-
May 4th, 2003, 02:51 PM
#1
Registered User
IE6.1 and home page
I am running IE6.1 and netacape and some where in time on my home system a changed was made with out me kowinfg to my DNS settings to some web page this web pagfe was search engine a favorites some how.
After looking more into this is had changed my full computer name.
I managed to take all this out of the dns settings. Now I can't see to get this ouit of the home page section when you set your home page to a certain page it wants to add a entry in front of it and add a tool bar at the bottom of the page when you bring up IE.
http://y8236.ecpm.com/passthrough/index.h
The entry is above.
I can't see to get rid of this entry from the home page settings in IE options. I have scanned my system numerious times fro adwear and have it removed and scanned system with nortion antivirus as well.
How can you tell if a system has been hacked into I have a hardware firewall in place and 2 software firewalls in places as well. Can a person tell if his or her system has been broken into.
Thanks for any help on this.
-
May 4th, 2003, 03:16 PM
#2
Driver Terrier
Search for ecpm.com in the registry - export and then delete any keys you find.
Also run Spybot - download it, run the install then immediately go to "online" and update it. Download the updates and then restart it. Then run search and destroy.
You can also immunise with spybot against many hijackings.
This particular one seems to be part of lop.com hijack... and it's evil.
You may need to go as far as this - in your case it will be ecpm.com
If you run a scan of Spybot Search & Destroy (fully updated, including betas), then lop.com will be wasted. If you still get the page redirect, go into your regigtry and enter XXXX.com (X being a random letter) or lop.com in your search query and delete every instance you find. If you still get the page redirect/lop install, you mind wanna disconnect your internet cable and run a text-within-file search for the offending domain during the night (it will take a while so you'd better get some sleep then). Delete every file that has that line of text in it (xxxx.com)
From cexx.org forums
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
May 4th, 2003, 05:35 PM
#3
Avatar Goes Here
IE 6.1? WTF, is that beta or something?
:::Asus A8N-Sli Premium:::AMD 3500+ @ 2.4ghz:::2x80GB 8mb cache RAID0 Array:::GeForce 7800GTX OC:::2GB Corsair XMS Memory:::500 Watt Enermax Liberty PSU:::16x Lite-on DVDRW:::
Counter Strike Source Forum and Server @ http://www.nvpclan.com -=Ninjas Vs. Pirates=-
-
May 5th, 2003, 04:38 AM
#4
Driver Terrier
Originally posted by Radical Dreamer
IE 6.1? WTF, is that beta or something?
I took it to mean that the security rollup package has been installed...
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
May 5th, 2003, 05:10 AM
#5
Geezer
-
May 5th, 2003, 06:21 AM
#6
Registered User
gator.com want delete
I have tried to remove the gator.com from regedit and want let me delete it.
Spybot does find it but seems it want take care of it. any other way of getting rid of the this off my system. Also took off zone alarm and installerd norton personal fire wall for home as well zone alarm did not see to be secure enough.
I have a linksys router installed that has a hardware fire wall as well. ALso XP has a built in fire wall too.
So how do we get rid of this last thing gator.com.
Puzzled.
-
May 5th, 2003, 06:36 AM
#7
Driver Terrier
Turn off system restore
Boot to safemode
then try and remove it
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
May 7th, 2003, 07:13 PM
#8
How to remove is found here http://www.doxdesk.com/parasite/lop.html
it is towards the bottom of the page.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks