Dragon fluidhosts - browser hijack ?

[Pazuzu]

A friend is having problems with connecting to the internet. He is running XP & has minimal security - using the XP firewall. He formerly had Zonealarm.
When he uses Outlook Express or Internet Explorer http://www.dragon.fluidhosts.com/~jkarp1 appears on address bar. At this point he usually makes a hasty exit but today he got to a welcome page & a box appeared inviting him to 1/ click on information bar 2/ click on install 3/ enable active X
The welcome page has text " extreme misfits coming soon" as well as some casino & some sort of network security adverts. He noted that a message appeared showing that misfitz-420 modeled in vision was downloading -just before he shut down the PC.
Does this look familiar? Can anyone suggest a remedy ?

 

[Raventops]

Bad

Definetly a Browser Hijacker and it seems like he also has alot of malware / adware stuffed into his computer aswell. And most likely a few nasty viruses. Here are some basic steps to follow and it should clean up his system quite well.
**NOTE** you will need System Administrator Privilidges to follow these steps*

Before you follow these instruction, I strongly suggest you try to do a System Restore first. This will set your computers settings back to an earlier point in time without erasing important files or programs you may have gotten since. This is much easier and usually does the job quite well. To do this, go Start > Programs > Accecories > System Tools > System Restore. The rest is pretty self explanitory.

1. Boot up your system in Safe Mode.
2. Turn off System Restore. To do this, Right Click on "My Computer" and select the "System Restore Tab." Make sure system restore is disabled from there, click apply and OK.
3. Go to My Computer and click on "Tools." Scroll down then click on "Folder Options." From here, click on the "View" tab. Go down through the list until you see the section "Hidden FIles and Folders." Make sure the checkbox "Show hidden files and folders" is checked off, click apply then click OK.
4. Go to "My Computer." Click on the C: drive then click on your user account, Followed by "Documents and Settings." Then click on "Local Settings." Delete all files in the "Temp" folder and the "Temporary Internet Files" folder. (NOTE - This may be different on different OS or OS versions)
5. Right click on Internet Explorer and click "Properties." Delete Cookies, All Offline content.
6. Download Adaware SE from www.download.com or www.lavasoft.com and do a full system scan. Delete any results it brings up (should be quite a few)
7. Go here and follow these instructions, https://www.techspot.com/vb/topic30213.html
8. Lastly, go to http://www.merijn.org/downloads.html and download the latest version of HiJackThis. Make sure you save the file to your "Program Files." Do a full system Scan and save a logfile. Go here https://www.techspot.com/vb/topic19133.html and follow the instructions on how to post your HJTHIS file as an attachment.
9. Do a virus scan. If you are using norton, I suppose that is fine. I suggest AVG Antivirus free edition if you want the job done better

Another point, tell your friend to quit using internet explorer. It is a worlthess hunk of garbage with low security and reliability. Try downloading firefox, it is much more tuned up and works just fine + it helps keep the user as safe as possible.
Post back if this did not work
Hope this helped,

~drsnake~

 

[Pazuzu]

Thanks to Raventops

Your advice seems to have helped my friend to overcome the problem. He says he will itake action once he has digested all the information & "taken a break from this b***** PC
Thanks