I would like to publicly express my deepest gratitude to Dean Fehribach for his assistance and insight in helping me with a serious computer issue yesterday.
I was the subject of a browser hijack and the culprit was still “in the wild” as new hacker issues are known. None of my anti-virus, anti-malware or anti-spyware software could detect this Trojan.
I had already spent several hours the day before deep scanning my system and scouring the internet to no avail.
I happened to get hold of Dean as soon as he arrived in the office and asked him if he knew of anything else I could try before throwing in the towel and reformatting my disk. We used instant messaging to prevent the hijacker from spreading via email or Thermwood’s forums.
Even though this had nothing whatsoever to do with Thermwood or eCabinet Systems, Dean took ownership and pointed me toward some tools that could look deeper into the system tan my current tools were capable.
Once we were able to identify a suspect, Dean scoured the internet for answers while I scoured the registry on my computer. He found a single reference for the particular issue and I was off to the races, digging deeper and deeper into my system.
Dean eventually had to get back to Thermwood business and I spent the rest of the day (until about 9:30 last night) ferreting out all of the places this nasty little beast was hiding.
Dean provided far more assistance than I asked for or expected…in fact, more assistance than I have ever received from any paid-subscription computer support service.
Dean, you are to be commended on the high level of customer CARE you exhibited. You exemplify the Thermwood way of doing business!
Now, please don’t take this as an invitation to call Dean with computer problems as that is outside the scope of Thermwood’s responsibility to us. I only wanted to know if he had any other ideas before I destroyed everything and started over.
The tools and methods we used require a deep knowledge of the Windows operating system and registry and are not user-friendly. Any of the actions that I took could have rendered my system inoperable at any time and are not recommended for the general public.
Thanks again Dean!
Attn: Ken Susnjara
Moderators: Jason Susnjara, Larry Epplin, Clint Buechlein, Scott G Vaal
-
Bryan Wilson
- Junior Member
- Posts: 38
- Joined: Thu, Dec 29 2005, 10:37AM
- Location: Elkhart, TX
Hello Dan
My sympathies for the time you hand to take about the trojan, and congradulations for beating it, and cheers to Dean.
After reading your post I was just curious about the problem, if you got it others will too, and in your search for info did it say it will become part of a virus definition for other anti virus programs?
What were the symptoms of this \"browser hijack\"?
On a different subect, I built a computer from a barebones kit (have built a couple) and am having some problems (I know this is not a computer forum but you have a lot of knowledge and precise answers,)
Pentium D 3.0
MachSpeed Mobo (replaced one due to my error)
1 gig DDR2 ram
Had it up, installed XP, installed a 4 channel video capture card and had the cameras running, powered down, removed the card and posted, everything OK. XP did a update (new installer and one other program), asked for a reboot, after that would not go past windows is starting screen, except in Safe I don't think it was an operating sys problem because Then after about 5 tries to restore, the computer just died, no HD activity, just the CPU fan on high running, no vid or bios .( this is not the first time this has happened I removed everything checked for a short on the fan mounting bracket, and posted out of the case, it worked, reistalled and was where I was at the first of this question)
Dan I first though it was the mobo because I could not get to bios, but now I'm thinking it could be the processor, any suggestions.
again sorry for using the forum for things other than ecab.
Bryan
My sympathies for the time you hand to take about the trojan, and congradulations for beating it, and cheers to Dean.
After reading your post I was just curious about the problem, if you got it others will too, and in your search for info did it say it will become part of a virus definition for other anti virus programs?
What were the symptoms of this \"browser hijack\"?
On a different subect, I built a computer from a barebones kit (have built a couple) and am having some problems (I know this is not a computer forum but you have a lot of knowledge and precise answers,)
Pentium D 3.0
MachSpeed Mobo (replaced one due to my error)
1 gig DDR2 ram
Had it up, installed XP, installed a 4 channel video capture card and had the cameras running, powered down, removed the card and posted, everything OK. XP did a update (new installer and one other program), asked for a reboot, after that would not go past windows is starting screen, except in Safe I don't think it was an operating sys problem because Then after about 5 tries to restore, the computer just died, no HD activity, just the CPU fan on high running, no vid or bios .( this is not the first time this has happened I removed everything checked for a short on the fan mounting bracket, and posted out of the case, it worked, reistalled and was where I was at the first of this question)
Dan I first though it was the mobo because I could not get to bios, but now I'm thinking it could be the processor, any suggestions.
again sorry for using the forum for things other than ecab.
Bryan
-
DanEpps
- Wizard Member
- Posts: 5852
- Joined: Thu, Jul 28 2005, 10:18AM
- Company Name: Dan Epps
- Country: UNITED STATES
- Location: Rocky Face GA
This partucular browser hijack caused links clicked in search results to be redirected to another search engine. For example, I could search for Thermwood, click on the http://www.thermwood.com link and I was redirected to some search site I had never heard of.
Unscrupulous folks do this to increase revenue for the search sites.
I submitted what little information I could gather to anti-spyware vendors so they can begin to find and eliminate this threat. There will always be threats like this on the internet and everyone should make sure to use a combination of anti-virus, anti-malware and anti-spyware software PLUS a firewall. Even so, all of these preventative measures do not protect users from new threats.
When you say you get no BIOS, do you mean you can't get into BIOS setup or the boot sequence just never gets that far?
Either way, it sounds like a motherboard problem to me. BIOS is the first thing to execute, even before the CPU and memory are initialized. If you are not getting to that point then the problem lies at the chipset or motherboard level.
What happens if you power-off the system and leave it overnight? Will it boot then? If so, and it later stops responding and will not boot, you likely have a crack in one of the motherboard layers. A very minute crack will not cause problems until the board heats up enough to cause expansion. At that point the crack widens and breaks continuity in the embedded circuitry.
The only other thing I can think of is a bad power supply. It might not be supplying stable voltage to the motherboard causing the same symptoms. If you have a multimeter you can unplug the motherboard connection to the power supply and check the voltage against the specifications for it. If the voltage is not correct or fluctuates, change it.
Unscrupulous folks do this to increase revenue for the search sites.
I submitted what little information I could gather to anti-spyware vendors so they can begin to find and eliminate this threat. There will always be threats like this on the internet and everyone should make sure to use a combination of anti-virus, anti-malware and anti-spyware software PLUS a firewall. Even so, all of these preventative measures do not protect users from new threats.
When you say you get no BIOS, do you mean you can't get into BIOS setup or the boot sequence just never gets that far?
Either way, it sounds like a motherboard problem to me. BIOS is the first thing to execute, even before the CPU and memory are initialized. If you are not getting to that point then the problem lies at the chipset or motherboard level.
What happens if you power-off the system and leave it overnight? Will it boot then? If so, and it later stops responding and will not boot, you likely have a crack in one of the motherboard layers. A very minute crack will not cause problems until the board heats up enough to cause expansion. At that point the crack widens and breaks continuity in the embedded circuitry.
The only other thing I can think of is a bad power supply. It might not be supplying stable voltage to the motherboard causing the same symptoms. If you have a multimeter you can unplug the motherboard connection to the power supply and check the voltage against the specifications for it. If the voltage is not correct or fluctuates, change it.
-
Bryan Wilson
- Junior Member
- Posts: 38
- Joined: Thu, Dec 29 2005, 10:37AM
- Location: Elkhart, TX
Thanks for the reply Dan
You answered one question I was having right off the bat, if the mobo needs the processor to boot
I had disconnected the power leads last night and reconnected them this morning and it booted up, I will check the voltages next,
I had already replaced the mobo once due to my error, I was in the process of formatting the disc and noticed that my fan on the side case was not running, after checking it was a broken + lead, I resoldered it and like a dummy,tried to connected it while the machine was running and couldn't get it connected, I reversed the connector and I guess shorted out the board
As I'm typing this it was booting up ( trying to reinstall XP, to stop it from stopping at Windows is starting screen) it just rebooted in the middle, like a power glitch. so I thing I will try a different mfg. mobo. with intel chipset instead of VIA and see if that works, already spent more time on it than I could have had it built I think..
Again thanks for the reply and your info gave me some in-site on the problem.
Bryan
You answered one question I was having right off the bat, if the mobo needs the processor to boot
I had disconnected the power leads last night and reconnected them this morning and it booted up, I will check the voltages next,
I had already replaced the mobo once due to my error, I was in the process of formatting the disc and noticed that my fan on the side case was not running, after checking it was a broken + lead, I resoldered it and like a dummy,tried to connected it while the machine was running and couldn't get it connected, I reversed the connector and I guess shorted out the board
As I'm typing this it was booting up ( trying to reinstall XP, to stop it from stopping at Windows is starting screen) it just rebooted in the middle, like a power glitch. so I thing I will try a different mfg. mobo. with intel chipset instead of VIA and see if that works, already spent more time on it than I could have had it built I think..
Again thanks for the reply and your info gave me some in-site on the problem.
Bryan