chercat
July 1st, 2004, 04:48 PM
I need help before I make this worse .
I had several issues with being hijacked. I finally managed to reformat my HD , installed drivers , etc.
Installed ZA , then EZ Trust AV, went to Windows Update and applied what I thought were all critical patches , etc.I also went to this site to see how to reconfigure from my default security settings to have greater security , etc.
THis was yesterday ! Figured I was fairly safe for the moment .
Today I got around to installing Adaware and Spybot from links to this site .
I did not set up a mail program because I am in the process of waiting for DSL .
When I scanned with Spybot and Adaware was dumbfounded to see that I had 16 issues , one being a recurring DSO exploit every time I reboot that Spybot finds
Spybot's more info brought me to this linkhttp://www.greymagic.com/security/advisories/gm001-ie/
Can someone PLEASE help me resolve this before I get in over my head again!
I really thought I had installed all critical updates and my history shows I have since yesterday
When I did the tests indicated on the greymagic site , EZ does confirm and when I did a scan with Ez , I got this message :
number of files not cleaned /deleted / renamed : 2
C: Windows |Temporary Internet files |Content IE5\E453JM9J|simplebind(1).htm ( JS CodeBase.exploit infection)
and
C: Windows |Temporary Internet files \Content IE5\T7y1amt\advbind(1).htm ( same code base at end) .
When I reboot , I scan with Spybot and get the same DSO problem registry change in HKEY-Current- User\software\Microsopft\Windows\CurrentVersion|In
ternetSettings\Zone\0) that I just asked Spybot to fix and it supposedly did .
I upgraded to IE Explorer 6 when I did the updates and patches .
I am running 98SE .
ANd now those settings for security which I customized as soon as I started up the computer were changed and I had to change them back again .
Not sure if they are changing each time I reboot .
Someone told me that the hijaker I had before could still be in my BIOS even if I reformatted as it had happened to someone he knew so now I am not sure if that is the case or if this is something new .
I think this is a new issue and hopefully less invasive and easier to solve than reformatting !
I did rebott at home and the security settings that I did change to higher security seem to be OK now .
I am posting this at the library computer .
Can someone please check the link I have posted , given by the spybot site ( sorry - dod not know how to hyperlink_) and give me directions on how to delete . I am thinking I have to go into regedit but need explicit directions so I do not screw it up and make things worse .
Thanks
I had several issues with being hijacked. I finally managed to reformat my HD , installed drivers , etc.
Installed ZA , then EZ Trust AV, went to Windows Update and applied what I thought were all critical patches , etc.I also went to this site to see how to reconfigure from my default security settings to have greater security , etc.
THis was yesterday ! Figured I was fairly safe for the moment .
Today I got around to installing Adaware and Spybot from links to this site .
I did not set up a mail program because I am in the process of waiting for DSL .
When I scanned with Spybot and Adaware was dumbfounded to see that I had 16 issues , one being a recurring DSO exploit every time I reboot that Spybot finds
Spybot's more info brought me to this linkhttp://www.greymagic.com/security/advisories/gm001-ie/
Can someone PLEASE help me resolve this before I get in over my head again!
I really thought I had installed all critical updates and my history shows I have since yesterday
When I did the tests indicated on the greymagic site , EZ does confirm and when I did a scan with Ez , I got this message :
number of files not cleaned /deleted / renamed : 2
C: Windows |Temporary Internet files |Content IE5\E453JM9J|simplebind(1).htm ( JS CodeBase.exploit infection)
and
C: Windows |Temporary Internet files \Content IE5\T7y1amt\advbind(1).htm ( same code base at end) .
When I reboot , I scan with Spybot and get the same DSO problem registry change in HKEY-Current- User\software\Microsopft\Windows\CurrentVersion|In
ternetSettings\Zone\0) that I just asked Spybot to fix and it supposedly did .
I upgraded to IE Explorer 6 when I did the updates and patches .
I am running 98SE .
ANd now those settings for security which I customized as soon as I started up the computer were changed and I had to change them back again .
Not sure if they are changing each time I reboot .
Someone told me that the hijaker I had before could still be in my BIOS even if I reformatted as it had happened to someone he knew so now I am not sure if that is the case or if this is something new .
I think this is a new issue and hopefully less invasive and easier to solve than reformatting !
I did rebott at home and the security settings that I did change to higher security seem to be OK now .
I am posting this at the library computer .
Can someone please check the link I have posted , given by the spybot site ( sorry - dod not know how to hyperlink_) and give me directions on how to delete . I am thinking I have to go into regedit but need explicit directions so I do not screw it up and make things worse .
Thanks