TechSpot

IE possessed!

By 2727
Sep 29, 2003
  1. Brief: I currently have a cable DSL, RCA router (with a generic IP address, no?) and Norton anti virus. I have recently scanned for viruses, installed all current patches of IE and Windows and still my IE is possessed by smut (gambling, porn, warning your computer can be tracked protection software ads, etc, etc).

    Problems:
    1. IE will open on its own onto my screen
    2. Sites will commandeer my default site
    3. Sites will insert themselves onto my favorites list (deleting them only makes room for new ones).

    What’s going on? I thought I was protected. Do I have some back door open; wrong setting somewhere, accidentally installed something I shouldn’t have?

    *note if I go to Network connections there is an item there which I don’t recognize. It just says: 1394 Connection enabled. I look under properties and am still unsure about. I’d delete/uninstall it but I don’t know if it’s good (necessary to the router) or bad (some Trojan horse), or neither.


    BTW: I got an email to introduce myself. I’m currently a grad student, former military and the proud owner of a boxer (just a great dog). I also feel like one of the employees in that SNL skit “Nick Burns, your company computer guy” when it comes to computers, but I’m willing to learn.

    This is my second thread and on the first one I was over whelmed at the number of responses. You all are great very helpful… so a heartfelt thanks to all.
     
  2. poertner_1274

    poertner_1274 secroF laicepS topShceT Posts: 4,172

    Well it sounds like you have some spyware on your system. Download adaware and spybot to look for other stuff. This should get rid of all those popups and stuff.

    BTW,
    :wave: Welcome to TechSpot :wave:
     
  3. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    Plus, disable "install on demand" in IE options, disable running unsafe scripts and read all dialog boxes carefully before clicking yes :p
     
  4. StormBringer

    StormBringer TS Rookie Posts: 2,244

    1394 is firewire, you probably have one or more firewire ports on your machine. Why it has an active connection is something I can't answer unless your modem is using it rather than an NIC or USB.
     
  5. Rick

    Rick TechSpot Staff Posts: 4,573   +65

    Sounds like you've been visiting the wrong sites. ;)

    www.lavasoft.com should remove your spyware, including browser hijackers etc...

    For future protection, AdAware Pro protects your computer from future invasions. Also, setting your IE security settings to something more secure may help you out a bit.
     
  6. 4511Tech

    4511Tech TS Rookie

    search for this file Bootconf.exe it is known to do what you described.
     
  7. 2727

    2727 TS Rookie Topic Starter

    Yes I found "bootconfig" also "tpicfg" and "wmssys" all in C:\ listed as applications but with no summaries.

    Should I delete these?
     
  8. vassil3427

    vassil3427 TS Rookie Posts: 640

    Did you even bother to run Adaware??? Run that, it should remove all that stuff....
     
  9. 2727

    2727 TS Rookie Topic Starter

    Yes I bothered!!!! (jeez, nice attitude buddy) and it doesn't erase those three.
     
  10. StormBringer

    StormBringer TS Rookie Posts: 2,244

    wmssys seems to be bad according to the only result I found on google for it.

    This link my also interest you. There is a utility there called Hijack This, which seems to be pretty good at helping to identify spyware that hijacks your browser and help you get rid of it. http://www.spywareinfo.com/~merijn/
     
  11. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11

    Thanks to Windows' file system, files can't be removed if they're in use. Check with Task Manager that they aren't running, kill the processes if they are. Then you should be able to delete them.
     
  12. TS | Thomas

    TS | Thomas TS Rookie Posts: 1,319

    Try Spybot instead - http:/security.kolla.de
     
  13. Rick

    Rick TechSpot Staff Posts: 4,573   +65

    For AdAware, did you update the ad defenitions? It works a bit like a virus scanner, requiring the latest definitions to catch new spyware.
     
  14. Rick

    Rick TechSpot Staff Posts: 4,573   +65

    You may even want to boot into Safe Mode and run AdAware. This will allow it to delete or disable just about anything you cannot in Normal Mode.
     
  15. Tarkus

    Tarkus TechSpot Ambassador Posts: 621

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...