I am infected again!!! How? I duno...

[novkhan]

Goodday



Every Time i open my IE i recieve a message like this

An error has occurred in the script on this page
Line: 1
Char: 2
Error Object doesnt support this property or method
code: 0
Url: File//c:\\WINNT\htwtb.bin

Do you want to continue scripts on this page?
Yes or no

Secondly i cant run virus scan and cant Even CTRL ALT DELETE.

An unknown file which i sfound cant be deleted as well.

C:\Program Files\ISTsvc.

What should i do now, someone please tell me how did i get infected in the first place?
I am wearing a condom all this while.....

[dinowuff]

check out this link

http://mvps.org/winhelp2002/unwanted.htm

Found using the I'm feeling lucky button at Google.

I'm sure the same downloads and resolutions are posted here as well but I'm too tired to search AO.

I hope this helps

[Kthln01]

Novkhan,

hate to be the bearer of bad news, you have adware on your comp.

Have you tried removing istsvc via add/remove programs in control panel?

There is a site that gives the software to remove:

Click here

Not an expert, but this should help.

[tsmonkey]

Howdy,

My First post, please be kind ;-)

A quick google for "ISTsvc" reveals that this is most likely (because I like to stay away from absolutes) Spyware of the IE hijacking type.

Symantec: http://sarc.com/avcenter/venc/data/adware.istbar.html

You could download Symantec's tool to start:
http://securityresponse.symantec.com...r/FxIstbar.exe

Then I would recommend rebooting in safe mode (hard boot, if needed) to see if your antivirus works. Also rerun the cleaning tool in safe mode as a double check.

If you need more info/help on safe mode reboot and antivirus scan I'll post more.

After you're able to clean out the problems I'd suggest using several programs to clean/check/watch your computer:
Ad-aware: http://www.lavasoft.com/
BHODemon: http://www.definitivesolutions.com/bhodemon.htm
Spybot Search & Destroy: http://www.safer-networking.org/en/download/

[DakX]

Originally posted here by novkhan

Url: File//c:\\WINNT\htwtb.bin

This mean that when you start up IE it tries to open that file. Your browser has been hijacked. Delete the file and run a anti-spyware program.
Also try this page: >clickety</ This guy made hijack this. If your browser gets hijacked try it.
Other problems? Pm me i have list of programs that might be usefull.

[Ah-Muhn-Ra]

Go to http://majorgeeks.com/BHODemon_d3550.html
Grab the BHODemon software.

The ISTsvc is a toolbar that uses open IE Browser Helper Objects to install itself. This is what changes your homepage and also redirects your searches to sites other than what you choose.

You should stop using IE, or lock it down to Paranoid security settings, this is cumbersome as you will be prompted to click on every little thing to Allow or Disallow it for every site you visit.

Another solution once you are rid of this pest, the most common is to stop using IE, there are many other freely avaible web browser that are just as good and don't interact in ways not intended.

IE is an excellent program, it is by no means solely at fault. These programs take advantage of other bits of software to run as the service running the browser to hide themselves from the users view. Most likely ActiveX scripting, VB scripting, malicious Java, take your pick.

Another option if you insist on using IE is to modify your HOSTS file to block or allow certain sites. This will directly take the security away from Windows and put it in your hands. There are a few ready made hosts files, with well , known adware/spware sites already on the list to block. You can find one here. http://pgl.yoyo.org/adservers/


I also suggest you take some time to study up on how this happens. By doing this you will arm yourself to defend against it, and you will cease to be a victim of it.

Best of luck to you.

[nihil]

You want to know how?

someone please tell me how did i get infected in the first place?

1. By using Internet Explorer and not locking it down...............Get Firefox, Mozilla, Opera or whatever for general browsing.
2. By visiting "Warez" sites
3. By visiting "hacker" sites
4. By visiting pornographic sites
5. By visiting sites where copyright material is illegaly shared
6. By not keeping your operating system up to date
7. By opening attachments you shouldn't
8. By not having a properly configured firewall

I would say that those are the most common causes of infection, just select the ones that apply to you

[DakX]

Originally posted here by nihil

1. By using Internet Explorer and not locking it down...............Get Firefox, Mozilla, Opera or whatever for general browsing.

Euhm Nice reasons but i see an error. Mozilla is the company that makes firefox.
I got a few others:
9. Not weeckly scanning for infections (virus)
10. not weeckly scanning for spyware, adware and mallware.
11. Dowloading everything that has free on it. Shareware isn't to be trusted at all times
12. By using a non secure network
13. Byt using a peer to peer program like kazaa

[nihil]

Hi DakX

I was referring to Mozilla 1.7.x which you can still get hold of.

[DakX]

Ow you mean it al together: firefox and thunderbird. Or am i mistaken and i mozilla also a program?