Film-Tech Cinema Systems
Film-Tech Forum ARCHIVE


  
my profile | my password | search | faq & rules | forum home
  next oldest topic   next newest topic
» Film-Tech Forum ARCHIVE   » Community   » Film-Yak   » Windows XP problem -- Web browser getting hijacked. (Page 1)

 
This topic comprises 2 pages: 1  2 
 
Author Topic: Windows XP problem -- Web browser getting hijacked.
Randy Stankey
Film God

Posts: 6539
From: Erie, Pennsylvania
Registered: Jun 99


 - posted 10-15-2003 08:35 PM      Profile for Randy Stankey   Email Randy Stankey   Send New Private Message       Edit/Delete Post 
First off: I don't do Windows.

Some computers here at work are getting hijacked by their browsers. First the "start page" gets changed to some random URL. (Usually a porno site.) Then when you try to close the browser window or quit Internet Explorer you get "porno stormed" with 100s of pop-ups. You hae to force quit the program and/or reboot the computer to make it stop. Once that is done you can go back to your settings and change your start page to something normal. After a while it happens again and you have to repeat the proces. Sometimes it happens several times a day.

What I THINK is the cause is (yet another) security hole in Windows XP. I went on MS website and checked for updates. There is one that says, "malicous web content" can cause security problems but it doesn't specify what the problems are. Is this the problem or is there something else at play here?

I guess I don't know how to solve these kind of security problems because I never have them on my computer. Not having to deal with this kind of thing makes it so I don't have to develop the skills. I'm pretty good with MY computer (OS X) but I'm kind of embarrassed to admit that I know nothing when it comes to MicroCrap.

 |  IP: Logged

Mark Lensenmayer
Phenomenal Film Handler

Posts: 1605
From: Upper Arlington, OH
Registered: Sep 1999


 - posted 10-15-2003 08:54 PM      Profile for Mark Lensenmayer   Email Mark Lensenmayer   Send New Private Message       Edit/Delete Post 
Probably someone has downloaded a pest by accident.

Sounds like something like XUPITER. It does things like that. Right now, there are over 11,000 pesty things out there running around.

I use a program called PEST PATROL to keep this stuff away. It will remove just about anything.

XUPITER is very hard to remove manually, but it can be done.

I'd suggest downloading the demo of PEST PATROL (www.pestpatrol.com), which will identify the problems in demo mode (You have to pay to have the pests removed by this program.)

Once you have identified the pest, you can search on Google to find out how to remove the thing.

I'll be glad to get you more information if you can get me the name of the beast.

 |  IP: Logged

Phil Hill
I love my cootie bug

Posts: 7595
From: Hollywood, CA USA
Registered: Mar 2000


 - posted 10-15-2003 09:07 PM      Profile for Phil Hill   Email Phil Hill       Edit/Delete Post 
I agree Mark. I also use Pest Patrol and it's really great. Unfortunately, it still let's Brad's posts & emails thru....

>>> Phil

 |  IP: Logged

John Scott
Master Film Handler

Posts: 252
From: Oakdale, MN, USA
Registered: Jul 2000


 - posted 10-15-2003 09:14 PM      Profile for John Scott   Email John Scott   Send New Private Message       Edit/Delete Post 
Other programs you can use to help you are AdAware and SpyBot.

 |  IP: Logged

Joe Redifer
You need a beating today

Posts: 12859
From: Denver, Colorado
Registered: May 99


 - posted 10-15-2003 09:42 PM      Profile for Joe Redifer   Author's Homepage   Email Joe Redifer   Send New Private Message       Edit/Delete Post 
Here are a couple tips:

Change the start page so that no page is the home page. Why would you want to go to the same damn site every single time you launch your browser, anyway? The "bug" may be able to change your home page, but it can't change your browser's preference settings if you turned the home page feature off.

Don't use IE. Use a browser that blocks pop-ups like Opera 6 or Avant or Netscape 7 or Mozilla Firebird.

 |  IP: Logged

Randy Stankey
Film God

Posts: 6539
From: Erie, Pennsylvania
Registered: Jun 99


 - posted 10-15-2003 10:21 PM      Profile for Randy Stankey   Email Randy Stankey   Send New Private Message       Edit/Delete Post 
I did set the computer to have no start page. To me it's a waste. Why should I wait for some page to load before I get to do the thing I started the browser for in the first place?

Getting people to change their browser around here is going to be like pulling teeth. I tell people that the problem arises from Microsoft's lousy software and they don't believe. Maybe with time...

We downloaded and ran Pest Patrol. It found 16 different "AdWare", "Spyware" and "Browser Helper" files. Of course the program won't remove the junk unless you pay but it does tell you what the filenames of the offending malware are.

I don't remember the names of all the things P.P. found but there were no files name "xupiter". Some of the other computers around the office MAY have it, though. We only ran P.P. on one computer. I do remember something from "Yahoo" and a couple other familiar ones like "hitbox" and "techtracker", etc.

When I get this stuff on my Mac I just delete it and then set my browser (Camino) to blacklist things from those sites in the future.

Would it be OK to delete the files that Pest Patrol flags for us? I was thinking that we could make a "quarrantine" folder somewhere on the HD and move all of the files listed in Pest Patrol to that location. In the off-chance that something gets broken in the process it will be easier to put things back.

 |  IP: Logged

Daryl C. W. O'Shea
Film God

Posts: 3977
From: Midland Ontario Canada (where Panavision & IMAX lenses come from)
Registered: Jun 2002


 - posted 10-15-2003 10:30 PM      Profile for Daryl C. W. O'Shea   Author's Homepage   Email Daryl C. W. O'Shea   Send New Private Message       Edit/Delete Post 
Just use AdAware Randy, it'll delete or quarantine the crap for free.

http://www.lavasoftusa.com/support/download/

 |  IP: Logged

Joe Redifer
You need a beating today

Posts: 12859
From: Denver, Colorado
Registered: May 99


 - posted 10-15-2003 10:41 PM      Profile for Joe Redifer   Author's Homepage   Email Joe Redifer   Send New Private Message       Edit/Delete Post 
How do you know when you get this stuff on the Mac, Randy? I don't think there are any spyware/adware apps for the Mac.

 |  IP: Logged

Bobby Henderson
"Ask me about Trajan."

Posts: 10973
From: Lawton, OK, USA
Registered: Apr 2001


 - posted 10-15-2003 11:13 PM      Profile for Bobby Henderson   Email Bobby Henderson   Send New Private Message       Edit/Delete Post 
Mac-based malware does exist. But it is just not very common since the Mac user base is relatively small. Same goes for other variants of UNIX (although Linux-based viruses are becoming more and more common mainly to attack to the Apache web server). At least on the Mac side, you don't have to worry so much about security holes since the web browser and e-mail client isn't siamese-twinned into the core of the OS.

I agree with Daryl's recommendation for AdAware. It is easy to use and free for personal use. However, you do need to make sure you anti-virus software is updated as well for a complete one-two punch. Some viruses are written specifically to disable applications like AdAware.

quote:
Probably someone has downloaded a pest by accident.
Very likely. I would even go so far as to say many actually just click "ok" without thinking to let apps like this install.

One thing I find infuriating is if you're visiting a website and then it tries to force you into installing some application to stick their spam in your web browser. You want to click the "X" to close the window and it prompts you with "you must click OK." I just disconnect my Internet connection and reboot my computer instead. [fu]

 |  IP: Logged

William Hooper
Phenomenal Film Handler

Posts: 1879
From: Mobile, AL USA
Registered: Jun 99


 - posted 10-16-2003 02:25 AM      Profile for William Hooper   Author's Homepage   Email William Hooper   Send New Private Message       Edit/Delete Post 
Agreed, it's operator's clicking on any button that says "OK" & downloading pestware. It's propagated by often by many sleazy sites that have stupid online games to play.

Use AdAware, explain to the operators, begin the spankings.

 |  IP: Logged

Randy Stankey
Film God

Posts: 6539
From: Erie, Pennsylvania
Registered: Jun 99


 - posted 10-16-2003 08:13 AM      Profile for Randy Stankey   Email Randy Stankey   Send New Private Message       Edit/Delete Post 
Joe,

It's mostly cook-ies from those sites but you occasionally get the odd java applet that does some funky stuff. Then you have to remember that there are a lot of applications that try to "phone home" without you knowing.

Cook-ies are easy. Delete them. If your browser has cook-ie controls you can blacklist/whitelist sites. Camino does this. Cook-ies aren't that harmful but I occasionally check them and see who's been fooling around. I delete/blacklist the ones I don't want and keep/whitelist ones I like.

You can turn java/javascript off when you don't need it but that gets to be a pain. It'd be nice if there was a button in your toolbar or menu bar to toggle it on/off quickly.

My main solution has been to use a program called "Little Snitch". It's actually a kernel extension that is controlled by a pref. pane in your System Preferences menu/page. It watches your TCP/IP connection and lets you know when an outgoing connection is attempted. A dialog box pops up to alert you. You have the option of allowing or denying the connection. Furthermore you have the option of making a "rule" to blacklist or whitelist any connection.

Check it out on the web ==> Little Snitch

PS: I have to write "cook-ie" because I get a message that says "No cook-ies allowed" if I don't!

 |  IP: Logged

Evans A Criswell
Phenomenal Film Handler

Posts: 1579
From: Huntsville, AL, USA
Registered: Mar 2000


 - posted 10-16-2003 12:56 PM      Profile for Evans A Criswell   Author's Homepage   Email Evans A Criswell   Send New Private Message       Edit/Delete Post 
quote:
Change the start page so that no page is the home page. Why would you want to go to the same damn site every single time you launch your browser, anyway?
I've always set my browser starting page to a page that I use as my "jump site" for other sites I frequently visit. That way, I seldom have to type a URL for places I visit almost daily. I try to have links to sites I visit at least weekly on the "jump page", or no more than a click or two from it.

I've never had anything change my default "home page" that I set to load when starting a browser. I use Opera 98 percent of the time, but I've never had it happen with Internet Explorer or Netscape either. I guess I've been lucky.

 |  IP: Logged

Michael Schaffer
"Where is the
Boardwalk Hotel?"

Posts: 4143
From: Boston, MA
Registered: Apr 2002


 - posted 10-16-2003 01:19 PM      Profile for Michael Schaffer   Author's Homepage   Email Michael Schaffer   Send New Private Message       Edit/Delete Post 
I defined google as my start page since I often use the internet to look up stuff.

 |  IP: Logged

Randy Stankey
Film God

Posts: 6539
From: Erie, Pennsylvania
Registered: Jun 99


 - posted 10-16-2003 01:45 PM      Profile for Randy Stankey   Email Randy Stankey   Send New Private Message       Edit/Delete Post 
quote:

Evans Criswell: I try to have links to sites I visit at least weekly on the "jump page", or no more than a click or two from it.

I use my toolbar bookmarks for the same purpose.

My computer gets used in several places. Sometimes it's at work with the college's network. It's faster than dial-up but there is a latency problem. (Cache problems, I think.) At home I use it on dial-up. Sometimes I go places where I have an ethernet connection but no AirPort link.

If I had a start page, I'd have to wait for it to load. If I'm on dial-up I have to wait even longer. I couldn't get to my "jump links" until the page finished loading. (Or was substantially loaded.) With bookmarks I can have no Start Page and click directly to the sites I want. No waiting.

 |  IP: Logged

John Spooner
Expert Film Handler

Posts: 186
From: South Australia, Australia
Registered: Jan 2003


 - posted 10-16-2003 01:56 PM      Profile for John Spooner   Email John Spooner   Send New Private Message       Edit/Delete Post 
I had a look at the Little Snitch site, but no use to me as I do not have a Mac computer (just my old Dell Pentium 2 with W98) nor do I have, or want, a credit card.
As a matter of interest I downloaded the free LavaSoft ad-aware software and ran it. It found 98 malwares which it identified and removed. A large % of them were from Realplayer. I can highly recommend it.
Another good free software I use is AVG from Gri-soft.com , which catches any viruses as well as scanning both incoming and outgoing e-mail.
John Spooner.

 |  IP: Logged



All times are Central (GMT -6:00)
This topic comprises 2 pages: 1  2 
 
   Close Topic    Move Topic    Delete Topic    next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:



Powered by Infopop Corporation
UBB.classicTM 6.3.1.2

The Film-Tech Forums are designed for various members related to the cinema industry to express their opinions, viewpoints and testimonials on various products, services and events based upon speculation, personal knowledge and factual information through use, therefore all views represented here allow no liability upon the publishers of this web site and the owners of said views assume no liability for any ill will resulting from these postings. The posts made here are for educational as well as entertainment purposes and as such anyone viewing this portion of the website must accept these views as statements of the author of that opinion and agrees to release the authors from any and all liability.

© 1999-2020 Film-Tech Cinema Systems, LLC. All rights reserved.