Topic: The Jinx of Family Tech Support has struck (Read 4988 times)

NJAntman · « **on:** March 13, 2004, 11:05:14 am »

Tried to help mom with downloading Acrobat so she can finish her taxes online. Seems each time she tries to download the trial version from within either the TurboTax site or Adobe site the download doesn't complete. The actual download windows come up blank, no progres bars, never finishes. Convinced her not to do this from within AOL so tried it from her ComCast homepage using just IE. Yet it seems her Comcast homepage has been hijacked by a page called Netster.

Since we both have Comcast cable I directed her to change the homepage back by using IEs Tools - Internet Options - General tab - Home Page - Address and resetting it to what was on mine "http://www.comcast.net/comcast.html". I mimicked each step she should take including deleting mine and re-typing "http://www.comcast.net/comcast.html" exactly as it had been originally. On her system after changing the address from Netster.com to Comcast.com the Apply button never highlights, yet on mine it does. Sure enough, on hers the Netster is still homepage time and again. Oddly the default button sets it to MSN. Scratch my head, tell mom I'll ask advice on-line, end call.

Now the fun starts for me. I go online later that night and find I can no longer link from site to site. I can link place to place within a site, but any embedded link in a site to an outside site, or a link to an outside site from a post here no longer work.
The only actions I have taken are the re-typing of "http://www.comcast.net/comcast.html" in my Home Page Address and downloading/installing the trial version of Acrobat 6..0.1 from the Adobe site (never went to the Netster site, why step on that landmine).

What the hell? I've been jinxed by attempting to help mom. Any ideas folks? (other than blocking moms phone number)

ActiveX · « **Reply #1 on:** March 13, 2004, 11:07:26 am »

How were you communicating with her?

NJAntman · « **Reply #2 on:** March 13, 2004, 01:25:49 pm »

Phone.

Sirgod · « **Reply #3 on:** March 13, 2004, 01:33:04 pm »

I've never heard of that happening. If she still needs Acrobat though, just take your copy of SFC3 over there and Install It.

Stephen

ActiveX · « **Reply #4 on:** March 13, 2004, 01:37:03 pm »

I dunno dude...

From what it sounds like, any theory is going to involve tin foil hats...

RogueJedi_XC · « **Reply #5 on:** March 13, 2004, 07:04:20 pm »

I deal with this every day.
Netster is one of many "home page hijackers". What they do is change you home page (usually to a page that looks like a search engine but is really an advertisement site where all the links go through that companies servers).
They also will make changes in the registry so that if you try to type in a URL without the "http://" (like just typing in "www.taldren.com") redirects to thier page then redirects you (supposedly) to the site you requested. The problem is, they rarely work.

The temporary work around is to type all URL's completely, using "http://" and so forth. Then, get Ad-Aware from http://www.lavasoftusa.com and do a smart system scan, then remove everything it finds (and it will find a lot of stuff, I guarantee it).
If that does not get rid of the hijacker, you may be looking at doing some registry hacking.

Once it's gone, though, educate your grandmother about these things. Do not click just any install button you see. If you get a window that looks like a windows dialog box with an Ok and Cancel button, but it's in an IE window, DO NOT CLICK ANYWHERE IN THE WINDOW. Instead, close the window with the big red x in the upper right (assuming she's running XP), doing otherwise will install malware on your computer. In fact, do that with all popup windows, at least until you can get a pop-up blocker installed.

NJAntman · « **Reply #6 on:** March 13, 2004, 07:20:14 pm »

Thanks for the info.

Didn't know the specifics of Netster but figured it was a hijcker. I think she had used Ad-Aware once before but as for registry editing thats too dangerous for her. Looks like I might be walking her thru a full re-install if Ad-Aware can't nix this one.

On the home front, I updated my AVG 6 and re-scanned and bam, three Java/Byte Verify infected files. Cleansed them but still cannot get site to site links to work, clicking on them has no effect what-so-ever. Nothing showing up on Spybot S&D.

Anyone know if its possible to just re-install IE by itself? I figure 50/50 odds I just screwed up some simple setting somehow whilst distracted with mom on the phone.

Demandred · « **Reply #7 on:** March 14, 2004, 10:02:30 am »

Quote:

Anyone know if its possible to just re-install IE by itself? I figure 50/50 odds I just screwed up some simple setting somehow whilst distracted with mom on the phone.

You might be able to install it over the top of the current copy. If it won't allow you to, you will have to re-install windows.

NJAntman · « **Reply #8 on:** March 15, 2004, 06:34:47 pm »

BUMP >ACK!! HELP ME KEEP MY SANITY < BUMP

I can't find a thing on the MS sites about this link problem and no replies on other forums. It seems that the only MS available solution is a registry hack to fool the repair/install program into thinking IE isn't there and the possibility it may be re-installed.

Trying to run across net without being able to link from site to site is excruciating. Like having to draw a picture of my feet before I place every step. I'm losing it!

Maybe I should attack this from the other side. If you wanted to mess with someones Windows settings to keep them from being able to use an embedded link, how could that be done?

I beg the collective assembly of knowledge that is this forum for help. Mom's original problem I can solve; this lack of link is a bear.

RogueJedi_XC · « **Reply #9 on:** March 16, 2004, 12:02:52 pm »

you don't need to try to re-install IE. What, exactly, is happening? Is this only on sites where the llinks open in a new window or does it also happen on sites that open new pages in the same window?

There are two ways to open a hyperlink in a new window, using the HTML anchor tag property "target=" or using a script (JavaScript or VBScript are the most prevalent). If the site uses the HTML method it should always work. But, sites these days are programed using a combination of the two methods. I believe these forums simply use the HTML "target=" method.

Way too much information, I know, but hang with me -- the background info is over.

.

If the security settings in IE have somehow got set to not allow scripting or if you have a pop-up blocker running, these hyperlinks will get blocked. Every time. Check your security settings in IE to make sure you have not blocked active scripting (Tools -> Internet Options -> Security) and then, if you have a popup blocker check it's settings to make sure it does not interfere with normal surfing.

If the problem happens with normal links, links that do not open in a new window, then there is something else going on and more information will be needed to figure out what it is.

NJAntman · « **Reply #10 on:** March 16, 2004, 04:37:47 pm »

Thanks for the reply.

This seems to be only on sites that open in a new windows (for instance any link posted in one of the forum threads won't work; links at the top of the forum page such as SEARCH or FAQ do work). The only method I now have of getting to these sites is to right click and from the properties pop-up screen copy the address and paste it into the browser Address bar. Even the the Open and Open in New Window commands in the right click pop-up screen don't work.

My Tools -> Internet Options -> Security setting is at Custom. In the Scripting section all three types are at Enable. I do see in MicroSoft VM - Java Permissions - set at High Safety, and in Miscellaneous - Access data sources across domains set at Disable.

The only blocker I have is Spybot S&D and its Immunize function set to block certain cookies such as "Avenue A", whatever that is.

The wierd thing is the only changes I made to the whole system prior to this problem was downloading the trial Acrobat 6.0.1 (have since deleted it) and physically copying and changing the Tools -> Internet Options -> General, Home Page, Address from "http://www.comcast.net/home.html" back to "http://www.comcast.net/home.html". I have a gut feeling this is where the problem started.

NJAntman · « **Reply #11 on:** March 17, 2004, 09:36:33 pm »

Problem fixed but not solved.

Noticed my ISP Icon had a companion Icon "ComcastSUPPORT". One of its options was "Fix or Restore My Programs" and it listed "Internet Explorer, Network Settings, Outlook Express, and Winsock Protection". Chose IE and it gave a listing of dates that changes had been made, tonight and March 6 being the last ones listed. Chose March 6 and it listed 81 changes roughly all similar to this "HKCU\Software|Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache/Extensible Cach...".
I gave the OK to go ahead and wham, I can now link from page to page again.

Problem fixed but just what the heck got fixed?

RogueJedi_XC · « **Reply #12 on:** March 18, 2004, 04:37:59 pm »

Interesting. It was something in your registry, what, though, I don't know. I'd be interested in finding out.

NJAntman · « **Reply #13 on:** March 18, 2004, 05:30:01 pm »

Yes, I am very interested in knowing. But going anywhere near the registry gives me the willies. I know I should make a copy of the registry and learn its inner workings; chances are this will happen again.

NJAntman · « **Reply #14 on:** March 13, 2004, 11:05:14 am »

Tried to help mom with downloading Acrobat so she can finish her taxes online. Seems each time she tries to download the trial version from within either the TurboTax site or Adobe site the download doesn't complete. The actual download windows come up blank, no progres bars, never finishes. Convinced her not to do this from within AOL so tried it from her ComCast homepage using just IE. Yet it seems her Comcast homepage has been hijacked by a page called Netster.

Since we both have Comcast cable I directed her to change the homepage back by using IEs Tools - Internet Options - General tab - Home Page - Address and resetting it to what was on mine "http://www.comcast.net/comcast.html". I mimicked each step she should take including deleting mine and re-typing "http://www.comcast.net/comcast.html" exactly as it had been originally. On her system after changing the address from Netster.com to Comcast.com the Apply button never highlights, yet on mine it does. Sure enough, on hers the Netster is still homepage time and again. Oddly the default button sets it to MSN. Scratch my head, tell mom I'll ask advice on-line, end call.

Now the fun starts for me. I go online later that night and find I can no longer link from site to site. I can link place to place within a site, but any embedded link in a site to an outside site, or a link to an outside site from a post here no longer work.
The only actions I have taken are the re-typing of "http://www.comcast.net/comcast.html" in my Home Page Address and downloading/installing the trial version of Acrobat 6..0.1 from the Adobe site (never went to the Netster site, why step on that landmine).

What the hell? I've been jinxed by attempting to help mom. Any ideas folks? (other than blocking moms phone number)

ActiveX · « **Reply #15 on:** March 13, 2004, 11:07:26 am »

How were you communicating with her?

NJAntman · « **Reply #16 on:** March 13, 2004, 01:25:49 pm »

Phone.

Sirgod · « **Reply #17 on:** March 13, 2004, 01:33:04 pm »

I've never heard of that happening. If she still needs Acrobat though, just take your copy of SFC3 over there and Install It.

Stephen

ActiveX · « **Reply #18 on:** March 13, 2004, 01:37:03 pm »

I dunno dude...

From what it sounds like, any theory is going to involve tin foil hats...

RogueJedi_XC · « **Reply #19 on:** March 13, 2004, 07:04:20 pm »

I deal with this every day.
Netster is one of many "home page hijackers". What they do is change you home page (usually to a page that looks like a search engine but is really an advertisement site where all the links go through that companies servers).
They also will make changes in the registry so that if you try to type in a URL without the "http://" (like just typing in "www.taldren.com") redirects to thier page then redirects you (supposedly) to the site you requested. The problem is, they rarely work.

The temporary work around is to type all URL's completely, using "http://" and so forth. Then, get Ad-Aware from http://www.lavasoftusa.com and do a smart system scan, then remove everything it finds (and it will find a lot of stuff, I guarantee it).
If that does not get rid of the hijacker, you may be looking at doing some registry hacking.

Once it's gone, though, educate your grandmother about these things. Do not click just any install button you see. If you get a window that looks like a windows dialog box with an Ok and Cancel button, but it's in an IE window, DO NOT CLICK ANYWHERE IN THE WINDOW. Instead, close the window with the big red x in the upper right (assuming she's running XP), doing otherwise will install malware on your computer. In fact, do that with all popup windows, at least until you can get a pop-up blocker installed.

NJAntman · « **Reply #20 on:** March 13, 2004, 07:20:14 pm »

Thanks for the info.

Didn't know the specifics of Netster but figured it was a hijcker. I think she had used Ad-Aware once before but as for registry editing thats too dangerous for her. Looks like I might be walking her thru a full re-install if Ad-Aware can't nix this one.

On the home front, I updated my AVG 6 and re-scanned and bam, three Java/Byte Verify infected files. Cleansed them but still cannot get site to site links to work, clicking on them has no effect what-so-ever. Nothing showing up on Spybot S&D.

Anyone know if its possible to just re-install IE by itself? I figure 50/50 odds I just screwed up some simple setting somehow whilst distracted with mom on the phone.

NJAntman · « **Reply #22 on:** March 15, 2004, 06:34:47 pm »

BUMP >ACK!! HELP ME KEEP MY SANITY < BUMP

I can't find a thing on the MS sites about this link problem and no replies on other forums. It seems that the only MS available solution is a registry hack to fool the repair/install program into thinking IE isn't there and the possibility it may be re-installed.

Trying to run across net without being able to link from site to site is excruciating. Like having to draw a picture of my feet before I place every step. I'm losing it!

Maybe I should attack this from the other side. If you wanted to mess with someones Windows settings to keep them from being able to use an embedded link, how could that be done?

I beg the collective assembly of knowledge that is this forum for help. Mom's original problem I can solve; this lack of link is a bear.

RogueJedi_XC · « **Reply #23 on:** March 16, 2004, 12:02:52 pm »

you don't need to try to re-install IE. What, exactly, is happening? Is this only on sites where the llinks open in a new window or does it also happen on sites that open new pages in the same window?

There are two ways to open a hyperlink in a new window, using the HTML anchor tag property "target=" or using a script (JavaScript or VBScript are the most prevalent). If the site uses the HTML method it should always work. But, sites these days are programed using a combination of the two methods. I believe these forums simply use the HTML "target=" method.

Way too much information, I know, but hang with me -- the background info is over.

.

If the security settings in IE have somehow got set to not allow scripting or if you have a pop-up blocker running, these hyperlinks will get blocked. Every time. Check your security settings in IE to make sure you have not blocked active scripting (Tools -> Internet Options -> Security) and then, if you have a popup blocker check it's settings to make sure it does not interfere with normal surfing.

If the problem happens with normal links, links that do not open in a new window, then there is something else going on and more information will be needed to figure out what it is.

NJAntman · « **Reply #24 on:** March 16, 2004, 04:37:47 pm »

Thanks for the reply.

This seems to be only on sites that open in a new windows (for instance any link posted in one of the forum threads won't work; links at the top of the forum page such as SEARCH or FAQ do work). The only method I now have of getting to these sites is to right click and from the properties pop-up screen copy the address and paste it into the browser Address bar. Even the the Open and Open in New Window commands in the right click pop-up screen don't work.

My Tools -> Internet Options -> Security setting is at Custom. In the Scripting section all three types are at Enable. I do see in MicroSoft VM - Java Permissions - set at High Safety, and in Miscellaneous - Access data sources across domains set at Disable.

The only blocker I have is Spybot S&D and its Immunize function set to block certain cookies such as "Avenue A", whatever that is.

The wierd thing is the only changes I made to the whole system prior to this problem was downloading the trial Acrobat 6.0.1 (have since deleted it) and physically copying and changing the Tools -> Internet Options -> General, Home Page, Address from "http://www.comcast.net/home.html" back to "http://www.comcast.net/home.html". I have a gut feeling this is where the problem started.

NJAntman · « **Reply #25 on:** March 17, 2004, 09:36:33 pm »

Problem fixed but not solved.

Noticed my ISP Icon had a companion Icon "ComcastSUPPORT". One of its options was "Fix or Restore My Programs" and it listed "Internet Explorer, Network Settings, Outlook Express, and Winsock Protection". Chose IE and it gave a listing of dates that changes had been made, tonight and March 6 being the last ones listed. Chose March 6 and it listed 81 changes roughly all similar to this "HKCU\Software|Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache/Extensible Cach...".
I gave the OK to go ahead and wham, I can now link from page to page again.

Problem fixed but just what the heck got fixed?

RogueJedi_XC · « **Reply #26 on:** March 18, 2004, 04:37:59 pm »

Interesting. It was something in your registry, what, though, I don't know. I'd be interested in finding out.

NJAntman · « **Reply #27 on:** March 18, 2004, 05:30:01 pm »

Yes, I am very interested in knowing. But going anywhere near the registry gives me the willies. I know I should make a copy of the registry and learn its inner workings; chances are this will happen again.

NJAntman · « **Reply #28 on:** March 13, 2004, 11:05:14 am »

Tried to help mom with downloading Acrobat so she can finish her taxes online. Seems each time she tries to download the trial version from within either the TurboTax site or Adobe site the download doesn't complete. The actual download windows come up blank, no progres bars, never finishes. Convinced her not to do this from within AOL so tried it from her ComCast homepage using just IE. Yet it seems her Comcast homepage has been hijacked by a page called Netster.

Since we both have Comcast cable I directed her to change the homepage back by using IEs Tools - Internet Options - General tab - Home Page - Address and resetting it to what was on mine "http://www.comcast.net/comcast.html". I mimicked each step she should take including deleting mine and re-typing "http://www.comcast.net/comcast.html" exactly as it had been originally. On her system after changing the address from Netster.com to Comcast.com the Apply button never highlights, yet on mine it does. Sure enough, on hers the Netster is still homepage time and again. Oddly the default button sets it to MSN. Scratch my head, tell mom I'll ask advice on-line, end call.

Now the fun starts for me. I go online later that night and find I can no longer link from site to site. I can link place to place within a site, but any embedded link in a site to an outside site, or a link to an outside site from a post here no longer work.
The only actions I have taken are the re-typing of "http://www.comcast.net/comcast.html" in my Home Page Address and downloading/installing the trial version of Acrobat 6..0.1 from the Adobe site (never went to the Netster site, why step on that landmine).

What the hell? I've been jinxed by attempting to help mom. Any ideas folks? (other than blocking moms phone number)

ActiveX · « **Reply #29 on:** March 13, 2004, 11:07:26 am »

How were you communicating with her?

NJAntman · « **Reply #30 on:** March 13, 2004, 01:25:49 pm »

Phone.

Sirgod · « **Reply #31 on:** March 13, 2004, 01:33:04 pm »

I've never heard of that happening. If she still needs Acrobat though, just take your copy of SFC3 over there and Install It.

Stephen

ActiveX · « **Reply #32 on:** March 13, 2004, 01:37:03 pm »

I dunno dude...

From what it sounds like, any theory is going to involve tin foil hats...

RogueJedi_XC · « **Reply #33 on:** March 13, 2004, 07:04:20 pm »

I deal with this every day.
Netster is one of many "home page hijackers". What they do is change you home page (usually to a page that looks like a search engine but is really an advertisement site where all the links go through that companies servers).
They also will make changes in the registry so that if you try to type in a URL without the "http://" (like just typing in "www.taldren.com") redirects to thier page then redirects you (supposedly) to the site you requested. The problem is, they rarely work.

The temporary work around is to type all URL's completely, using "http://" and so forth. Then, get Ad-Aware from http://www.lavasoftusa.com and do a smart system scan, then remove everything it finds (and it will find a lot of stuff, I guarantee it).
If that does not get rid of the hijacker, you may be looking at doing some registry hacking.

Once it's gone, though, educate your grandmother about these things. Do not click just any install button you see. If you get a window that looks like a windows dialog box with an Ok and Cancel button, but it's in an IE window, DO NOT CLICK ANYWHERE IN THE WINDOW. Instead, close the window with the big red x in the upper right (assuming she's running XP), doing otherwise will install malware on your computer. In fact, do that with all popup windows, at least until you can get a pop-up blocker installed.

NJAntman · « **Reply #34 on:** March 13, 2004, 07:20:14 pm »

Thanks for the info.

Didn't know the specifics of Netster but figured it was a hijcker. I think she had used Ad-Aware once before but as for registry editing thats too dangerous for her. Looks like I might be walking her thru a full re-install if Ad-Aware can't nix this one.

On the home front, I updated my AVG 6 and re-scanned and bam, three Java/Byte Verify infected files. Cleansed them but still cannot get site to site links to work, clicking on them has no effect what-so-ever. Nothing showing up on Spybot S&D.

Anyone know if its possible to just re-install IE by itself? I figure 50/50 odds I just screwed up some simple setting somehow whilst distracted with mom on the phone.

NJAntman · « **Reply #36 on:** March 15, 2004, 06:34:47 pm »

BUMP >ACK!! HELP ME KEEP MY SANITY < BUMP

I can't find a thing on the MS sites about this link problem and no replies on other forums. It seems that the only MS available solution is a registry hack to fool the repair/install program into thinking IE isn't there and the possibility it may be re-installed.

Trying to run across net without being able to link from site to site is excruciating. Like having to draw a picture of my feet before I place every step. I'm losing it!

Maybe I should attack this from the other side. If you wanted to mess with someones Windows settings to keep them from being able to use an embedded link, how could that be done?

I beg the collective assembly of knowledge that is this forum for help. Mom's original problem I can solve; this lack of link is a bear.

RogueJedi_XC · « **Reply #37 on:** March 16, 2004, 12:02:52 pm »

you don't need to try to re-install IE. What, exactly, is happening? Is this only on sites where the llinks open in a new window or does it also happen on sites that open new pages in the same window?

There are two ways to open a hyperlink in a new window, using the HTML anchor tag property "target=" or using a script (JavaScript or VBScript are the most prevalent). If the site uses the HTML method it should always work. But, sites these days are programed using a combination of the two methods. I believe these forums simply use the HTML "target=" method.

Way too much information, I know, but hang with me -- the background info is over.

.

If the security settings in IE have somehow got set to not allow scripting or if you have a pop-up blocker running, these hyperlinks will get blocked. Every time. Check your security settings in IE to make sure you have not blocked active scripting (Tools -> Internet Options -> Security) and then, if you have a popup blocker check it's settings to make sure it does not interfere with normal surfing.

If the problem happens with normal links, links that do not open in a new window, then there is something else going on and more information will be needed to figure out what it is.

NJAntman · « **Reply #38 on:** March 16, 2004, 04:37:47 pm »

Thanks for the reply.

This seems to be only on sites that open in a new windows (for instance any link posted in one of the forum threads won't work; links at the top of the forum page such as SEARCH or FAQ do work). The only method I now have of getting to these sites is to right click and from the properties pop-up screen copy the address and paste it into the browser Address bar. Even the the Open and Open in New Window commands in the right click pop-up screen don't work.

My Tools -> Internet Options -> Security setting is at Custom. In the Scripting section all three types are at Enable. I do see in MicroSoft VM - Java Permissions - set at High Safety, and in Miscellaneous - Access data sources across domains set at Disable.

The only blocker I have is Spybot S&D and its Immunize function set to block certain cookies such as "Avenue A", whatever that is.

The wierd thing is the only changes I made to the whole system prior to this problem was downloading the trial Acrobat 6.0.1 (have since deleted it) and physically copying and changing the Tools -> Internet Options -> General, Home Page, Address from "http://www.comcast.net/home.html" back to "http://www.comcast.net/home.html". I have a gut feeling this is where the problem started.

NJAntman · « **Reply #39 on:** March 17, 2004, 09:36:33 pm »

Problem fixed but not solved.

Noticed my ISP Icon had a companion Icon "ComcastSUPPORT". One of its options was "Fix or Restore My Programs" and it listed "Internet Explorer, Network Settings, Outlook Express, and Winsock Protection". Chose IE and it gave a listing of dates that changes had been made, tonight and March 6 being the last ones listed. Chose March 6 and it listed 81 changes roughly all similar to this "HKCU\Software|Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache/Extensible Cach...".
I gave the OK to go ahead and wham, I can now link from page to page again.

Problem fixed but just what the heck got fixed?

RogueJedi_XC · « **Reply #40 on:** March 18, 2004, 04:37:59 pm »

Interesting. It was something in your registry, what, though, I don't know. I'd be interested in finding out.

NJAntman · « **Reply #41 on:** March 18, 2004, 05:30:01 pm »

Yes, I am very interested in knowing. But going anywhere near the registry gives me the willies. I know I should make a copy of the registry and learn its inner workings; chances are this will happen again.

News:

Topic: The Jinx of Family Tech Support has struck (Read 4988 times) var addthis_config = {"data_track_clickback":true};

NJAntman

ActiveX

NJAntman

Sirgod

ActiveX

RogueJedi_XC

NJAntman

Demandred

NJAntman

RogueJedi_XC

NJAntman

NJAntman

RogueJedi_XC

NJAntman

NJAntman

ActiveX

NJAntman

Sirgod

ActiveX

RogueJedi_XC

NJAntman

Demandred

NJAntman

RogueJedi_XC

NJAntman

NJAntman

RogueJedi_XC

NJAntman

NJAntman

ActiveX

NJAntman

Sirgod

ActiveX

RogueJedi_XC

NJAntman

Demandred

NJAntman

RogueJedi_XC

NJAntman

NJAntman

RogueJedi_XC

NJAntman

Topic: The Jinx of Family Tech Support has struck (Read 4988 times)