OT: cleaning a browser hijacker?

  • Thread starter Thread starter Mike
  • Start date Start date
M

Mike

Over the past two days, whenever I go on to the Internet my computer tries
to connect to the following sites:

www.teenpicseries.com/
www.superclicker.com/
www.seventhteen.com/cgi-bin/s2/
teens-lovers.com/
prices.goldnewsweekly.com/_images/
www.livegoldprices.com/
rape.hotporncollection.com/
pics4all.net/
www.freeadultgalleries.com/paysite/

The browser doesn't open -- these attempts happen in the background. The
only reason I know it's happening is because We-Blocker (a free web filter
program) says "Blocked" every few minutes.

I'm running ZoneAlarm 3.1.395, but it clearly isn't blocking whatever it is
that's getting in.

I've run AVG and Ad-Aware several times (fully updated) in the last 24
hours. AVG says the system is clean. Ad-Aware sometimes picks up a Data
Miner in the registry (Software\Microsoft\Internet Explorer\Main);
but after it's removed, the problem persists the next time I connect. (I've
just run it again, and it says the computer is clean.)

Is this a trojan at work? Or is it possibly the A.Sasser worm? A
recommendation for a freebie fix would be helpful. Thanks!
 
Mike said:
Over the past two days, whenever I go on to the Internet my computer tries
to connect to the following sites:

www.teenpicseries.com/
www.superclicker.com/
www.seventhteen.com/cgi-bin/s2/
teens-lovers.com/
prices.goldnewsweekly.com/_images/
www.livegoldprices.com/
rape.hotporncollection.com/
pics4all.net/
www.freeadultgalleries.com/paysite/

The browser doesn't open -- these attempts happen in the background. The
only reason I know it's happening is because We-Blocker (a free web filter
program) says "Blocked" every few minutes.

I'm running ZoneAlarm 3.1.395, but it clearly isn't blocking whatever it is
that's getting in.

I've run AVG and Ad-Aware several times (fully updated) in the last 24
hours. AVG says the system is clean. Ad-Aware sometimes picks up a Data
Miner in the registry (Software\Microsoft\Internet Explorer\Main);
but after it's removed, the problem persists the next time I connect. (I've
just run it again, and it says the computer is clean.)

Is this a trojan at work? Or is it possibly the A.Sasser worm? A
recommendation for a freebie fix would be helpful. Thanks!
Click to expand...

Hi Mike, you might want to check out this page:

http://209.133.47.200/~merijn/downloads.html

CWShredder and Hijackthis are 2 excellente free programs for problems
like yours. Be sure to check out
http://209.133.47.200/~merijn/htlogtutorial.html for some help with
the use of Hijackthis

HIH
 
mcbloem@ said:
Over the past two days, whenever I go on to the Internet my computer tries
to connect to the following sites:

www.teenpicseries.com/
www.superclicker.com/
www.seventhteen.com/cgi-bin/s2/
teens-lovers.com/
prices.goldnewsweekly.com/_images/
www.livegoldprices.com/
rape.hotporncollection.com/
pics4all.net/
www.freeadultgalleries.com/paysite/

The browser doesn't open -- these attempts happen in the background. The
only reason I know it's happening is because We-Blocker (a free web filter
program) says "Blocked" every few minutes.

I'm running ZoneAlarm 3.1.395, but it clearly isn't blocking whatever it is
that's getting in.

I've run AVG and Ad-Aware several times (fully updated) in the last 24
hours. AVG says the system is clean. Ad-Aware sometimes picks up a Data
Miner in the registry (Software\Microsoft\Internet Explorer\Main);
but after it's removed, the problem persists the next time I connect. (I've
just run it again, and it says the computer is clean.)

Is this a trojan at work? Or is it possibly the A.Sasser worm? A
recommendation for a freebie fix would be helpful. Thanks!
Click to expand...
AS well as advice for spybot hijack this etc , i would check your add/remove
programmes for any ad/spyware that may have inadvertently been installed .
me
 
Over the past two days, whenever I go on to the Internet my computer tries
to connect to the following sites:
Click to expand...

Look up BHODemon. It can quickly and simply switch off Browser Helper
Objects that are usually responsible for such hijackers. Be sure to leave
your Adobe Acrobat Reader and Spybot S&D BHO's turned on.

Bob

Remove "kins" to reply by e-mail.
 
Look up BHODemon. It can quickly and simply switch off Browser Helper
Objects that are usually responsible for such hijackers. Be sure to leave
your Adobe Acrobat Reader and Spybot S&D BHO's turned on.

Bob
Click to expand...

Thanks, folks!
 
Back
Top