IE Getting hijacked!

[Guest]

Hello:

Whevever I launch a new IE instance by choosing Start/Internet Explorer, all
my current instances of IE are shut down and I am thown a default page which
is a promotional site, even though I have set www.microsoft.com as my home
page.

But once I click on Home, it goes to my home page. Whenever I open a new
instance by pressing CTRL-N or File/New/Window, the above behavior does not
happen.

Can somebody tell me how I can prevent this hijacking?

Thanks.

Venkat

 

[Jan Il]

Hi vvenk

You have a hijacker, malware, spyware or parasites on your system
causing this problem. Thus, in addition to running your updated anti-virus
program, you should do the following to be sure none of these are present on
your system. Although you may have already run one or more of the programs,
please do so again according to the instructions below. Some variants of
malware can replicate themselves over and over if not removed properly.
Please follow all instructions carefully to be sure your system is
thoroughly cleaned:

Dealing with Unwanted Spyware and Parasites:
http://mvps.org/winhelp2002/unwanted.htm
Be sure to run CWShredder, Ad-aware and Spybot.
Also be sure to use the About:Buster here
http://www.majorgeeks.com/download4289.html
http://www.atribune.org/downloads/AboutBuster.zip
AdAware se (Free)
http://www.lavasoftusa.com/support/download/
the newest version of CWShredder (2.0) here:
http://www.majorgeeks.com/download3019.html
and the HijackThis. Please do not post your log to this
newsgroup, but to the SpywareInfo or the Aumha HiJackThis forums
http://forum.aumha.org/viewforum.php?f=30, to allow the experts there to
evaluate your log and advise you of the necessary steps to clean your
system.

CAUTION!!!!! Before you try to remove spyware using any of the programs
below, download a copy of LSPFIX from any of the following sites:
http://www.cexx.org/lspfix.htm
http://www.spychecker.com/program/winsockxpfix.html
(if your OS is Win2k or XP) The process of removing certain malware may kill
your internet connection. If this should occur, this program, LSPFIX, will
enable you to regain your connection.

Also, get a copy of WinsockFix Utility
http://www.dfwonline.net/files/WinsockFix.zip
or
WinsockXPFix available at:
http://www.spychecker.com/program/winsockxpfix.html
and
WinsockXP Fix- WinXP
http://www.spychecker.com/program/winsockxpfix.html
Also, with instructions, at
http://www.iup.edu/house/resnet/winfix.shtm
also
From LavaSoft- all versions of Windows-
http://digital-solutions.co.uk/lavasoft/whndnfix.zip
also ....
(NOTE: It is reported that in XP SP2, the command netsh winsock reset
will fix this problem without the need for these programs.)

Also.........

Courtesy of Jim Byrd -

Download Sysclean.com, from Trend Micro, here:
http://www.trendmicro.com/download/dcs.asp along with the latest pattern
file, here:
http://www.trendmicro.com/download/pattern.asp
Be sure to read the "How-to" info here:
http://www.trendmicro.com/ftp/products/tsc/readme.txt
You might also want to get Art's updater, SYS-UP.Zip, here for future
updating of these: http://home.epix.net/~artnpeg/.
(If you download and use the updater from the beginning, it will
automatically handle downloading the other files. Place them in a dedicated
folder after appropriate unzipping, and then run. This scan may take a long
time, as Sysclean is VERY extensive and thorough

and......

NOTE: If you can not download these programs from the Internet, if your PC
has CD read capabilities, go to another computer with CD-ROM burning
capabilities. Create a folder on the hard drive of the other computer called
HOLD, download the programs to that folder, then burn that folder to a CD.
Copy the HOLD folder to your HD and then install the programs from there
and run them. After you have IE access again, update all programs where
possible to get the latest definitions and run them again in Safe Mode to be
sure there are no lingering items on the system.

also...........

Additional information on how to protect your PC:
The Parasite Fight http://www.aumha.org/a/quickfix.htm
More security tips at http://www.aumha.org/a/parasite.htm
Bugs, Glitches & Stuffups: http://www.mvps.org/inetexplorer/Darnit.htm

So how did I get infected in the first place?
http://boards.cexx.org/viewtopic.ph...ghlight=&sid=53751d8ff5915261af727df08e66ce0d
or
http://snipurl.com/980t


If these steps do not resolve your problem, please post back to this thread
with the details and any error messages.

Hope this helps

Jan
Smiles are meant to be shared,
that's why they're so contagious.

Please reply to the newsgroup so others may benefit.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm

 

[Tom Dacon]

Download Spybot Search and Destroy, and Lavasoft's AdAware Personal SE,
update their spyware definitions from their publishers' sites, and run them
to clean up your system. If that doesn't do it, try Hijack This, which is
sort of a last resort for problems like this. Chances are pretty good that
one of the first two I mentioned will clear up your problem. There are
others as well, such as SpySweeper, but the ones I mentioned first are the
ones I have personal experience with, and have helped me clean up some
really badly infected systems.

Once you have your system clean, scan it with the above products from time
to time, after updating their definitions from the publisher sites. This'll
keep you in good shape.

This is a separate issue, but do you run anti-virus software and keep it
updated? How about a software firewall? If you're running Windows XP,
install service pack 2 and allow it to run its software firewall. If you
don't have antivirus software, Norton Antivirus is almost always the
top-rated product, but updating the virus definitions requires paying for a
subscription. If you don't want to spend money for this protection, download
and install something like Grisoft's AVG antivirus package, which is free
for personal use. A better software firewall than the Windows XP SP2 one is
ZoneAlarm, which is also free for personal use. In any case, set these
products up so that they download updates from the publishers' sites
frequently.

So there you have it. Firewall, antivirus protection, spyware scanning and
removal software. And good browsing habits. Be careful of downloading and
installing software on your system unless you know whether it's
surreptitiously installing something you don't want on your machine. This
can sometimes be hard to figure out. Try searching the web for the name of
such products, to see if there's any evidence that they're really spyware or
browser hijackers.

Tom