IE possessed!

Status
Not open for further replies.
2

2727

Posts: 6   +0
Brief: I currently have a cable DSL, RCA router (with a generic IP address, no?) and Norton anti virus. I have recently scanned for viruses, installed all current patches of IE and Windows and still my IE is possessed by smut (gambling, porn, warning your computer can be tracked protection software ads, etc, etc).

Problems:
1. IE will open on its own onto my screen
2. Sites will commandeer my default site
3. Sites will insert themselves onto my favorites list (deleting them only makes room for new ones).

What’s going on? I thought I was protected. Do I have some back door open; wrong setting somewhere, accidentally installed something I shouldn’t have?

*note if I go to Network connections there is an item there which I don’t recognize. It just says: 1394 Connection enabled. I look under properties and am still unsure about. I’d delete/uninstall it but I don’t know if it’s good (necessary to the router) or bad (some Trojan horse), or neither.


BTW: I got an email to introduce myself. I’m currently a grad student, former military and the proud owner of a boxer (just a great dog). I also feel like one of the employees in that SNL skit “Nick Burns, your company computer guy” when it comes to computers, but I’m willing to learn.

This is my second thread and on the first one I was over whelmed at the number of responses. You all are great very helpful… so a heartfelt thanks to all.
 
Well it sounds like you have some spyware on your system. Download adaware and spybot to look for other stuff. This should get rid of all those popups and stuff.

BTW,
:wave: Welcome to TechSpot :wave:
 
Plus, disable "install on demand" in IE options, disable running unsafe scripts and read all dialog boxes carefully before clicking yes :p
 
*note if I go to Network connections there is an item there which I don’t recognize. It just says: 1394 Connection enabled. I look under properties and am still unsure about. I’d delete/uninstall it but I don’t know if it’s good (necessary to the router) or bad (some Trojan horse), or neither
Click to expand...

1394 is firewire, you probably have one or more firewire ports on your machine. Why it has an active connection is something I can't answer unless your modem is using it rather than an NIC or USB.
 
Sounds like you've been visiting the wrong sites. ;)

www.lavasoft.com should remove your spyware, including browser hijackers etc...

For future protection, AdAware Pro protects your computer from future invasions. Also, setting your IE security settings to something more secure may help you out a bit.
 
Yes I found "bootconfig" also "tpicfg" and "wmssys" all in C:\ listed as applications but with no summaries.

Should I delete these?
 
wmssys seems to be bad according to the only result I found on google for it.

This link my also interest you. There is a utility there called Hijack This, which seems to be pretty good at helping to identify spyware that hijacks your browser and help you get rid of it. http://www.spywareinfo.com/~merijn/
 
Thanks to Windows' file system, files can't be removed if they're in use. Check with Task Manager that they aren't running, kill the processes if they are. Then you should be able to delete them.
 
For AdAware, did you update the ad defenitions? It works a bit like a virus scanner, requiring the latest definitions to catch new spyware.
 
You may even want to boot into Safe Mode and run AdAware. This will allow it to delete or disable just about anything you cannot in Normal Mode.
 
Status
Not open for further replies.

Similar threads

Shawn Knight
Xbox Series X | S review roundup: Microsoft makes its case for next-gen
Replies
5
Views
2K
CrisisDog
C
Ivan Franco
  • Locked
The best password managers
2
Replies
39
Views
8K
ttrtilley
T
Steve
One year with Threadripper
Replies
6
Views
4K
Evernessince
Evernessince

Latest posts

Back