|
|
|
|
|
|
|
|
|
Computers Sidetrack to Computers, Questions on your home computer? Posting just for registered members.... |
|
|
01-05-2011, 07:18 PM
|
#1
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
bROWSER HIHACKS
Damn stuff never ends. I'm getting hijacked on my home pc. Click links and goes to other sites.
What's the best free thing out there now? I'm using avira antivirus and nothing in there is stopping this bs
|
|
|
|
01-05-2011, 07:35 PM
|
#2
|
Old Guy
Join Date: Oct 2004
Location: Mansfield, MA
Posts: 8,760
|
Quote:
Originally Posted by #^^^^^^^^^^^&
Damn stuff never ends. I'm getting hijacked on my home pc. Click links and goes to other sites.
What's the best free thing out there now? I'm using avira antivirus and nothing in there is stopping this bs
|
I use ghostery in my browser,
malwarebytes, spybot, CCleaner, regcleaner, Symantec Anti-virus.
I can still get clapped, I need some av for my non-outlook email client.
When it comes to the internet you can't get enough protection.
|
|
|
|
01-05-2011, 07:53 PM
|
#3
|
Registered User
Join Date: Aug 2010
Location: A village some where
Posts: 3,436
|
i will agree with striperman, but i will not agree with non experienced people using ccleaner and regcleaner. windows clean up is a better alternarive imo. there is a program called hijack this that is great for these problems but its a bit advancedm however u can have the log file reviewedon the inet for free. if all else failes got to bleeping computer .com and look for combofix. its prob the single most powerful tool on the market. download run in safe mode and clean up with the rest. but that is just my 2.5 cents
Posted from my iPhone/Mobile device
|
|
|
|
01-05-2011, 07:59 PM
|
#4
|
Old Guy
Join Date: Oct 2004
Location: Mansfield, MA
Posts: 8,760
|
Quote:
Originally Posted by iamskippy
i will agree with striperman, but i will not agree with non experienced people using ccleaner and regcleaner. windows clean up is a better alternarive imo. there is a program called hijack this that is great for these problems but its a bit advancedm however u can have the log file reviewedon the inet for free. if all else failes got to bleeping computer .com and look for combofix. its prob the single most powerful tool on the market. download run in safe mode and clean up with the rest. but that is just my 2.5 cents
Posted from my iPhone/Mobile device
|
Combofix installed and uninstalled as it is incompatible with most AV's including Symantec and Proventia.
I'm an old Com developer I've hacked my way out many a broken registry, but do back it up first.
I've always seen CCleaner as being pretty benign when just cleaning up your browser caches.
|
|
|
|
01-05-2011, 08:46 PM
|
#5
|
Registered User
Join Date: Aug 2010
Location: A village some where
Posts: 3,436
|
its the extra option in ccleaner that can be dangerous. as far as combofix that is why i run it in save mode. it will be fine with his antivirus. i would never again in my life install a symantic product on a machine.
Posted from my iPhone/Mobile device
|
|
|
|
01-05-2011, 08:49 PM
|
#6
|
Old Guy
Join Date: Oct 2004
Location: Mansfield, MA
Posts: 8,760
|
Quote:
Originally Posted by iamskippy
its the extra option in ccleaner that can be dangerous. as far as combofix that is why i run it in save mode. it will be fine with his antivirus. i would never again in my life install a symantic product on a machine.
Posted from my iPhone/Mobile device
|
If I had a choice I wouldn't either.
I got friggin Bit9 on this too and it really beetches about removing stuff like that.
I just installed combofix and it was beetchin.
I don't use that extra registry option on CCleaner
|
|
|
|
01-05-2011, 09:07 PM
|
#7
|
Registered User
Join Date: May 2008
Location: Mansfield, MA
Posts: 5,238
|
If you use Firefox, download NoScript. Most browser hijacks are implanted with javascript. NoScript prevents javascript from executing and can protect you from most issues.
Read an article a few days ago... something like 98% of browser hijacks initiate from scumbags exploiting legitimate websites. Frequently, the malware is injected into the AdServer and any website that utilizes that advertising company is now vulnerable.
Long gone are the days when all you had to do was avoid shady porn websites and you'd be safe.
If you really want to put up a heavy layer of protection, check out Sandboxie - Sandbox software for application isolation and secure Web browsing. It creates a virtual "Sandbox" on your hard drive for programs to "play" in. The programs can't install, edit or delete any files outside of the "Sandbox". Then when you close the browser, everything in the sandbox is deleted. It's not perfect, but pretty damn close to it. Only a matter of time before the feature is directly incorporated into web browsers.
|
|
|
|
01-05-2011, 09:13 PM
|
#8
|
Old Guy
Join Date: Oct 2004
Location: Mansfield, MA
Posts: 8,760
|
Quote:
Originally Posted by JohnnyD
If you use Firefox, download NoScript. Most browser hijacks are implanted with javascript. NoScript prevents javascript from executing and can protect you from most issues.
Read an article a few days ago... something like 98% of browser hijacks initiate from scumbags exploiting legitimate websites. Frequently, the malware is injected into the AdServer and any website that utilizes that advertising company is now vulnerable.
Long gone are the days when all you had to do was avoid shady porn websites and you'd be safe.
If you really want to put up a heavy layer of protection, check out Sandboxie - Sandbox software for application isolation and secure Web browsing. It creates a virtual "Sandbox" on your hard drive for programs to "play" in. The programs can't install, edit or delete any files outside of the "Sandbox". Then when you close the browser, everything in the sandbox is deleted. It's not perfect, but pretty damn close to it. Only a matter of time before the feature is directly incorporated into web browsers.
|
Chrome has a similar feature built-in but you're right Mr. D. most hacks are exploits of existing sites, i.e. the Facebook, Like hack.
|
|
|
|
01-05-2011, 10:33 PM
|
#9
|
Registered User
Join Date: Aug 2010
Location: A village some where
Posts: 3,436
|
Quote:
Originally Posted by striperman36
I just installed combofix and it was beetchin.
|
did you install it in safe mode? and what anti virus was it crying about, i general tend to ignor that warning if i am in safe mode of i disable the services. I have however recently stumbled upon a root kit that will not allow you to disable or remove your anyvirus, it embeds itself in the " regedit.exe" file, ironicly just rename it and move over a cleanone will fix alot, it pooches permissions.
|
|
|
|
01-06-2011, 06:16 AM
|
#10
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
ok i downloaded no script.
Before I click anything here...is this site legit.
Removal looks like it could be a spoof site
|
|
|
|
01-06-2011, 07:37 AM
|
#11
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes
Database version: 5469
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
1/6/2011 7:34:46 AM
mbam-log-2011-01-06 (07-34-46).txt
Scan type: Quick scan
Objects scanned: 241715
Time elapsed: 25 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
|
|
|
|
01-06-2011, 07:38 AM
|
#12
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
SO WTF
|
|
|
|
01-06-2011, 07:58 AM
|
#13
|
Old Guy
Join Date: Oct 2004
Location: Mansfield, MA
Posts: 8,760
|
Quote:
Originally Posted by iamskippy
did you install it in safe mode? and what anti virus was it crying about, i general tend to ignor that warning if i am in safe mode of i disable the services. I have however recently stumbled upon a root kit that will not allow you to disable or remove your anyvirus, it embeds itself in the " regedit.exe" file, ironicly just rename it and move over a cleanone will fix alot, it pooches permissions.
|
It didn't give me a chance to do that. it fragged some of my GFE software too. VMPlayer.
|
|
|
|
01-06-2011, 08:25 AM
|
#14
|
Certifiable Intertidal Anguiologist
Join Date: Feb 2000
Location: Somewhere between OOB & west of Watch Hill
Posts: 35,012
|
Booger - do a FULL SCAN with the latest updates, not a quick scan.
|
~Fix the Bait~ ~Pogies Forever~
Striped Bass Fishing - All Stripers
Kobayashi Maru Election - there is no way to win.
Apocalypse is Coming:
|
|
|
01-06-2011, 08:32 AM
|
#15
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
Tnx bossman will do that now.
Quote:
Originally Posted by JohnR
Booger - do a FULL SCAN with the latest updates, not a quick scan.
|
|
|
|
|
01-06-2011, 09:42 AM
|
#16
|
........
Join Date: Apr 2002
Posts: 22,805
|
or do an advanced search for all files modified or created on a specific day
|
|
|
|
01-06-2011, 11:34 AM
|
#17
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
3 hours in on a full scan and still nada.
|
|
|
|
01-06-2011, 12:33 PM
|
#18
|
Certifiable Intertidal Anguiologist
Join Date: Feb 2000
Location: Somewhere between OOB & west of Watch Hill
Posts: 35,012
|
Now, download and run Prevx CSI
Also, go to your web browser and restore settings to default
|
~Fix the Bait~ ~Pogies Forever~
Striped Bass Fishing - All Stripers
Kobayashi Maru Election - there is no way to win.
Apocalypse is Coming:
|
|
|
01-06-2011, 12:52 PM
|
#19
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
It's still going 4.5 hours now
|
|
|
|
01-06-2011, 12:55 PM
|
#20
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
CSI oh boy what you getting me into
probably find dead bodies in my shop tomorrow
|
|
|
|
01-06-2011, 02:01 PM
|
#21
|
Registered User
Join Date: Aug 2010
Location: A village some where
Posts: 3,436
|
did u try and chage your home page ? are u using firefox and IE? if it opens in both your host file maybe modified.
Posted from my iPhone/Mobile device
|
|
|
|
01-06-2011, 02:41 PM
|
#22
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
scan just finished with nothing found. I know there's something there because every time I click on a google link it's a crapshoot what site comes up.
SKIPPY GUESS WHAT I FOUND TODAY
|
|
|
|
01-06-2011, 07:03 PM
|
#23
|
Old Guy
Join Date: Oct 2004
Location: Mansfield, MA
Posts: 8,760
|
Booger is a tech moron. Don't go to that site again.
|
|
|
|
01-06-2011, 09:02 PM
|
#24
|
...
Join Date: Jan 2004
Location: MA/RI
Posts: 2,411
|
If all else fails reload OS.
Posted from my iPhone/Mobile device
|
|
|
|
01-06-2011, 09:58 PM
|
#25
|
I Had A BLAST!
Join Date: Oct 2006
Location: I'm from Manhattan, Live in CT., but my heart is in SoCo!
Posts: 1,132
|
I'm no expert, but it sounds like a worm. I had one that redirected my browsing to some obscure site, constantly. Did you try System Restore? It might work, taking your OS back to an earlier date.
Last edited by jimmy z; 01-06-2011 at 10:17 PM..
|
Be encouraging, not discouraging
<*((())))>< <*((())))><
|
|
|
01-06-2011, 11:35 PM
|
#26
|
Registered User
Join Date: Aug 2010
Location: A village some where
Posts: 3,436
|
can you bring it to the shop Sunday i will fix it in 1/2 hour
|
|
|
|
01-06-2011, 11:36 PM
|
#27
|
Registered User
Join Date: Aug 2010
Location: A village some where
Posts: 3,436
|
Quote:
Originally Posted by #^^^^^^^^^^^&
SKIPPY GUESS WHAT I FOUND TODAY
|
possibilities are endless
|
|
|
|
01-07-2011, 10:22 AM
|
#28
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
|
|
|
|
01-07-2011, 10:23 AM
|
#29
|
Permanently Disconnected
Join Date: Nov 2002
Posts: 12,647
|
THE MISSING DISCS
Quote:
Originally Posted by iamskippy
possibilities are endless
|
|
|
|
|
01-07-2011, 01:10 PM
|
#30
|
Certifiable Intertidal Anguiologist
Join Date: Feb 2000
Location: Somewhere between OOB & west of Watch Hill
Posts: 35,012
|
Quote:
Originally Posted by #^^^^^^^^^^^&
|
I told you to blow that up 3 years ago and use a clean slate, new machine, with the system padlocked and you removed from administrative rights.
Someone pointed to Sandboxie above - I think Booger 2.2 should be run in the Sandbox to protect the computer
|
~Fix the Bait~ ~Pogies Forever~
Striped Bass Fishing - All Stripers
Kobayashi Maru Election - there is no way to win.
Apocalypse is Coming:
|
|
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 02:58 AM.
|
| |