locked
Laptop with IE7 had browser Hijacked: Hijackthis is now showing clean but still hijacked

    Frage

  • I have a laptop running XP SP3 on which IE7 has been hijacked and I thought at one point I had it beat but Nooooooo. multiple AV/Anti-Malware/etc have all come back clean. Hijackthis log is showing clean now - this is only affecting IE7 and does not happen in Chrome. I dont like chrome due to it's sporadic latency issues and want my IE back. I thought that completely uninstalling IE would possibly do the trick as I know it has to be embedded somewhere in the registry IE settings. It is my understanding that I would have to unistall SP3 and roll back to IE6 but I dont think this is going to help since the reg entries will never be completely removed going this route. Does ANYONE have any suggestions, as I have tried all of the TrendMicro tricks and on the surface everything looks clean... BUT it is NOT... Help... Please... Thanks
    Samstag, 30. Oktober 2010 20:00

Antworten

  • Hi,

     

    You may refer to the following KB article to remove the IE 7 and then install IE 8:

     

    How to uninstall Internet Explorer 7

     

    How to install Internet Explorer 8

     

    Regards,

     

    Sabrina


    This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Als Antwort markiert Sabrina Shen Freitag, 12. November 2010 08:52
    Mittwoch, 10. November 2010 06:22

Alle Antworten

  • Hi,

     

    Please understand that this is Windows Vista Forum. In order to get the answer effectively, it is also recommended to post a new thread in Windows XP Forum for discussion.

     

    Personally, for the virus issue, you may refer to the following suggestions:

     

    1. From this issue, I would like to suggest that you contact TrendMicro support to see if they have special update or tools to check if there are other viruses.

     

    2. Actually, the officially recommended method is still to format and re-install the compromised computer from a known good build (i.e. operating system CD + all security patches while disconnected from the network). For more information on hacking, please see these links:

     

    Help: I Got Hacked. Now What Do I Do?

    http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

     

    Help: I Got Hacked. Now What Do I Do? Part II

    http://www.microsoft.com/technet/community/columns/secmgmt/sm0704.mspx

     

    How A Criminal Might Infiltrate Your Network

    http://www.microsoft.com/technet/technetmag/issues/2005/01/AnatomyofaHack/default.aspx

     

    Malicious Software Removal Tool

    http://www.microsoft.com/security/malwareremove/default.mspx

     

    The Day After: Your First Reponse To A Security Breach

    http://www.microsoft.com/technet/technetmag/issues/2005/01/IncidentResponse

     

    3. You can also contact your antivirus vendor for assistance with identifying or removing virus or worm infections. If you need more help with virus-related issues, contact Microsoft Product Support Services.

     

    For support within the United States and Canada, call toll-free (866) PCSAFETY (727-2338).

    For support outside the United States and Canada, visit the Product Support Services Web page (http://support.microsoft.com/?pr=SecurityHome).

     

    I hope this helps. Thank you for your time and cooperation!

     

    (Please note that the newsgroups are staffed weekdays by Microsoft Support professionals to answer your non-urgent, break/fix systems and applications questions. Our goal is to provide 24 hour response to all questions. If this response time does not meet your needs, please contact Customer Service and Support (CSS) for more immediate assistance. For more information on available CSS services, please click here: http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607.)

     

    Regards,

     

    Sabrina


    This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Als Antwort markiert Sabrina Shen Freitag, 5. November 2010 06:43
    • Tag als Antwort aufgehoben Sabrina Shen Freitag, 12. November 2010 02:10
    Montag, 1. November 2010 09:43
  • Thanks, but from the get-go I know this is the Vista thread and I told it to post in the XP forum from the drop-down but the machine I posted this from is a Vista machine and the site dropped my post in to the vista forum.

    my laptop is clean from any other virii and this really isnt a case of a virus at this point, it is how to remove all of the IE7 registry entries as this is where the hijack lay. It is not a virus per-se but a stinking entry buried somewhere in my registry that is pointing my IE off in to the great abyss.

    I was thinking of installing IE8 in hopes of blowing out all of the previous registry settings... Do you think this would work... Will IE8 overwrite all of the previous IE registry settings?

    Thanks

    Freitag, 5. November 2010 21:59
  • Hi,

     

    You may refer to the following KB article to remove the IE 7 and then install IE 8:

     

    How to uninstall Internet Explorer 7

     

    How to install Internet Explorer 8

     

    Regards,

     

    Sabrina


    This posting is provided "AS IS" with no warranties or guarantees, and confers no rights. |Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Als Antwort markiert Sabrina Shen Freitag, 12. November 2010 08:52
    Mittwoch, 10. November 2010 06:22
  • NB: Hijackware infects the OS (Windows), not the browser (IE). Uninstalling IE7 is not going to fix this nor will upgrading to IE8.

    NB: If you had no anti-virus application installed or the subscription had expired *when the machine first got infected* and/or your subscription has since expired and/or the machine's not been kept fully-patched at Windows Update, don't waste your time with any of the below: Format & reinstall Windows.  A Repair Install will NOT help!

    Microsoft PCSafety provides home users (only) with no-charge support in dealing with malware infections such as viruses, spyware (including unwanted software), and adware.
    https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1

    Also available via the Consumer Security Support home page:  https://consumersecuritysupport.microsoft.com/

    Otherwise...

    1. See if you can download/run the MSRT manually:  http://www.microsoft.com/security/malwareremove/default.mspx

    NB: Run the FULL scan, not the QUICK scan!  You may need to download the MSRT on a non-infected machine, then transfer MRT.EXE to the infected machine and rename it to SCAN.EXE before running it.

    2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!) in Safe Mode with Networking, if need be:  http://onecare.live.com/site/en-us/center/howsafe.htm

    2b. Vista or Win7 (but not Vista 64-bit or Win7 64-bit) => Run this scan instead:  http://onecare.live.com/site/en-us/center/whatsnew.htm

    3. Now begin your own, new thread in one (only) of the following recommended forums for assistance by an expert in such matters.  DO NOT SKIP THIS STEP!!

       • SpywareHammer: Malware Removal
          http://spywarehammer.com/simplemachinesforum/index.php?board=10.0

       • Spyware Warrior: Help with spyware removal
          http://www.spywarewarrior.com/viewforum.php?f=5

       • DSL Reports: Security Cleanup
         http://www.dslreports.com/forum/cleanup

       • Bluetack: Malware Removal
          http://www.bluetack.co.uk/forums/index.php?showforum=172

       • AumHa: Malware Removal
          http://aumha.net/viewforum.php?f=30

    If these procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the computer to a local, reputable and independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

    =========================================

    Should you need further assistance, please begin a new thread in the WinXP - Security forum over in the "consumer" forum platform:  http://social.answers.microsoft.com/Forums/en-US/xpsecurity/threads 


    ~Robear Dyer (PA Bear) ~ MS MVP (IE, Mail, Security, Windows & Update Services) since 2002 ~ Disclaimer: MS MVPs neither represent nor work for Microsoft
    Samstag, 13. November 2010 13:45
  • You may refer to the following KB article to remove the IE 7 and then install IE 8:

     

    How to uninstall Internet Explorer 7

     

    How to install Internet Explorer 8

    Uninstalling IE7 is not going to help here. Upgrading in hopes of resolving an existing problem is seldom a wise idea.
    ~Robear Dyer (PA Bear) ~ MS MVP (IE, Mail, Security, Windows & Update Services) since 2002 ~ Disclaimer: MS MVPs neither represent nor work for Microsoft
    Samstag, 13. November 2010 13:46