Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: Debs. on 02 February 2009, 16:49:52
-
I went `round to visit a neighbour yesterday; he tried to show me a website on his desktop PC, but had terrible problems getting the 'real' site to display, for mostly, search results came back with the same (un asked-for) search-results website (not one I`ve ever seen a`fore)....."it`s been doing that for weeks" he said!
It`s obviously some kind of hijack/spyware/malware; so I dragged the newest versions of CCleaner and Spybot S & D off my pen drive and scanned: many items found by both programmes, all then cleansed and deleted but still I.E seems reluctant to go direct to a (real) specified URL.
As a clue; when installing; Spybot asked about I.E 'currently using a proxy' and if I wanted to update Spybot S & D using that proxy: to which I said no (of course).
Even following all that cleaning carried-out in safe-mode, the problem`s still there; what would be the next option?
I worry for my neighbour in case the malware is harvesting his private info. etc. :(
-
Dont take any chances. If it is something as complex as you state, wipe the slate clean and start again. I would only continue using a build if it was a simple bug that I had found and gotten rid of....
-
Easy have a look at the dns settings in tpc properties of the connection.
It will be set to a dodgy dns server.
-
Easy have a look at the dns settings in tpc properties of the connection.
It will be set to a dodgy dns server.
I was just thinking that John!!!!!! :D :-?
-
Caught something similar on my work laptop (after using a Power calculator from HP's website :o), spend about 3 days to clear it, in the end, wasn't worth messing about with, Windows CD in drive, rebuild.
-
If its like the one I had, its a clever piece of malware that I couldn't actually get my head around.
It wasn't DNS based, wasn't fake proxy based (this was behind our corporate firewall, so would block those), didn't appear to be a browser hijack in the true sense of the word. I started thinking along the lines of it being a fake browser, but any attempt to reinstall IE6 (yes, IE6 at work :(), or even manually copy all the dlls didn't resolve. Very, very clever, whatever it is.
I did managed to get it working for a few hours by stripping the registry, but it reinfected itself somehow.
-
Caught something similar on my work laptop (after using a Power calculator from HP's website :o), spend about 3 days to clear it, in the end, wasn't worth messing about with, Windows CD in drive, rebuild.
yep..always shorter and guaranteed results :y
and a healthy faster system..
-
I went `round to visit a neighbour yesterday; he tried to show me a website on his desktop PC, but had terrible problems getting the 'real' site to display, for mostly, search results came back with the same (un asked-for) search-results website (not one I`ve ever seen a`fore)....."it`s been doing that for weeks" he said!
It`s obviously some kind of hijack/spyware/malware; so I dragged the newest versions of CCleaner and Spybot S & D off my pen drive and scanned: many items found by both programmes, all then cleansed and deleted but still I.E seems reluctant to go direct to a (real) specified URL.
As a clue; when installing; Spybot asked about I.E 'currently using a proxy' and if I wanted to update Spybot S & D using that proxy: to which I said no (of course).
Even following all that cleaning carried-out in safe-mode, the problem`s still there; what would be the next option?
I worry for my neighbour in case the malware is harvesting his private info. etc. :(
I had a wee baddie that got past McAfee. I installed Avira AntiVir. Free on Tucows. It found it and not had a problem with anything since.
May get the "up-grade to Premium for £x.xx" coming up once a night when it runs the auto up-date but that's just a click on the X when the up-date is finished. Apart from that, you don't even know it's there.
http://www.tucows.com/preview/513451
-
Sorry guy's and Deb's but didn't understand anything that had been said..... :-[ :-[ :-[