TechSpot - PC Technology News and Analysis

Brief: I currently have a cable DSL, RCA router (with a generic IP address, no?) and Norton anti virus. I have recently scanned for viruses, installed all current patches of IE and Windows and still my IE is possessed by smut (gambling, porn, warning your computer can be tracked protection software ads, etc, etc).

Problems:
1. IE will open on its own onto my screen
2. Sites will commandeer my default site
3. Sites will insert themselves onto my favorites list (deleting them only makes room for new ones).

What’s going on? I thought I was protected. Do I have some back door open; wrong setting somewhere, accidentally installed something I shouldn’t have?

*note if I go to Network connections there is an item there which I don’t recognize. It just says: 1394 Connection enabled. I look under properties and am still unsure about. I’d delete/uninstall it but I don’t know if it’s good (necessary to the router) or bad (some Trojan horse), or neither.


BTW: I got an email to introduce myself. I’m currently a grad student, former military and the proud owner of a boxer (just a great dog). I also feel like one of the employees in that SNL skit “Nick Burns, your company computer guy” when it comes to computers, but I’m willing to learn.

This is my second thread and on the first one I was over whelmed at the number of responses. You all are great very helpful… so a heartfelt thanks to all.

Well it sounds like you have some spyware on your system. Download adaware and spybot to look for other stuff. This should get rid of all those popups and stuff.

BTW,
Welcome to TechSpot

Plus, disable "install on demand" in IE options, disable running unsafe scripts and read all dialog boxes carefully before clicking yes

1394 is firewire, you probably have one or more firewire ports on your machine. Why it has an active connection is something I can't answer unless your modem is using it rather than an NIC or USB.

Sounds like you've been visiting the wrong sites.

www.lavasoft.com should remove your spyware, including browser hijackers etc...

For future protection, AdAware Pro protects your computer from future invasions. Also, setting your IE security settings to something more secure may help you out a bit.

search for this file Bootconf.exe it is known to do what you described.

Yes I found "bootconfig" also "tpicfg" and "wmssys" all in C:\ listed as applications but with no summaries.

Should I delete these?

Did you even bother to run Adaware??? Run that, it should remove all that stuff....

Yes I bothered!!!! (jeez, nice attitude buddy) and it doesn't erase those three.

wmssys seems to be bad according to the only result I found on google for it.

This link my also interest you. There is a utility there called Hijack This, which seems to be pretty good at helping to identify spyware that hijacks your browser and help you get rid of it. http://www.spywareinfo.com/~merijn/

Thanks to Windows' file system, files can't be removed if they're in use. Check with Task Manager that they aren't running, kill the processes if they are. Then you should be able to delete them.

Try Spybot instead - http:/security.kolla.de

For AdAware, did you update the ad defenitions? It works a bit like a virus scanner, requiring the latest definitions to catch new spyware.

You may even want to boot into Safe Mode and run AdAware. This will allow it to delete or disable just about anything you cannot in Normal Mode.

try this to remove bootconf

http://www.pestpatrol.com/PestInfo/b/bootconf.asp