Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I love getting into trouble ... here's an example:


  • Please log in to reply
24 replies to this topic

#1 theronkellystalker

theronkellystalker

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Ontario, Canada
  • Local time:11:39 PM

Posted 15 February 2005 - 07:46 AM

Well hello :woot:

I suppose I should elaborate on what my "Topic Title" implies.

I found BleepingComputer a few months ago because I went looking for trouble.

Some people are content to live quietly within safe, sterile, boundaries, but I question how much educational experience they might encounter if they are not willing to get dirty every once in a while. :)

I am relatively new to the Internet myself. I have a background in computer programming, desktop publishing, and advertising, so it is almost a mystery to me why it has taken so long to become immersed in the web.

It's too late to back out now ... I have fallen in love with the vastness and potential for adventure.

My first visit here came about because I picked up an horrendous infection of viruses, adware, malware, and spyware, in my first few weeks of exploring. This site, along with the TomCoyote Forums, provided me with both a cure, and some innoculation. That only made me more bold and daring. :flowers:

For example:
I have returned to BleepingComputer in an effort to return my gratitude for previous asssistance. I intend to become more involved with this forum because I was hijacked by an insidious little website called 24-7-search. It is now six days of effort trying to rid my computer of that little demon.

The following is an obviously edited URL of the site that has caused me so many problems for so long. This URL is very "hot". I strongly suggest that it be carefully reassembled and installed in your "Restricted Zone" so you never have to deal with it's infestation.

h t t p : / / w w w . 2 4 - 7 - s e a r c h . c o m :trumpet:

It replaces all tool and search bars with it's own search bar; your own toolbars mysteriously vanish. It replaces itself as the only available homepage on every re-start. It locks you out of every folder, and icon, on your desktop, including "My Computer". It causes evrything on the desktop to open as an Internet Explorer window, but open blank, with the message that your current security settings will not allow ActiveX to run in this window so nothing will display correctly. It "represents" itself as the only available option you have to do ... to go explore the products and links provided by this website.

If anyone else has had any similar experience of this, I would really like to know.

This is a very nasty infection and my warning is a gift in the form of my introduction. :cool:

I hope to use BleepingComputer as an educational base, but I plan to venture into any kind of nasty realms that I find in order to gain more experience. Whatever I learn from those adventures, I would like to share in my posts in the forum. Things like the problems I encounter, the cures for my afflictions, the sources for those cures, and obvious warnings about what to beware of.

I hope that I can put back into this forum a small fraction of what I have already received as a small token of my appreciation.

Good fortune to you all ... and good hunting. :inlove:

Theron :thumbsup:

Edited by theronkellystalker, 15 February 2005 - 07:50 AM.


BC AdBot (Login to Remove)

 


#2 paperghost

paperghost

  • Members
  • 156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 PM

Posted 15 February 2005 - 08:17 AM

Welcome :thumbsup:

Aside from the infection issue (which someone will pick up, but you need to check out the HJT forum for further instructions), i would say that if you intend to purposefully infect machines, you really should use a non production environment (ie a test system) rather than your standard machine to get these infections. 24/7 search has been around a while, and although there arent a great many examples of it on HJT forums, the ones that do exist have been cleaned up without too much fuss so you should be in safe hands on this board :flowers:

#3 theronkellystalker

theronkellystalker
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Ontario, Canada
  • Local time:11:39 PM

Posted 15 February 2005 - 08:45 AM

Thanks Paperghost :)

I don't mean to imply that I "want" those infections; I just don't intend to fear the possibility of becoming infected. :thumbsup:

If it wasn't for those nasty experiences, I wouldn't have a folder of the finest anti-bug software available on the Internet, all recomended by trustworthy technical people from forums like BleepingComputer and TomCoyote. Gifts like that can never be responded to with enough appreciation. :flowers:

As far as my latest infection is concerned, it's mostly cleared up now. I just haven't found the solution to my problem with the inability to open my desktop items yet. Still working on that.

Is there anywhere on the Internet that a person could acquire a posting of "hot" URL's to add to their Restricted Sites Zone? Maybe save a little grief along the way?
Just wondering. :trumpet:

Theron :inlove:

#4 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:11:39 PM

Posted 15 February 2005 - 09:02 AM

Have you got Spyware Blaster? It has a list of restricted sites that it prevents you from connecting to. It also runs in the background to prevent the installation of ActiveX controls.

This is a good read. It talks about using a Hosts file to block bad sites and includes one that you can read or download and use.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#5 theronkellystalker

theronkellystalker
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Ontario, Canada
  • Local time:11:39 PM

Posted 15 February 2005 - 09:36 AM

You're right Leurgy ... a very good read indeed :flowers:

I just learned about the creation of a Hosts File yesterday and want to get started creating one as soon as I get my "desktop" dilema fixed.

Your link will help a lot to get me started on that project.

I have the spyware program and that certainly is a good beginning to ensure protection, which I can also highly recommend to anyone else who reads this.

Great stuff ... thanks again. :trumpet:

Theron :thumbsup:

#6 Scarlett

Scarlett

    Bleeping Diva


  • Members
  • 7,479 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:As always I'm beside myself ;)
  • Local time:11:39 PM

Posted 15 February 2005 - 09:38 AM

:flowers: and Welcome to Bleeping Computer theronkellystalker

So happy that you stopped by and decided to stay. You seem to have aquired a wealth of experience. We cover all topics of computing here @ BC. The more knowledgeable and intelligent members that sign on the better for BC and everyone involved. So I for one am thrilled to see that you have become a member. Who is also planning on becoming an active one. :inlove:

It's too late to back out now ... I have fallen in love with the vastness and potential for adventure.


You and countless others here. I have been hooked from day one. I never thought of myself as a geek. :trumpet: But now I could not deny it no matter how hard I tried. :thumbsup:


BTW Canada is the land of my birth.

Edited by scarlett, 16 February 2005 - 12:45 AM.

Posted Image

#7 theronkellystalker

theronkellystalker
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Ontario, Canada
  • Local time:11:39 PM

Posted 15 February 2005 - 09:55 AM

Well Happy BirthLand scarlett ... :flowers:

And thank you for your welcome.

Leurgy doesn't know it but we're almost neighbors. :trumpet:

I hope to be able to bring back to this forum, at the very least, as much as I take away. :inlove:

Theron :thumbsup:

#8 Sy...

Sy...

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 15 February 2005 - 01:54 PM

Have you got Spyware Blaster? It has a list of restricted sites that it prevents you from connecting to. It also runs in the background to prevent the installation of ActiveX controls.


Leurgy, can you run this with spybot and adware.

Sy...

#9 Scarlett

Scarlett

    Bleeping Diva


  • Members
  • 7,479 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:As always I'm beside myself ;)
  • Local time:11:39 PM

Posted 15 February 2005 - 02:20 PM

Yes you can. I use all three. Link in my sig. :thumbsup:
Posted Image

#10 Sy...

Sy...

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 15 February 2005 - 02:25 PM

Thanks, Scarlett. :thumbsup:

Sy...

#11 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:08:39 PM

Posted 16 February 2005 - 12:18 AM

~theronkellystalker Feb 15th

It's too late to back out now ... I have fallen in love with the vastness and potential for adventure.

Love is a many splendored thing, indeed. :thumbsup:

Edited by phawgg, 16 February 2005 - 12:19 AM.

patiently patrolling, plenty of persisant pests n' problems ...

#12 theronkellystalker

theronkellystalker
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Ontario, Canada
  • Local time:11:39 PM

Posted 16 February 2005 - 06:49 AM

I need some advice here. :flowers:

I want to raise the issue of my inability to open anything on my desktop as a result of being hijacked.

I'm looking for assistance to solve the problem, and explanations of whatever assistance is being suggested, so everyone can see the value that certain advice is useful for.

I like to try to clearly define what the problem is, but I really want to have a relatively detailed account of someone's analysys of the problem so this is available information for anyone who might be encountering similar problems. :inlove:

I'm not sure which part of the forum to start a new topic in. :trumpet:

I use windows 2k, but this is the aftermath of a hijacking, so there is a bit of ambiguity about where my thread would belong.

Could a moderator please suggest a place to begin?

Thanks

Theron :thumbsup:

Edited by theronkellystalker, 16 February 2005 - 06:50 AM.


#13 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:11:39 PM

Posted 16 February 2005 - 08:37 AM

Hi almost neighbour

Right click your icons and click properties. What do you see in the target box?

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#14 theronkellystalker

theronkellystalker
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Location:Ontario, Canada
  • Local time:11:39 PM

Posted 16 February 2005 - 09:34 AM

Whoaa ... :thumbsup:

You're going to need to be more specific than that. You're assuming that I know "something" (which isn't very likely). :flowers:

I did learn one thing in the past half hour.

When I log on as the "administrator" instead of as "myself", all of the folders and icons on the administrator's desktop open up just fine. So the problem seems to be isolated or localized to this particular desktop. Whenever I try to open anything I get the message that "Your security settings do not permit running ActiveX controls on this page so the ... blah blah" :inlove:

Believe me, this is progressive news. :trumpet:

Uhhh ... shouldn't we be doing this somewhere else?

Theron

Edited by theronkellystalker, 16 February 2005 - 09:45 AM.


#15 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:11:39 PM

Posted 16 February 2005 - 09:50 AM

Whenever I try to open anything I get the message that "Your security settings do not permit running ActiveX controls on this page so the ... blah blah"


Is this happening under the user account? You would seem to still have some hijacking problems. There is no way that clicking an icon should prompt activex to run. Open IE and go to Tools>Internet Options>General tab>Settings>View objects and post a screenshot of whats in there. This will tell you how to do that.

The target box is accessed from the properties box for the icon. The target would be the path to the application that the icon refers to.

Edited by Leurgy, 16 February 2005 - 09:52 AM.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users