Jump to content


Photo

IE Hijacked


  • Please log in to reply
1 reply to this topic

#1 ie_victim

ie_victim

    Member

  • New Member
  • Pip
  • 2 posts

Posted 06 July 2004 - 12:23 PM

Hello,

We are on a Win XP Home system and have done the following: :techsupport:

1. latest NAV defs and full scan - nothing found

2. RegClean ran and "fixed" errors found

3. Ran SpyBot 1.3 and got "DSO Exploit" - removed. This keeps appearing.

4. Ran AdAware 6.0 and it also removed some errors

The IE keeps going to about:blank and nothing we seem to do helps.

I ran HijackThis and this did not help either although I am a little afraid to delete
things in the list I recognize. The "AboutBuster" refers to "fixing" everything except Ro and R1 items. This looks questionable to me.

One additional thing happens that is very curious. The Baseline Analzyzer ends with serious errors for almost all checks with a message indicating that the registry cannot be accessed. I see this as very serious.

Before I post any logs I would appreciate someone's help. I usually am able to fix most Windows problems but this one has me stopped.

Any real help greatly appreciated.

Thanks,

"IE_Victim"

#2 ie_victim

ie_victim

    Member

  • New Member
  • Pip
  • 2 posts

Posted 26 July 2004 - 07:58 AM

Hi

I guess this problem did not get any input from anyone.
We fixed this ourselves and now have an active defense.

The worst thing that occurred was the registry entry for the IE version getting
changed so NAV could not longer see IE. I fixed this manually.

Using a combination of tools like CWShredder, Adware Away, SpyBlaster, PestPatrol, and so on we were able to manually flush the registry entries getting flagged.
So far, the tool Adware Away has helped the most.

My Baseline Analyzer problem is not a problem - not supported for XP Home.

Good luck to everyone. Stopping these clowns is not as complicated as you think.

Goodbye,

IE_victim




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button