another computer with CD-ROM burning
capabilities. Create a folder on the hard drive of the other computer called
HOLD, download the programs to that folder, then burn that folder to a CD.
Copy the HOLD folder to your HD and then install the programs from there
and run them. After you have IE access again, update all programs where
possible to get the latest definitions and run them again in Safe Mode to be
sure there are no lingering items on the system.





If these steps do not resolve your problem, or you need help with the above,
please post back to this thread with the details and any error messages.

Hope this helps

Jan :)
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm

..
 
OrphieG said:
Whenever I try to use IE6 I am asked for a login ID and password (BellSouth,
my old ISP). I now have cable connection and was able to use IE with no
problems. This just started a couple of weeks ago. I use Netscape also. I
have Windows XP Home Editon and it is set up for auto updates. I have never
had this problem before. I also have Norton Systemworks and Internet
Security. I cannot re-install Windows or IE, get a message stating that my
current version is newer than my version on disc. I do have never dial a
connection marked and have been through the usual fixes, nothing has worked
so far. Any help would be greatly appreciated, as there are those things
that you are forced to use IE to do. Thanks.
Click to expand...


I have and have run both Spybot and Ad-Ware SE...........Thanks
 
Hi Orphie :-)

I have and have run both Spybot and Ad-Ware SE...........Thanks
Click to expand...

I'm sorry.....but....no....those two are only a small part of what it will
take to get rid of the scumware on your system. If you have a hijacker,
malware, parasites, Trojans, worms, viruses, or variants of any, those two
programs can not detect or them. AdAware SE detects and removes adware.
SpyBot S&D detects and removes spyaware. That leaves the others to deal
with. That is why we have provided you with the series of programs needed
to clean all the various types of scumware and their variants, which can be
very difficult to remove. Also, some types of adware and spyware also can
only be detected and.or removed in Safe Mode. Again, part of the
instructions provided. If you did not run them that way, then you can not
be sure your system is clean.

You will need to use ALL of the programs according to the instructions
provided if you wish to fully clean you system sufficiently to resolve the
problem. Unformtunatly, it is much harder getting rid of the bugs than
getting them. :-)

Jan :)
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm
 
Jan Il said:
Hi Orphie :-)



I'm sorry.....but....no....those two are only a small part of what it will
take to get rid of the scumware on your system. If you have a hijacker,
malware, parasites, Trojans, worms, viruses, or variants of any, those two
programs can not detect or them. AdAware SE detects and removes adware.
SpyBot S&D detects and removes spyaware. That leaves the others to deal
with. That is why we have provided you with the series of programs needed
to clean all the various types of scumware and their variants, which can be
very difficult to remove. Also, some types of adware and spyware also can
only be detected and.or removed in Safe Mode. Again, part of the
instructions provided. If you did not run them that way, then you can not
be sure your system is clean.

You will need to use ALL of the programs according to the instructions
provided if you wish to fully clean you system sufficiently to resolve the
problem. Unformtunatly, it is much harder getting rid of the bugs than
getting them. :-)

Jan :)
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm



OK so far none of the links work. I cannot download any of the software. Please note and this is a big note.....I cannot use IE...It will not open, thus the reason for this post. Quickfix says specifically that you must be using IE to run scan. I turned off my ad blocker, pop-up blocker and even Internet Security. Still nothing will download. I have to use Netscape to access the internet. Cannot access IE. Any solutions where I can use Netscape to download? I usually have no problems downloading with Netscape. And yes I did try all the alternate download sites. I click on the link and nothing happens and click the link "if download doesn't start", click here and nothing happens. I have even re-booted twice to see if that was the problem. Cache, history, etc. has been cleaned. Thanks again.
Click to expand...
 
Hi Orphie :-)
Please note and >this is a big note.....I cannot use IE...It will not open,
thus the reason for this post. Quickfix >says specifically that you must be
using IE to run scan. I turned off my ad blocker, pop-up >blocker and even
Internet Security. Still nothing will download. I have to use Netscape to
access the internet. Cannot access IE. Any solutions where I can use
Click to expand...
Netscape to >download? I usually have no problems downloading with Netscape.
And yes I did try all the >alternate download sites. I click on the link and
nothing happens and click the link "if >download doesn't start", click here
and nothing happens. I have even re-booted twice to see > if that was the
problem. Cache, history, etc. has been cleaned. Thanks again.

I can understand your situation, and frustration, believe me, I have been
there before too. :-)

Do you mean that you can not use Netscape to download any of the other
programs, such as CWShredder, which just runs and does not need to be
installed, or HiJackThis, which can be downloaded and installed from the
hard drive. If you can not use the QuickFix, that is ok at this point, as
you can't use the IE. But, if you can get HJT downloaded and installed as
instructed, then you can post the log on the forums with Netscape, as HJT
reads the hard drive, not IE.

also.....

If you can not download these programs from the Internet with Netscape, if
your PC has CD read capabilities, print out the list of programs to be
downloaded, go to another computer with CD-ROM burning capabilities. Create
a folder on the hard drive of the other computer called HOLD, download the
programs to that folder, then burn that folder to a CD. Copy the HOLD
folder to your HD and then install/run/setup the programs from there. After
you have IE and Internet access again, update all programs where possible to
get the latest definitions and run them again in Safe Mode to be sure there
are no lingering items on the system. The other programs can be run form the
hard drive once there.



Note: When you post the HJT log to the forum, be sure to explain that you
can not open IE, and that you were unable to use the program that reads the
browser, as it would do not good use Netscape. Run all the programs before
you post your log on the forums, and be sure to run all the others before
HJT, let it be the last one so that the log will be clear of all but the
last scumware for easier detection and cleaning. Remember.....you have to
do the cleaning on your end. <g>



If you have any questions or need help, post back. We'll be here. :-)



Jan :)
Smiles are meant to be shared,
that's why they're so contagious.
 
Jan Il said:
Hi Orphie :-)

Please note and >this is a big note.....I cannot use IE...It will not open,
thus the reason for this post. Quickfix >says specifically that you must be
using IE to run scan. I turned off my ad blocker, pop-up >blocker and even
Internet Security. Still nothing will download. I have to use Netscape to
Netscape to >download? I usually have no problems downloading with Netscape.
And yes I did try all the >alternate download sites. I click on the link and
nothing happens and click the link "if >download doesn't start", click here
and nothing happens. I have even re-booted twice to see > if that was the
problem. Cache, history, etc. has been cleaned. Thanks again.

I can understand your situation, and frustration, believe me, I have been
there before too. :-)

Do you mean that you can not use Netscape to download any of the other
programs, such as CWShredder, which just runs and does not need to be
installed, or HiJackThis, which can be downloaded and installed from the
hard drive. If you can not use the QuickFix, that is ok at this point, as
you can't use the IE. But, if you can get HJT downloaded and installed as
instructed, then you can post the log on the forums with Netscape, as HJT
reads the hard drive, not IE.

also.....

If you can not download these programs from the Internet with Netscape, if
your PC has CD read capabilities, print out the list of programs to be
downloaded, go to another computer with CD-ROM burning capabilities. Create
a folder on the hard drive of the other computer called HOLD, download the
programs to that folder, then burn that folder to a CD. Copy the HOLD
folder to your HD and then install/run/setup the programs from there. After
you have IE and Internet access again, update all programs where possible to
get the latest definitions and run them again in Safe Mode to be sure there
are no lingering items on the system. The other programs can be run form the
hard drive once there.



Note: When you post the HJT log to the forum, be sure to explain that you
can not open IE, and that you were unable to use the program that reads the
browser, as it would do not good use Netscape. Run all the programs before
you post your log on the forums, and be sure to run all the others before
HJT, let it be the last one so that the log will be clear of all but the
last scumware for easier detection and cleaning. Remember.....you have to
do the cleaning on your end. <g>



If you have any questions or need help, post back. We'll be here. :-)



Jan :)
Smiles are meant to be shared,
that's why they're so contagious.


Ok I was finally able to download the software by un-installing and installing a different version of Netscape. I ran all the tests, programs and HiJackThis last. I ran Sysclean, but didn't really know what to do next. Lost the support page and couldn't find it on the website. Also posted HiJack log to 2 forums and have yet to get any replies. After all this I still cannot open IE. Any other suggestions.? Thanks. Maybe I missed something somewhere.......ran Spybot, Ad-Aware, Antivirus, About Buster, CWShredder, LSPFix (no problems with connection) and lastly HiJackThis.......
Click to expand...
 
Back
Top