January 18th, 2004, 03:19 PM
returned mail spyware infection
I opened an email addressed from "returned mail". What a mistake. It has taken over my browser homepage and locked me out from being able to access school web sites to write lesson plans. It defaults to i-Lookup.com and has put porn onto my computer. what can I do?
January 18th, 2004, 03:27 PM
Run a spyware/adware cleaner like spybot of adaware, also make sure your antivirus is up-to-date.
The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content
January 18th, 2004, 04:01 PM
http://www.swatit.org ....."Swatit 2.1"
also get http://www.winpatrol.com ...."WinPatrol" and take a look at what is starting up and the IE add-ons (BHO.........browser helper objects)
If you need links just do a google search for AdAware 6.0 and SpyBot Search & Destroy.
Post back when you have run all these.
Please remember to update them all, and your antivirus (AV) then reboot into safe mode before running them.
After that go to: http://www.merijn.org/downloads.html
Get "Hijack This!", "CWShredder" and "Startuplist" You can run "CWShredder", but make sure you have no other browser windows open
Also go to http://www.webattack.com/get/hostadmin.html and get "Host Administrator"
You will now need to post back here and we can check the results. You do need to do this so we can advise you how to build your second and third level defences to prevent this sort of thing happening again?
I seem to be repeating myself, so perhaps I should sit down, lay of the beer and write a comprehensive tutorial, rather than the over elevated "advisories" I have done so far? does anyone think that would be useful? I realise I would have to keep it up to date, but that is would be less effort than re-typing over and over
Good luck skboughton, and please get back to us
January 18th, 2004, 05:16 PM
Just out of curiosity, did the email immediately do a browser redirect, or was it an attachment?
Go for it, nihil. There can never be too many tuts...especially ones related to security. I'm trying to do some myself....WinXP hardening and the like. There are quite a few, but none that I've seen that explain why you should do this (such as how blocking 135-139 helps stop null sessions, etc.) You know...hardening for the extreme newb complete with explinations of the exploit, etc. (kinda like H.E. Lite or something)
Browser hijacks suck!
January 18th, 2004, 06:29 PM
I agree with that number guy.. 5768.. etc.. " Go for it nihil" it's a bitch repeating oneself over and over again for everyone that comes in here.. much easier to point them to a tut than retyping it again.
January 18th, 2004, 06:34 PM
It's either that, nihil, or put together a bunch of posts in wordpad to answer the common questions so that all you need to do is cut and paste....been considering that myself