Web Hijack

**Riz04** · 20-12-2004

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

istbar Object Recognized!
Type : RegValue
Data : c:\windows\wints.exe
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\RunOnce
Value : wints.exe

istbar Object Recognized!
Type : File
Data : wints.exe
Category : Malware
Comment :
Object : c:\windows\

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 3

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\windows\currentversion\app lets\wordpad\recent file list
Description : list of recent files opened using wordpad

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\windows\currentversion\exp lorer\runmru
Description : mru list for items opened in start | run

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\windows\currentversion\exp lorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\windows\currentversion\exp lorer\comdlg32\lastvisitedmru
Description : list of recent programs opened

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\windows\currentversion\exp lorer\recentdocs
Description : list of recent documents opened

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\office\10.0\publisher\rece nt file list
Description : list of recent files used by microsoft publisher

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\office\10.0\excel\recent files
Description : list of recent files used by microsoft excel

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\office\11.0\publisher\rece nt file list
Description : list of recent files used by microsoft publisher

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\office\11.0\access\setting s
Description : list of recently opened documents in microsoft access

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplicatio n
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\directinput\mostrecentappl ication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\windows\currentversion\app lets\regedit
Description : last key accessed using the microsoft registry editor

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\directinput\mostrecentappl ication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\macromedia\flash 6\recent file list
Description : list of recently used files in macromedia flash

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\frontpage\explorer\frontpa ge explorer\recent page list
Description : list of recently used pages in microsoft frontpage

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

**Riz04** · 20-12-2004

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history

MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-1708537768-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : C:\Documents and Settings\Mussi.DESI\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office

MRU List Object Recognized!
Location: : C:\Documents and Settings\Mussi.DESI\recent
Description : list of recently opened documents

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mussi@2o7[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:mussi@2o7.net/
Expires : 12-17-2009 6

28 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 32

Deep scanning and examining files (C

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

WhenU Object Recognized!
Type : File
Data : VSN.exe
Category : Data Miner
Comment :
Object : C:\Program Files\VSN\
FileVersion : 0, 1, 0, 1
ProductVersion : 0, 1, 0, 1
ProductName : VSN Module
CompanyName : WhenU.com
FileDescription : VSN
InternalName : VSN
LegalCopyright : Copyright 2003
OriginalFilename : VSN.exe

CoolWebSearch Object Recognized!
Type : File
Data : qbwjp.log
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : eeqen.dat
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : pfjkp.log
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : jbhoj.txt
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : zmbif.dat
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : kegkt.log
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : kevtx.log
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : huazu.dat
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : bmyti.dat
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : sntot.dat
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : gnupn.dat
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

CoolWebSearch Object Recognized!
Type : File
Data : pswpu.dat
Category : Malware
Comment :
Object : C:\WINDOWS\system32\

istbar Object Recognized!
Type : File
Data : ydylnu.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

Rads01.Quadrogram Object Recognized!
Type : File
Data : wqkqnx.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : aqqzxs.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

istbar Object Recognized!
Type : File
Data : tdnmru.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

AdShooter Object Recognized!
Type : File
Data : d_loader.exe
Category : Malware
Comment :
Object : C:\WINDOWS\Downloaded Program Files\

CoolWebSearch Object Recognized!
Type : File
Data : sqieac.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

Rads01.Quadrogram Object Recognized!
Type : File
Data : eeqenp.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : megzt.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

istbar Object Recognized!
Type : File
Data : appfn32.dll
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : hmivl.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : rmcfal.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : jnmluw.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : pwpho.log
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : imlofs.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : andtzu.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : ydnle.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : taiht.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : jbqur.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : trzjy.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : pcqkq.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : kgpdlk.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : chiinn.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : kgzic.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : ompfnl.log
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : gmakhw.log
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : hucrw.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : amvra.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : sfidp.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : owesk.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : bkxqpt.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : edablg.log
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : skdnx.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : cuibu.dat
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : kanckk.txt
Category : Malware
Comment :
Object : C:\WINDOWS\

CoolWebSearch Object Recognized!
Type : File
Data : dbyhmv.log
Category : Malware
Comment :
Object : C:\WINDOWS\

Rads01.Quadrogram Object Recognized!
Type : File
Data : Dc5.exe
Category : Malware
Comment :
Object : C:\Recycled\

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 81

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\search
Value : SearchAssistant

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\main
Value : Search Bar

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft
Value : set

CoolWebSearch Object Recognized!
Type : Folder
Category : Malware
Comment :
Object : C:\Documents and Settings\Mussi.DESI\local settings\temporary internet files\msft\images-sprem

istbar Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\totem

istbar Object Recognized!
Type : File
Data : ISTactivex_mainstream.dll
Category : Malware
Comment :
Object : C:\WINDOWS\downloaded program files\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : ISTactivex Module
FileDescription : ISTactivex Module
InternalName : ISTactivex
LegalCopyright : Copyright 2003
OriginalFilename : ISTactivex.DLL

istbar Object Recognized!
Type : File
Data : ISTactivex_mainstream.inf
Category : Malware
Comment :
Object : C:\WINDOWS\downloaded program files\

WhenU Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\VSN

WhenU Object Recognized!
Type : File
Data : vsn.cfg
Category : Data Miner
Comment :
Object : C:\Program Files\vsn\

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 9
Objects found so far: 90

9:37:48 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:30.294
Objects scanned:120511 Objects identified:62
Objects ignored:0
New critical objects:62

**Riz04** · 20-12-2004

Logfile of HijackThis v1.99.0
Scan saved at 9:55:56 AM, on 12/20/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Browser MOUSE\mouse32a.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Intuit\QBPOS\QBPos.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Mussi.DESI\Desktop\IE Hijack\HijackThis.exe

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: QuickBooks Point of Sale.lnk = C:\Program Files\Intuit\QBPOS\QBPos.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho.../yinst0401.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1102535935954
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.g...tl_0_0_0_1.ocx
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.14.27/ttinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/game...ploader_v5.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

**Riz04** · 20-12-2004

I havn't opened my ie browser, just want to comfirm first that the hijack has been cleared then I will go on.

Thanks A Lot for you help.

**owen** · 20-12-2004

As long as you have let Ad-aware get rid of all the detected files, then thats a clean log.

**Riz04** · 20-12-2004

thanks a lot for your help. chao

**owen** · 20-12-2004

Make sure you get yourself some protection and get to Windows Update IMMEDIATELY and run Express Install. Download all the listed updates (one of these will be a large service pack).

Preventing it returning

After your problem has been resolved on the forum, it is an absoulute MUST to do the following steps to prevent the problem returning. Click on the link to get access to the software or webpage that I'm referring to.

1. Visit Windows Update
Pay a visit to Windows Update and scan for and download ALL Critical Updates and Service Packs. New updates are usually released monthly so check back to Windows Update every month.

2. Download Antivirus Software-
If you haven't already got Antivirus software, you should download and install AVG Antivirus. It is freeware and is updated nearly every 2 days (sometimes more frequently if there are a lot of new viruses) and in my opinion, is better than some Antivirus software such as Norton. Antivirus software will prevent viruses infecting your system and it is important that you update it every two days or every week at the most.

3. Download a Firewall-
If you haven't already got a firewall, it is Very important that you download one. Firewalls will prevent unauthorised access to your computer and stop data leaking out of your computer. You may think that it won't happen to you, but Hackers don't care who you are, what you do, where you live or what you had for tea last Sunday on your holiday in the Lake District, they want your data. Firewalls will keep these sneaks out and one of the best is Sygate Personal Firewall, which happens to be freeware.

4. Spyware Scanners-
It is important that as well as having real time spyware protection, you have a spyware scanning application. If you have not already been told to download one earlier in this thread, it is a good idea to download Spybot Search And Destroy and Ad-aware. They are both spyware scanners and will search for a remove spyware. It is recommended that you have both, because one will pick up entries that the other misses. It is even a good idea to download these if you have other programs such as ASE, Spysweeper, Pest Patrol, etc, because one spyware scanner will not pick up everything. Please remember to update your spyware scanners weekly/fortnightly.

5. Prevent Spyware slipping through Internet Explorer-
Quite a lot of spyware slips through Internet Explorer if your settings are not tight enough. Spyware Blaster will help you prevent spyware slipping through and installing tracking cookies. Simply run it via Start> Programs> Spyware Blaster and click Enable All Protection and it will protect you. It doesn't even have to be open! Remember to update weekly/fortnightly.

6. Constant Spyware Protection-
It is important to have constant spyware protection. Spyware Guard works like an antivirus program but detects Spyware instead. It will constantly protect your system. Check for updates monthly.

All Of these steps are very important and it is HIGHLY recommended that you download all of the programs mentioned for your own safety. Remember to Update everything (including Windows using Windows Update)! It is also a good idea to perform weekly/fortnightly scans with Spybot S&D, Ad-aware and your antivirus software.

And last of all, please remember, that common sense is your greatest tool. Without it, spyware and other related Malware would rule!

Web Hijack

Re: Web Hijack

Similar Threads

Browser Hijack - Localhost Hijack

about:blank hijack - Hijack this log