P
peter v.
IE. I seem to have some kind of hijack being done on my
computer. Before you say "Use Spy-Bot, Ad-aware 6.0,
Google Tool Bar, and CW Shredder," I currently do use all
of those.
or "http://easy-search.biz." I can no longer log onto a
search engine, do a search, find a link, and then
right-click and open a new window without the page coming
up saying "Page cannot be displayed" of "Invalid url."
Paul guitar." I'll get many hits. I like to right-click
on an item and open a new window. The page always comes up
"page cannot be displayed" until I hit the refresh button
about three times.
where I am required to enter a username and password
(yahoo, hotmail, bank site, you name it). I can get to the
site, but as soon as I enter my info, it immediately says
the page cannot be displayed. This, unfortunately, isn't
solved by hitting the refresh button three times. No dice
whatsoever.
imbedded on my machine that it is not traceable by all of
the software mentioned above. This is a timed pop-up that
will come our of nowhere and open right in the middle of
being online. I have noticed that when this pop-up
happens, I immediately run Ad-aware and it always shows
three items that involve "Cool Web Searches."
that's a little extreme. Is there any hope of
counteracting this stuff without having to do that? I'm
sure I'm not the only computer user out there that has this
same problem. The problem is, when I mention this,
everyone's first reaction is to use Spy-Bot, Ad-aware, etc.
That's not doing the trick - wondering if there's
something out there that will?
Hi
I had a similar pest on my son's XP Home system. His IE was
hijacked to some search page.
I came within two minutes of reaching for the crash and
burn CD. Now all he has is an occasional backdoor trojan
that Norton intercepts so this is much better.
SpyBot mostly isolates low level stuff and there is a
problem with DSO Exploit currently that it will not remove
until next week.
Anyway: You WILL need CWShredder plus the following:
spywareblaster
bhodemon
PestPatrol
taskmanager16
Look like a lot but this is the set I used to kill the
sp.html, xxyyzz.dll, help.dll and other nasties.
Download the tools listed. Start with BHOdemon and
PestPatrol and then TaskMan.
When BHOdemon runs it will probably show four DLLs ready to
launch when IE opens. On a typical machine three are
"normal". One is the bad guy and can have any name (it
changes itself). Mine was like "bclkdw.dll" or something.
The three "good" DLLs are usually Symantec, Adobe and
SpyBot if installed).
Once you have the name of the bad guy, run TaskMan.
This shows a graphic display with degree of "badness" of
all processes running. Look for the "bad guy" and
quarantine him or kill him. You may see other potentially
"bad" ones but be careful: some are legit, like IBM,
Symantec, Adobe, etc.
Now run PestPAtrol and clobber those things in the registry
which look suspicious (the demo version will not do this
for you so use REGEDIT).
You might want to get the tool AdwareAway. It is a
shareware trial but is updatable for a short time and
clobbers most known CWS and trojans plus other things.
Using the above goulash of tools and getting the most
recent NAV defs every day I got rid of this CWS thing.
Once you remap your IE to the preferred page go quickly to
search and get rid of any sp.html file and rename any
help.dll or hlp.dll with a recent date in the system32
directory.
Good luck
Peter v.