Browser Hijack, among other things

By cryus ยท 6 replies
Sep 7, 2008
  1. Both IE and Firefox are redirecting me to dummy search engine and shopping sites whenever I click a link directly off of google. I have to manually input any url in order to view the page. And that's if the browser LETS me view it. A majority of the sites I am trying to view to solve this problem seem to be "unable to connect". Downloads cut out after a few minutes and uploading is impossible.

    Is an ip that is asking to "verify content" occasionally in the browser"

    Following the instructions in this thread: topic58138

    Step 1: Unable to view the webpage. Manually disabled as many things as I could/ knew what they were either by going into to program or disabling though MSCONFIG.

    Step 2: I am unable to get past the "welcome" menu in XP if I have McAfee running at all anymore. Any other website you suggest I go to to get free software is "blocked". I get this:

    Unable to connect

    Firefox can't establish a connection to the server at ww.[insert name of website here] .com.

    * The site could be temporarily unavailable or too busy. Try again in a few

    * If you are unable to load any pages, check your computer's network

    * If your computer or network is protected by a firewall or proxy, make sure
    that Firefox is permitted to access the Web.

    I am able to visit sites such as worldofwarcraft or anything not security related

    Step 3: Same thing as above "Firefox can't establish a connection to the server at X

    Step 4: Same problem. I was able to dig up ver 2.0.2. Currently installed

    Step 5: Done

    Step 6: Unable to connect to the site. However I was able to connect to another site
    but the download instantly "completes" and clicking on the downloaded file gives me a invald Win32 App error

    Downloads seem to get cut off at 1.95 MB

    Step 7-12: Same issues. Can't get the download

    So at this point I am going to go find a clean computer that I can get all these downloads from and throw them on a thumb drive.

    I will post the results in this thread with new info.
  2. tw0rld

    tw0rld TS Maniac Posts: 572   +6

  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    This IP is registered to OrgName: Beyond The Network America, Inc. They seem to be involved in advertisements, if you disable your ads list, they no longer show up!

    I found a reference to PeerGuardian2 showing this on the PhoenixLabs site, home of PG. They seem to have a tracker going on that URL/IP, at however attempts to access the pctracker site result in 'connection timed out.'

    Where are you in this? Does this sound familiar? At any rate, I encourage you to use the referenced URL for malware cleaning, run the programs, attach the logs.
  4. rf6647

    rf6647 TS Maniac Posts: 829

    Here is a bump.

    Perhaps Cryus will post back a success story. A HJT log with the infection would be a handy reference.
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    A week later> Either he's dead in the water or found a fix elsewhere! I think users forget to close out questions when they do multi-forum posts!
  6. m00t

    m00t TS Rookie

    hi i'm new here, and was totally frustrated by this earlier today... I came across this post actually as I searched for a solution as I had tried, nod32, spybot S&D, adaware, sdfix, cwshredder, and MS live onecare. If for nothing else helpfully this will provide some closure to this thread for some other frustrated "googlers" that happen upon it.

    I had the same IP show up occasionally as the OP, and that's what led me to this thread.

    the solution to the problem was resolved by malwarebytes anti-malware v1.28, I think that is suggested to the OP in a link to a set of steps he should follow. But I just wanted to clarify that of all the things I tried it was the only one that found the problem (seems to have to do with some tssd*.dll files in system32).

    cheers and thanks for the thread.
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Welcome m00t. I cannot ind *.tssd.dll file description, but using tssd.dll brings up two foreign sites- always suspect for malware. As you notes, the person asking the question has not come back, so we don't know if anything was resolved.

    I am glad to head that the excellent Malwarebytes program handled your problem. Hopefully you had it remove the offended files. Thank you for letting us know that some of the suggested information was of help to you.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...