Results 1 to 6 of 6
  1. #1
    4 Star Lounger
    Join Date
    May 2003
    Location
    Manchester, Gtr Manchester, England
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts

    More hijacking (IE6 XP Prof)

    Hello, seems I have been hijacked with; mk:@MSITStore:C:WINDOWSstart.chm::/spplain.html

    Any suggestions please, tried usual spybot, cws but no joy.

    Thanks Darren.

  2. Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    5 Star Lounger
    Join Date
    May 2002
    Location
    43.8N 81.0W, Ontario
    Posts
    815
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: More hijacking (IE6 XP Prof)

    Hi Darren

    Have you tried this post?

    Have a Great day!!!
    Ken
    <IMG SRC=http://www.wopr.com/w3tuserpics/KenK_sig.gif>

  4. #3
    4 Star Lounger
    Join Date
    May 2003
    Location
    Manchester, Gtr Manchester, England
    Posts
    552
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: More hijacking (IE6 XP Prof)

    Thanks Ken but this problem seems to outsmart those you have suggested?

    Thanks.

  5. #4
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: More hijacking (IE6 XP Prof)

    Whereas Ken's post gives all the usual software to deal with a hijacking, perhaps you could be a bit more informative about the meaning of
    > mk:@MSITStore:C:WINDOWSstart.chm::/spplain.html
    and at what point you get it.

    Have you tried any appropriate key words in a Google search? (Such as MSITStore?)

    See this exchange, for example. But the final post point to this website looks fairly suspicious to me, even though a post in the thread following "seems" to recommend it...
    Another place to look would be this SpywareInfo thread

    If none of these are any good, have a look through the other Google results!

    The general view is that this is a very nasty thing...

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  6. #5
    5 Star Lounger
    Join Date
    May 2002
    Location
    43.8N 81.0W, Ontario
    Posts
    815
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: More hijacking (IE6 XP Prof)

    Hi Darren

    I take it that you've run Hijack This and have posted the log on Net-Integration's Hijack This forum????

    Those guys'n'gals are seldom stumped. They should be able to help you.

    Have a Great day!!!
    Ken
    <IMG SRC=http://www.wopr.com/w3tuserpics/KenK_sig.gif>

  7. #6
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: More hijacking (IE6 XP Prof)

    More information:

    Merijn has a new News and Update entry on his website (mirror).

    April 20, 2004:
    * WARNING *
    The CWS trojan is appearing in a new variant which installs through a zero-day exploit in the IE HTML Help system, for more information see here and for a workaround see here. If you are infected, your homepage will change to something like mk:@MSITStore:C:WINDOWSstart.chm::/start.html. Please keep an eye on WindowsUpdate until a patch for this exploit is available.

    Visit the link given at the top to be able to click on the "here" URLs...

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •