Need help to deal with IE Browser Hijacking
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Need help to deal with IE Browser Hijacking

  1. #1
    Junior Member
    Join Date
    Aug 2005
    Posts
    5

    Please help me!!! getting unknown links embeded in my web browser

    when browsing, my IE now has green hypertext links embeded in plain text...

    these links are directing to http://209.200.10.92/cgi-bin/ezlckl.fcgi?id=480 (or others like 896,200,213)...

    i've used my spyware cleaners and norton antivirus... but it won't clean this up...

    i have no idea where this is coming from...

    also i've been getting popups from this address http://209.200.10.90


    i would love to have some help with this...

    jamie
    Share on Google+

  2. #2
    Member
    Join Date
    Jul 2003
    Posts
    53
    First off, i strongly sugust to stop using ie and switch to firefox (less security flaws for now). Next the more information you provide the easier it will be for others to help; operating system, and so on. Ok to the problem first make sure your uptodate with all the microsoft patches. Next if running Windows xp (just assuming this) turn off system restore, and boot up in safe mode (if not sure on how to do this do a quick search). Next run your scans again, i suggust using both spyware and adware (both free). If that doesn't work i used a program about a year ago called hijackthis, google this or ask for help on how to use it. Basically what it will do is log your running process, which you then past onto there websit or i think people even here will look at it for you. Like i said google it and read up for a better explanation. Hope this helps.



    A quick google gave me this site for hijackthis http://www.tomcoyote.org/hjt/
    Share on Google+

  3. #3
    Senior Member
    Join Date
    Dec 2004
    Posts
    320
    <sarcasm> hey jamicach- post in a couple other forums areas, ok ? in case we miss the first ones. </sarcasm>

    ok, enough of that. you know some sites do this automaticaly. It is their way of fitting more advertising into less space.
    The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare
    Share on Google+

  4. #4
    Junior Member
    Join Date
    Aug 2005
    Posts
    5
    thanks...

    1st off, i have to use IE for work purposes...

    all my updates are updated according to windowsupdate (using windows xp)

    and i just ran the hijackthis program and got this log file...

    see attached txt file
    Share on Google+

  5. #5
    Junior Member
    Join Date
    Aug 2005
    Posts
    5
    1st off, i have to use IE for work purposes...

    all my updates are updated according to windowsupdate (using windows xp)

    and i just ran the hijackthis program and got this log file...

    see attached txt file
    Share on Google+

  6. #6
    Junior Member
    Join Date
    Aug 2005
    Posts
    5
    i'm not planning on using firefox....

    i just wanna know why i'm getting these stranges links and popups from this IP...
    Share on Google+

  7. #7
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)

    O15 - Trusted Zone: *.alpineaccess.com
    O15 - Trusted Zone: https://*.webconference.com
    O15 - Trusted Zone: http://www.workathomeagent.net

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www1.alpineaccess.com/alpine/login.jsp

    C:\PROGRA~1\AWS\WEATHE~1\Weather.exe

    take a look at those to begin wiht.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com
    Share on Google+

  8. #8
    Junior Member
    Join Date
    Aug 2005
    Posts
    5
    hmmm....

    i like weatherbug! anyway, i've been using that a long time before this happened...

    and alpineaccess and workathomeagent.net are my business links
    Share on Google+

  9. #9
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by jamicach
    hmmm....

    i like weatherbug! anyway, i've been using that a long time before this happened...

    and alpineaccess and workathomeagent.net are my business links
    Some people like autoerotic asphyxiation, too. That doesn't mean it's good for them.

    You asked for info, albeit in a poor netiquette fashion, and recieved some. Don't like the answer? Oh well.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
    Share on Google+

  10. #10
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    You don't have spyware. It looks like someone is bringing back the
    idea of smart tags

    I thought that bad publicity had killed this evil idea years ago.
    Lately I've been seeing these links too. They're not in the page content
    but get inserted by the browser, when javascript is enabled.

    I think there's a way to disable it. I'm researching it now.
    If you Google "green hyperlinks", you'll see that it's being reported
    by lots of people.



    OK! Late breaking news. Here it is.

    http://www.vibrantmedia.com/site/web_01a5.html

    I guess it looks like people with servers opt in to this service, and it then adds
    the mystery links to the page.
    I came in to the world with nothing. I still have most of it.
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides