Full Disclosure mailing list archives

RE: !! Internet Explorer !!

From: "Jos Osborne" <Jos () meltemi co uk>
Date: Fri, 11 Jun 2004 15:18:21 +0100

You've been hijacked.

Search your registry for mshp.dll - there'll be a number of internet settings such as Home Page etc set to this. Re-set 
them to something more innocuous - like MSN.com.
After you've done that, try to get back on the web. If you can, go to Google, and find copies of HijackThis, AdAware 
,CWShredder and Spybot Search and Destroy.
Download them, and run them.

Another site I've seen suggest that the following are names the hijacker uses to hide itself - search for them and if 
they've been created/modified recently then delete them.
IEFEATSL.DLL
MSIESH.DLL
SUBMITHOOK.DLL
UNINSTALL.EXE
UNINSTALL.INI
MSHP.DLL 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Yahoo upgraded all accounts to 100MB, (continued)
- - - Yahoo upgraded all accounts to 100MB Syed Imran Ali (Jun 15)
    - Re: Yahoo upgraded all accounts to 100MB William Warren (Jun 15)
    - Re: Yahoo upgraded all accounts to 100MB Joseph Peterson (Jun 15)
    - Re: Yahoo upgraded all accounts to 100MB randall (Jun 15)
    - Re: Yahoo upgraded all accounts to 100MB Ron DuFresne (Jun 15)
    - Re: Yahoo upgraded all accounts to 100MB Andre Ludwig (Jun 16)
    - Re: Yahoo upgraded all accounts to 100MB Shawn Nunley (Jun 16)
    - Re: Yahoo upgraded all accounts to 100MB Shawn Nunley (Jun 16)
    - Re: Yahoo upgraded all accounts to 100MB José María Mateos (Jun 18)
    - Re: Yahoo upgraded all accounts to 100MB José María Mateos (Jun 16)
- RE: !! Internet Explorer !! Jos Osborne (Jun 11)