[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] !! Internet Explorer !!

To: <king@xxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] !! Internet Explorer !!
From: "Jos Osborne" <Jos@xxxxxxxxxxxxx>
Date: Fri, 11 Jun 2004 15:18:21 +0100

You've been hijacked.

Search your registry for mshp.dll - there'll be a number of internet settings 
such as Home Page etc set to this. Re-set them to something more innocuous - 
like MSN.com.
After you've done that, try to get back on the web. If you can, go to Google, 
and find copies of HijackThis, AdAware ,CWShredder and Spybot Search and 
Destroy.
Download them, and run them.

Another site I've seen suggest that the following are names the hijacker uses 
to hide itself - search for them and if they've been created/modified recently 
then delete them.
IEFEATSL.DLL
MSIESH.DLL
SUBMITHOOK.DLL
UNINSTALL.EXE
UNINSTALL.INI
MSHP.DLL 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: RE: [Full-Disclosure] RE: COELACANTH: Phreak Phishing Expedition
Next by Date: Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered!
Previous by thread: [Full-Disclosure] Another 419 scram that points to website, need advice about what to do...
Next by thread: [Full-Disclosure] !! Internet Explorer !!
Index(es):
- Date
- Thread