Default homepage problems

[Guest Brent Hebert]

For the last several days I have been having a problem of my default homepage www.msn.com getting hijacked to another location http://luckysearch.net/ydtfs.I ran Spybot S&D 1.2 as well as Norton Antivirus 2004 and everything comes up clean. I have all the latest Windows Critical Updates. After running Ad Aware 6.0 I get the following Possible Browser Hijack attempt Object recognized! Type : File Data : ultimate traffic home.url Object : C:Documents and SettingsbrentFavorites Created on : 10/12/2003 3:44:41 AM Last accessed : 10/15/2003 2:20:26 AM Last modified : 10/12/2003 3:44:41 AMMy browswer is IE 6.0Any thoughts?Brent Hebert

[Guest Stompy]

Okay, is AdAware actually deleting that entry, or just telling you about it? Because you want it deleted, obviously. :-)Assuming that it is deleting it, yet it keeps coming back, there are a couple of things you can do.1) Go into the Internet Options window in IE, then the Programs tab, and click the Reset Web Settings button.2) If that doesn't help, then search the web for "ultimate traffic home remove" or something like that, and see if you can find a specific removal tool for that crap.Also, the next time you run adaware, make sure you check for updates first, and you can also check it's settings to make sure it's scanning and removing stuff like bad favorites URLs and the like. You might know that already, but I figured since I was here I should mention it.Good luck, and let us know!

[Guest Brent Hebert]

Actually the ultimate traffic home is the homepage Flight1 Ultimate Traffic.I do have the latest update for Ad Aware.Thanks for the tips :)Brent Hebert

[Sonar5 3]

Hi Brent,Here is my Recommendation.Dump that IE program IMMEDIATELY. Also, Are you running XP, if so, make sure you are not running in Administrator profile. And have you updated all your critical windows update files?You should set up a separate profile for surfing the net, as well as games that connect to the net.The Only time I ever use IE is to do windows update. EVER.I am using the following, and am virus free, Spyware, Free, Pop-up free, etc.... And every time I check my puter, it comes up as stealth. I run a router, 2 desktops, & two laptops, 3 of them wireless G.Here is what I am using.Spyware:Ad-Aware (Freeware)&Spybot-Search & Destroy (Freeware)VirusAVG Anti-virus (Freeware Version)Firewall:NO LONGER USING ZONALARMUsing Kerio Personal Firewall.**********MOST IMPORTANT, IMHO**********Mozilla's Firebird Browser. NO POP-UPS EVER, OR UNDER.. NONE, ZERO ZILCHFirebird is quicker than IE, (IMHO and others), More secure, IMHO, and rarely a target for the malcontent hackers out there.Mail - Mozilla's Thunderbird. Outlook is always a target, therefore eliminate the target, and get safer email.Links for programs:Firebird Browser http://mozilla.orgThunderbird Mail Client http://mozilla.orgKerio Personal Firewall http://kerio.comSpybot Search & Destroy http://www.safer-networking.org/Lavasoft Ad-Aware http://www.lavasoftusa.com/support/download/(Please note I run both Ad-Aware & Spybot just to be sure)And I also use exclusively Openoffice.org for My Office suite programs:http://openoffice.orgFor your problem, Dump all your cookies and clear your cache completely. Then run Spybot S&D.Having never had my browser hijacked, I'm not sure I can help you with that, but these tips will help you so that it does not happen again.Also, go here to read about browser hijacks: You will note one of the first things they also recommend is dumping IE in favor of Mozilla. I go one better by using Mozilla's Firebird, which is lean and mean.http://www.spywareinfo.com/articles/hijackedHope This helps,JoeWIndows XP stuff: (Not for Amateurs)http://blackviper.com//Begin Standard Disclaimer:Read the read me's and install files before installing any of this. You are responsible for your own computer's health, and if you do not understand the consequences of your own actions, simply do not install any of these programs, and let MS run your computer for you since they are so good at keeping their OS's and browsers running clean. ;-)//End Disclaimer:http://aboutpolitics.net/images/banner.gif.About Politics.net - FORUMShttp://pub207.ezboard.com/bpoliticsgivemel...tyorgivemedeath.Contribute to the Richard Harvey Scholarship Fund.http://www.avsim.com/pages/scholarship.shtml

[Guest Brent Hebert]

Thanks Joe,Good to see you again. I recently deleted all the cookies and cleared out my cache. The next morning the problem came up. It hijacks to the same two pages.I may try a different default page to see if it happens elsewhere. I've been using Pop-Up Stopper by Panicware for a while now and works great.Brent Hebert

[Sonar5 3]

Hi Brent,On the hijack link above, it gives pretty good instructions on removing this threat.You have to get the program Hijack This, and run that as well.1) Go to this page and read the removal instructions:http://www.spywareinfo.com/articles/hijacked/2) Run Hijack This: Get it here:http://www.tomcoyote.org/hjt/3) follow the rest of the instructions that are listed there. You must do all that they are asking.4) Please remeber, because of vulnerabilities that are inherant in IE, this or other problems may continue to happen again. I know it is hard to switch browsers, but you can still export and import all your favorites into another browser. It is an IE Vulnerability that causes this, and unless MS patches it, you are open to continued vulnerabilitis.5) I don't use other pop-up stoppers, because Firebird works seamlessly without additional program resources being used up by a secondary program. I prefer running lean and mean on my measely 1.2ghz rig, but I feel I still have another year left in her because I run it so clean. The minimal amount of programs running on my box, the better.*********************Try this little test once your system is cleaned up. And report back your impression.1) RUN IE with or without your pop-up stopper.go to msnbc.com and see how long it takes to load and what opens up.2) Run firebird and open MSNBC.com and compare. (The first time you run Firebird, go to Drudgereport.com - he has one popup which will enable you to revoke the ability to show pop-ups in the future.(IT IS IMPORTANT TO have your cache and history clean if you often visit that test site.)You should see dramatic differences in load times, and other fun stuff that MSNBC has happen to your allegedly secure browser.But mainly follow the instructions on the spywareinfo page and that should get you cleaned up.

[Guest Brent Hebert]

Joe,My Antivirus Live Update just downloaded the newest definition files. As I opened up Internet Explorer to msn.com, Norton detectd the "Trojan.Bootconf" virus. Below is the link to the information on it. I think this was the culprit all along.http://securityresponse.symantec.com/avcen...n.bootconf.htmlBrent Hebert

[Sonar5 3]

That is good news that you found it.But you are not done yet. Unless you know How you got infected, and how your machine was made vulnerable, you are a sitting duck for the next one.Oh yeah, please note that Symantec gives the removal instructions for IE, but no other browser. It is that browser IMHO, that makes you vulnerable to these types of attacks, and until MS fixes it, I cannot in good faith recommend anyone using IE.My Own Mom in Florida got the sobig virus because even she didn't listen and keep her XP updated. It took me about 3 hours on the phone to clean here up, get her patched spyware clean, and now she is happily using Firebird and loves it. (and she is almost 70 years old.) :-)I hope you figure out how you got it, so you can prevent it from occuring.Best Regards,Joe

[Guest Brent Hebert]

Thanks Joe,I ran a complete virus scan and it detected 3 corrupted files that was corrected. Then I ran the Hijack This and was able to clean out several entries relating to the problem.I am not sure how it got in, I have a feeling it was through an ActiveX application.I reinstalled Windows on a clean drive a month ago and this problem started last week. So far so good. Windows XP just released 5 Critical updates just today. This operating system has more holes than Swiss cheese.Brent Hebert

[Sonar5 3]

Hi Brent,Glad you got it sorted out.I honestly don't feel it is the OS as much as it is IE, & Outlook.I run XP Pro, and have had zero problems with it. But I read up quite a bit and tweaked the heck out of it security wise.Next up for me will be services tweaking, which I will probably do next week. I have a whole lot of processes running I'm sure I won't need.That is where the blackviper site comes in.Glad to have helped you out.Regards,Joe

[Guest Ken_Salter]

Ok Joe I'm gonna give Mozilla a shot. I've never had any probs with IE, but I'm also looking for something new ;-)I have Red Hat on dual boot, but I use a Wireless NIC and there are no drivers for Linux for it :-(http://saltydogfly2.avsim.net/images/avsim_sig.jpg"Ah, the Luftwaffe - the Washington Generals of the History Channel." - Homer Simpson

[Sonar5 3]

Ken, when you go to mozilla's web site, try the FIREBIRD Browser, not Mozilla. They are alike but different. I know... Confusing, huh?Firebird is brand new from the ground up, and I love it and have had nothing but compliments from those that use it based upon my recommendation.If you still like IE, just make sure when you run Firebird, you don't choose it as your default. That way if you want to use both, all your default's are still set for IE.The setup is basically unzipping and putting into a folder. There is no install program.Here is the link:http://www.mozilla.org/Just look for the flames on the left hand side. It's Mozilla Firebird 0.7I still have 0.6.1 myself, so I guess I'll update mine as well.Any questions, let me know.Regards,JoePS - Come back here after you run it and let us know if the forums run faster for you. :-)

[Guest Ken_Salter]

Thanks I got the firebird - I must admit the forums are significantly faster. I was able to login no problem (no cookie problem that is).I use Outlook 2003 Beta - I also must say that MS seems to have tied up the security issues in this version, but time will tell. It is pretty impressive though if you have the hardware to run it.I'll keep messing around with Firebird and give it a final up or down directly.Sorry about the Cubbies - I'm not from the area but they (and the city) are my adoopted team/city - hopefully in our lifetimes....:-)http://saltydogfly2.avsim.net/images/avsim_sig.jpg"Ah, the Luftwaffe - the Washington Generals of the History Channel." - Homer Simpson

[Sonar5 3]

Yeah, that was a rough loss. But I have to congratulat ethe fish as they played their hearts out.For the Cubs, too many bobbled baseballs, and Dusty left hi spitchers in too long....Again.....If they keep th eteam intact and pick up a nother hitter or two, and solidify their middle relievers, they should be back next year.And yes, hopefully in our lifetimes. My oldest was kind of sad, but I told him he will see them in the playoffs again. I just hope his wait isn't as long as ours has been.Regards,Joe