I am infected again!!! How? I duno...
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: I am infected again!!! How? I duno...

  1. #1
    Member
    Join Date
    Apr 2004
    Posts
    92

    I am infected again!!! How? I duno...

    Goodday



    Every Time i open my IE i recieve a message like this

    An error has occurred in the script on this page
    Line: 1
    Char: 2
    Error Object doesnt support this property or method
    code: 0
    Url: File//c:\\WINNT\htwtb.bin

    Do you want to continue scripts on this page?
    Yes or no

    Secondly i cant run virus scan and cant Even CTRL ALT DELETE.

    An unknown file which i sfound cant be deleted as well.

    C:\Program Files\ISTsvc.

    What should i do now, someone please tell me how did i get infected in the first place?
    I am wearing a condom all this while.....
    Will to Learn
    javascript:myimagepopup(300,400,\'\')

  2. #2
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,247
    check out this link

    http://mvps.org/winhelp2002/unwanted.htm

    Found using the I'm feeling lucky button at Google.

    I'm sure the same downloads and resolutions are posted here as well but I'm too tired to search AO.

    I hope this helps
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  3. #3
    Senior Member
    Join Date
    Jul 2005
    Posts
    277
    Novkhan,

    hate to be the bearer of bad news, you have adware on your comp.

    Have you tried removing istsvc via add/remove programs in control panel?

    There is a site that gives the software to remove:

    Click here

    Not an expert, but this should help.
    Difficult takes a day, Impossible takes a week~Kthln01!

  4. #4
    Junior Member
    Join Date
    May 2005
    Posts
    9
    Howdy,

    My First post, please be kind ;-)

    A quick google for "ISTsvc" reveals that this is most likely (because I like to stay away from absolutes) Spyware of the IE hijacking type.

    Symantec: http://sarc.com/avcenter/venc/data/adware.istbar.html

    You could download Symantec's tool to start:
    http://securityresponse.symantec.com...r/FxIstbar.exe

    Then I would recommend rebooting in safe mode (hard boot, if needed) to see if your antivirus works. Also rerun the cleaning tool in safe mode as a double check.

    If you need more info/help on safe mode reboot and antivirus scan I'll post more.

    After you're able to clean out the problems I'd suggest using several programs to clean/check/watch your computer:
    Ad-aware: http://www.lavasoft.com/
    BHODemon: http://www.definitivesolutions.com/bhodemon.htm
    Spybot Search & Destroy: http://www.safer-networking.org/en/download/

  5. #5
    Senior Member DakX's Avatar
    Join Date
    Jul 2005
    Posts
    128

    Re: I am infected again!!! How? I duno...

    Originally posted here by novkhan

    Url: File//c:\\WINNT\htwtb.bin
    This mean that when you start up IE it tries to open that file. Your browser has been hijacked. Delete the file and run a anti-spyware program.
    Also try this page: >clickety</ This guy made hijack this. If your browser gets hijacked try it.
    Other problems? Pm me i have list of programs that might be usefull.
    [T]he future is now.

  6. #6
    Junior Member
    Join Date
    Jul 2005
    Posts
    1
    Go to http://majorgeeks.com/BHODemon_d3550.html
    Grab the BHODemon software.

    The ISTsvc is a toolbar that uses open IE Browser Helper Objects to install itself. This is what changes your homepage and also redirects your searches to sites other than what you choose.

    You should stop using IE, or lock it down to Paranoid security settings, this is cumbersome as you will be prompted to click on every little thing to Allow or Disallow it for every site you visit.

    Another solution once you are rid of this pest, the most common is to stop using IE, there are many other freely avaible web browser that are just as good and don't interact in ways not intended.

    IE is an excellent program, it is by no means solely at fault. These programs take advantage of other bits of software to run as the service running the browser to hide themselves from the users view. Most likely ActiveX scripting, VB scripting, malicious Java, take your pick.

    Another option if you insist on using IE is to modify your HOSTS file to block or allow certain sites. This will directly take the security away from Windows and put it in your hands. There are a few ready made hosts files, with well , known adware/spware sites already on the list to block. You can find one here. http://pgl.yoyo.org/adservers/


    I also suggest you take some time to study up on how this happens. By doing this you will arm yourself to defend against it, and you will cease to be a victim of it.

    Best of luck to you.

  7. #7
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    You want to know how?

    someone please tell me how did i get infected in the first place?
    1. By using Internet Explorer and not locking it down...............Get Firefox, Mozilla, Opera or whatever for general browsing.
    2. By visiting "Warez" sites
    3. By visiting "hacker" sites
    4. By visiting pornographic sites
    5. By visiting sites where copyright material is illegaly shared
    6. By not keeping your operating system up to date
    7. By opening attachments you shouldn't
    8. By not having a properly configured firewall

    I would say that those are the most common causes of infection, just select the ones that apply to you
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  8. #8
    Senior Member DakX's Avatar
    Join Date
    Jul 2005
    Posts
    128
    Originally posted here by nihil

    1. By using Internet Explorer and not locking it down...............Get Firefox, Mozilla, Opera or whatever for general browsing.
    Euhm Nice reasons but i see an error. Mozilla is the company that makes firefox.
    I got a few others:
    9. Not weeckly scanning for infections (virus)
    10. not weeckly scanning for spyware, adware and mallware.
    11. Dowloading everything that has free on it. Shareware isn't to be trusted at all times
    12. By using a non secure network
    13. Byt using a peer to peer program like kazaa
    [T]he future is now.

  9. #9
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Hi DakX

    I was referring to Mozilla 1.7.x which you can still get hold of.

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  10. #10
    Senior Member DakX's Avatar
    Join Date
    Jul 2005
    Posts
    128
    Ow you mean it al together: firefox and thunderbird. Or am i mistaken and i mozilla also a program?
    [T]he future is now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides