also @ TechSpot: Iran targeted by Flame malware in 'most complex' cyber-attack yet

TechSpot
Register now for a live online demo to see how the Office 365 suite of tools
- professional email, calendars, video conferencing, and file sharing -

IE possessed!

Discussion in 'Software Apps' started by 2727, Sep 29, 2003.

Thread Status:
Not open for further replies.

  1. 2727 Newcomer, in training

    Brief: I currently have a cable DSL, RCA router (with a generic IP address, no?) and Norton anti virus. I have recently scanned for viruses, installed all current patches of IE and Windows and still my IE is possessed by smut (gambling, porn, warning your computer can be tracked protection software ads, etc, etc).

    Problems:
    1. IE will open on its own onto my screen
    2. Sites will commandeer my default site
    3. Sites will insert themselves onto my favorites list (deleting them only makes room for new ones).

    What’s going on? I thought I was protected. Do I have some back door open; wrong setting somewhere, accidentally installed something I shouldn’t have?

    *note if I go to Network connections there is an item there which I don’t recognize. It just says: 1394 Connection enabled. I look under properties and am still unsure about. I’d delete/uninstall it but I don’t know if it’s good (necessary to the router) or bad (some Trojan horse), or neither.


    BTW: I got an email to introduce myself. I’m currently a grad student, former military and the proud owner of a boxer (just a great dog). I also feel like one of the employees in that SNL skit “Nick Burns, your company computer guy” when it comes to computers, but I’m willing to learn.

    This is my second thread and on the first one I was over whelmed at the number of responses. You all are great very helpful… so a heartfelt thanks to all.
    2727, Sep 29, 2003
    #1

  2. poertner_1274 secroF laicepS topShceT

    Well it sounds like you have some spyware on your system. Download adaware and spybot to look for other stuff. This should get rid of all those popups and stuff.

    BTW,
    :wave: Welcome to TechSpot :wave:
    poertner_1274, Sep 29, 2003
    #2

  3. Nodsu Newcomer, in training

    Plus, disable "install on demand" in IE options, disable running unsafe scripts and read all dialog boxes carefully before clicking yes :p
    Nodsu, Sep 29, 2003
    #3

  4. StormBringer Newcomer, in training

    1394 is firewire, you probably have one or more firewire ports on your machine. Why it has an active connection is something I can't answer unless your modem is using it rather than an NIC or USB.
    StormBringer, Sep 30, 2003
    #4

  5. Rick TechSpot Staff

    Sounds like you've been visiting the wrong sites. ;)

    www.lavasoft.com should remove your spyware, including browser hijackers etc...

    For future protection, AdAware Pro protects your computer from future invasions. Also, setting your IE security settings to something more secure may help you out a bit.
    Rick, Sep 30, 2003
    #5

  6. 4511Tech Newcomer, in training

    search for this file Bootconf.exe it is known to do what you described.
    4511Tech, Oct 3, 2003
    #6

  7. 2727 Newcomer, in training

    Yes I found "bootconfig" also "tpicfg" and "wmssys" all in C:\ listed as applications but with no summaries.

    Should I delete these?
    2727, Oct 6, 2003
    #7

  8. vassil3427 Newcomer, in training

    Did you even bother to run Adaware??? Run that, it should remove all that stuff....
    vassil3427, Oct 6, 2003
    #8

  9. 2727 Newcomer, in training

    Yes I bothered!!!! (jeez, nice attitude buddy) and it doesn't erase those three.
    2727, Oct 6, 2003
    #9

  10. StormBringer Newcomer, in training

    wmssys seems to be bad according to the only result I found on google for it.

    This link my also interest you. There is a utility there called Hijack This, which seems to be pretty good at helping to identify spyware that hijacks your browser and help you get rid of it. http://www.spywareinfo.com/~merijn/
    StormBringer, Oct 6, 2003
    #10

  11. Mictlantecuhtli TS Special Forces

    Thanks to Windows' file system, files can't be removed if they're in use. Check with Task Manager that they aren't running, kill the processes if they are. Then you should be able to delete them.
    Mictlantecuhtli, Oct 7, 2003
    #11

  12. TS | Thomas Newcomer, in training

    Try Spybot instead - http:/security.kolla.de
    TS | Thomas, Oct 9, 2003
    #12

  13. Rick TechSpot Staff

    For AdAware, did you update the ad defenitions? It works a bit like a virus scanner, requiring the latest definitions to catch new spyware.
    Rick, Oct 9, 2003
    #13

  14. Rick TechSpot Staff

    You may even want to boot into Safe Mode and run AdAware. This will allow it to delete or disable just about anything you cannot in Normal Mode.
    Rick, Oct 9, 2003
    #14

  15. Tarkus TechSpot Ambassador

    Tarkus, Oct 11, 2003
    #15
Thread Status:
Not open for further replies.