Results 1 to 6 of 6
  1. #1
    4 Star Lounger
    Join Date
    May 2003
    Location
    Manchester, Gtr Manchester, England
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts

    More hijacking (IE6 XP Prof)

    Hello, seems I have been hijacked with; mk:@MSITStore:C:WINDOWSstart.chm::/spplain.html

    Any suggestions please, tried usual spybot, cws but no joy.

    Thanks Darren.

  2. #2
    5 Star Lounger
    Join Date
    May 2002
    Location
    43.8N 81.0W, Ontario
    Posts
    815
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: More hijacking (IE6 XP Prof)

    Hi Darren

    Have you tried this post?

    Have a Great day!!!
    Ken
    <IMG SRC=http://www.wopr.com/w3tuserpics/KenK_sig.gif>

  3. #3
    4 Star Lounger
    Join Date
    May 2003
    Location
    Manchester, Gtr Manchester, England
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: More hijacking (IE6 XP Prof)

    Thanks Ken but this problem seems to outsmart those you have suggested?

    Thanks.

  4. #4
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: More hijacking (IE6 XP Prof)

    Whereas Ken's post gives all the usual software to deal with a hijacking, perhaps you could be a bit more informative about the meaning of
    > mk:@MSITStore:C:WINDOWSstart.chm::/spplain.html
    and at what point you get it.

    Have you tried any appropriate key words in a Google search? (Such as MSITStore?)

    See this exchange, for example. But the final post point to this website looks fairly suspicious to me, even though a post in the thread following "seems" to recommend it...
    Another place to look would be this SpywareInfo thread

    If none of these are any good, have a look through the other Google results!

    The general view is that this is a very nasty thing...

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  5. #5
    5 Star Lounger
    Join Date
    May 2002
    Location
    43.8N 81.0W, Ontario
    Posts
    815
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: More hijacking (IE6 XP Prof)

    Hi Darren

    I take it that you've run Hijack This and have posted the log on Net-Integration's Hijack This forum????

    Those guys'n'gals are seldom stumped. They should be able to help you.

    Have a Great day!!!
    Ken
    <IMG SRC=http://www.wopr.com/w3tuserpics/KenK_sig.gif>

  6. #6
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: More hijacking (IE6 XP Prof)

    More information:

    Merijn has a new News and Update entry on his website (mirror).

    April 20, 2004:
    * WARNING *
    The CWS trojan is appearing in a new variant which installs through a zero-day exploit in the IE HTML Help system, for more information see here and for a workaround see here. If you are infected, your homepage will change to something like mk:@MSITStore:C:WINDOWSstart.chm::/start.html. Please keep an eye on WindowsUpdate until a patch for this exploit is available.

    Visit the link given at the top to be able to click on the "here" URLs...

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •