bROWSER HIHACKS

[UserRemoved1]

Damn stuff never ends. I'm getting hijacked on my home pc. Click links and goes to other sites.

What's the best free thing out there now? I'm using avira antivirus and nothing in there is stopping this bs

[striperman36]

Quote:

Originally Posted by #^&#^&#^&#^&#^&#^&#^&#^&#^&#^&#^&

Damn stuff never ends. I'm getting hijacked on my home pc. Click links and goes to other sites.

What's the best free thing out there now? I'm using avira antivirus and nothing in there is stopping this bs

I use ghostery in my browser,
malwarebytes, spybot, CCleaner, regcleaner, Symantec Anti-virus.

I can still get clapped, I need some av for my non-outlook email client.

When it comes to the internet you can't get enough protection.

[iamskippy]

i will agree with striperman, but i will not agree with non experienced people using ccleaner and regcleaner. windows clean up is a better alternarive imo. there is a program called hijack this that is great for these problems but its a bit advancedm however u can have the log file reviewedon the inet for free. if all else failes got to bleeping computer .com and look for combofix. its prob the single most powerful tool on the market. download run in safe mode and clean up with the rest. but that is just my 2.5 cents
Posted from my iPhone/Mobile device

[striperman36]

Quote:

Originally Posted by iamskippy

i will agree with striperman, but i will not agree with non experienced people using ccleaner and regcleaner. windows clean up is a better alternarive imo. there is a program called hijack this that is great for these problems but its a bit advancedm however u can have the log file reviewedon the inet for free. if all else failes got to bleeping computer .com and look for combofix. its prob the single most powerful tool on the market. download run in safe mode and clean up with the rest. but that is just my 2.5 cents
Posted from my iPhone/Mobile device

Combofix installed and uninstalled as it is incompatible with most AV's including Symantec and Proventia.

I'm an old Com developer I've hacked my way out many a broken registry, but do back it up first.

I've always seen CCleaner as being pretty benign when just cleaning up your browser caches.

[iamskippy]

its the extra option in ccleaner that can be dangerous. as far as combofix that is why i run it in save mode. it will be fine with his antivirus. i would never again in my life install a symantic product on a machine.
Posted from my iPhone/Mobile device

[striperman36]

Quote:

Originally Posted by iamskippy

its the extra option in ccleaner that can be dangerous. as far as combofix that is why i run it in save mode. it will be fine with his antivirus. i would never again in my life install a symantic product on a machine.
Posted from my iPhone/Mobile device

If I had a choice I wouldn't either.
I got friggin Bit9 on this too and it really beetches about removing stuff like that.

I just installed combofix and it was beetchin.
I don't use that extra registry option on CCleaner

[JohnnyD]

If you use Firefox, download NoScript. Most browser hijacks are implanted with javascript. NoScript prevents javascript from executing and can protect you from most issues.

Read an article a few days ago... something like 98% of browser hijacks initiate from scumbags exploiting legitimate websites. Frequently, the malware is injected into the AdServer and any website that utilizes that advertising company is now vulnerable.

Long gone are the days when all you had to do was avoid shady porn websites and you'd be safe.


If you really want to put up a heavy layer of protection, check out Sandboxie - Sandbox software for application isolation and secure Web browsing. It creates a virtual "Sandbox" on your hard drive for programs to "play" in. The programs can't install, edit or delete any files outside of the "Sandbox". Then when you close the browser, everything in the sandbox is deleted. It's not perfect, but pretty damn close to it. Only a matter of time before the feature is directly incorporated into web browsers.

[striperman36]

Quote:

Originally Posted by JohnnyD

If you use Firefox, download NoScript. Most browser hijacks are implanted with javascript. NoScript prevents javascript from executing and can protect you from most issues.

Read an article a few days ago... something like 98% of browser hijacks initiate from scumbags exploiting legitimate websites. Frequently, the malware is injected into the AdServer and any website that utilizes that advertising company is now vulnerable.

Long gone are the days when all you had to do was avoid shady porn websites and you'd be safe.


If you really want to put up a heavy layer of protection, check out Sandboxie - Sandbox software for application isolation and secure Web browsing. It creates a virtual "Sandbox" on your hard drive for programs to "play" in. The programs can't install, edit or delete any files outside of the "Sandbox". Then when you close the browser, everything in the sandbox is deleted. It's not perfect, but pretty damn close to it. Only a matter of time before the feature is directly incorporated into web browsers.

Chrome has a similar feature built-in but you're right Mr. D. most hacks are exploits of existing sites, i.e. the Facebook, Like hack.

[iamskippy]

Quote:

Originally Posted by striperman36

I just installed combofix and it was beetchin.

did you install it in safe mode? and what anti virus was it crying about, i general tend to ignor that warning if i am in safe mode of i disable the services. I have however recently stumbled upon a root kit that will not allow you to disable or remove your anyvirus, it embeds itself in the " regedit.exe" file, ironicly just rename it and move over a cleanone will fix alot, it pooches permissions.

[UserRemoved1]

ok i downloaded no script.

Before I click anything here...is this site legit.

Removal looks like it could be a spoof site

[UserRemoved1]

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Database version: 5469

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

1/6/2011 7:34:46 AM
mbam-log-2011-01-06 (07-34-46).txt

Scan type: Quick scan
Objects scanned: 241715
Time elapsed: 25 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[UserRemoved1]

SO WTF

[striperman36]

Quote:

Originally Posted by iamskippy

did you install it in safe mode? and what anti virus was it crying about, i general tend to ignor that warning if i am in safe mode of i disable the services. I have however recently stumbled upon a root kit that will not allow you to disable or remove your anyvirus, it embeds itself in the " regedit.exe" file, ironicly just rename it and move over a cleanone will fix alot, it pooches permissions.

It didn't give me a chance to do that. it fragged some of my GFE software too. VMPlayer.

[JohnR]

Booger - do a FULL SCAN with the latest updates, not a quick scan.

[UserRemoved1]

Tnx bossman will do that now.

Quote:

Originally Posted by JohnR

Booger - do a FULL SCAN with the latest updates, not a quick scan.

[Raven]

or do an advanced search for all files modified or created on a specific day

[UserRemoved1]

3 hours in on a full scan and still nada.

[JohnR]

Now, download and run Prevx CSI

Also, go to your web browser and restore settings to default

[UserRemoved1]

It's still going 4.5 hours now

[UserRemoved1]

CSI oh boy what you getting me into

probably find dead bodies in my shop tomorrow

[iamskippy]

did u try and chage your home page ? are u using firefox and IE? if it opens in both your host file maybe modified.
Posted from my iPhone/Mobile device

[UserRemoved1]

scan just finished with nothing found. I know there's something there because every time I click on a google link it's a crapshoot what site comes up.

SKIPPY GUESS WHAT I FOUND TODAY

[striperman36]

Booger is a tech moron. Don't go to that site again.

[Redsoxticket]

If all else fails reload OS.
Posted from my iPhone/Mobile device

[jimmy z]

I'm no expert, but it sounds like a worm. I had one that redirected my browsing to some obscure site, constantly. Did you try System Restore? It might work, taking your OS back to an earlier date.

[iamskippy]

can you bring it to the shop Sunday i will fix it in 1/2 hour

[iamskippy]

Quote:

Originally Posted by #^&#^&#^&#^&#^&#^&#^&#^&#^&#^&#^&

SKIPPY GUESS WHAT I FOUND TODAY

possibilities are endless

[UserRemoved1]

: rotf2:

Skippy this is the machine with the os on two disks

If you can fix that in a 1/2 hour I will make an appt for you for a sweaty hummer from bar rafaeli

Quote:

Originally Posted by iamskippy

can you bring it to the shop Sunday i will fix it in 1/2 hour

[UserRemoved1]

THE MISSING DISCS

Quote:

Originally Posted by iamskippy

possibilities are endless

[JohnR]

Quote:

Originally Posted by #^&#^&#^&#^&#^&#^&#^&#^&#^&#^&#^&

: rotf2:

Skippy this is the machine with the os on two disks

If you can fix that in a 1/2 hour I will make an appt for you for a sweaty hummer from bar rafaeli

I told you to blow that up 3 years ago and use a clean slate, new machine, with the system padlocked and you removed from administrative rights.

Someone pointed to Sandboxie above - I think Booger 2.2 should be run in the Sandbox to protect the computer