I can't say that I have. I quit using IE an about a year ago when
FireFox came out, never looked back. Just the extensions only make it
worth while to me, not to mention the security seems to be better. They
all have holes it's just that FireFox seems to fix there's more often
and faster.
I would differently try other browsers first to see if it fixes the
problem, then if it doesn't backup your data, wipe the drive, low level
format, then clean install, but before you install your data, outfit
your rig with all the anti-gear first, always update windows and then as
your pushing your data to your machine sweep it with your
Anti-everything gear to make sure you didn't save the problem in the
data you backed up.
Kevin
-----Original Message-----
From: Greg van der Gaast [mailto:gvandergaast@yahoo.com]
Sent: Tuesday, January 03, 2006 3:57 PM
To: focus-virus@securityfocus.com
Subject: Re: Hijacked Internet Explorer
Chris,
You're certainly not alone. My windows environments at
home tend to be what I'd consider "disposable" I use
it until XP is completely gummed up and then
reinstall. I always take the basic precautions of
installing ZA and some other utilities but after a
week or two my IE always starts exhibiting the
behavior you described. Firefox seems to be much more
resilient to whatever's causing this so I'll
tentatively chaulk it up to an IE vulnerability. I
generally steer clear of IE. it becoming "possessed"
or unstable has sort of become a given to me.
Anyone else have this behavior?
Greg
--- Chris Barber <cmbarber@gmail.com> wrote:
I have a user on a home network that has an oddity I
have not seen
before while using search engines. On the PC we
have tried Yahoo,
Google, MSN, Lycos, not sure but we may have done a
few other, but the
actions are all the same. We enter a search item,
say ACE, and the
results come back of course ACE Hardware is in the
list. When I mouse
over the link the URL displayed IE Status indicates
the correct URL
for ACE Hardware. Now when I or he clicks on the
link we go to some
other ads page, we click back and click the link a
second time and get
sent to a second ad site. After clicking back a
second time and then
clicking the link for the third time we get to the
ACE Hardware site.
One note on this is that the URL we are directed to
is not the same as
the link so I know it is not a DNS Hijack, but more
of a redirect
This happens with any and every site we have looked
for in the last
week or so. The "Anomaly" began shortly before
Christmas.
The PC is currently running ZoneAlarm and no
messages have indicated
any new software trying to gain access to the
network. I have also
run AdAware SE, Spybot, and MS Anti-Spyware.
Currently running on the
PC is Symantec AV with the latest updates, I have
also run McAfee from
a boot Disk.
At this point I am thinking it may be some form of
Browser Helper
Object or some registry hack, but I am out of ideas
to further
investigate, clean and protect against this in the
future.
Does anyone have any suggestions or ideas on what I
could try next?
Thanks in advance for the help.
Chris.
__________________________________
Yahoo! for Good - Make a difference this year.
http://brand.yahoo.com/cybergivingweek2005/
