Spyware Hijack of IE

I recently installed a trial version of a thing called Download Boost
(Magellass Company). Right after I installed that thing, IE started
acting weird, would freeze up on sites that need me to "sign in", such
as the Yahoo (discussion) Groups. My home page was also changed
without my approval. The file did NOT contain a virus, just some sort
of spyware/hijacking crap.

I did everything imaginable, reinstalled IE numerous times, upgraded
IE from 5.1 to 5.5, ran all sorts of registry repair programs, and the
list goes on and on....

It was finally when I ran a program called Hijackthis, that I found
many references to this Download Boost software. I removed this
Download Boost, and IE began working again.

But here's the tickler. Hijackthis kept pointing to a file called
MSDXM.OCX, but would not repair it. I finally found a reference to
this file on the MS website, and found it was included with IE. I
extracted it to a temp dir. That's when I noticed that the file is
supposed to be about 850K BUT, the one in my windows/system dir. was
about 1600K. I know that troublesome code can get written into files,
but this file almost doubled in size. How can that be?

One last thing. That file is needed for Media Player, and even after
replacing the correct file, Media Player would not run. I reinstalled
it completely and now it works again too.

<me@myhome.com> wrote in message news:3rul50la49v0kvfuktf45hq1lereqasebe@4ax.com...

> But here's the tickler. Hijackthis kept pointing to a file called
> MSDXM.OCX, but would not repair it. I finally found a reference to
> this file on the MS website, and found it was included with IE. I
> extracted it to a temp dir. That's when I noticed that the file is
> supposed to be about 850K BUT, the one in my windows/system dir. was
> about 1600K. I know that troublesome code can get written into files,
> but this file almost doubled in size. How can that be?

You gave your permission(s) to the foistware when you ran it, and
it either modified that ActiveX control, or more likely replaced the
original one with a modified one.

<me@myhome.com> wrote in message
news:3rul50la49v0kvfuktf45hq1lereqasebe@4ax.com...
> I recently installed a trial version of a thing called
Download Boost
> (Magellass Company). Right after I installed that thing,
IE started
> acting weird, would freeze up on sites that need me to
"sign in", such
> as the Yahoo (discussion) Groups. My home page was also
changed
> without my approval. The file did NOT contain a virus,
just some sort
> of spyware/hijacking crap.
>
> I did everything imaginable, reinstalled IE numerous
times, upgraded
> IE from 5.1 to 5.5, ran all sorts of registry repair
programs, and the
> list goes on and on....
>
> It was finally when I ran a program called Hijackthis,
that I found
> many references to this Download Boost software. I
removed this
> Download Boost, and IE began working again.
>
> But here's the tickler. Hijackthis kept pointing to a file
called
> MSDXM.OCX, but would not repair it. I finally found a
reference to
> this file on the MS website, and found it was included
with IE. I
> extracted it to a temp dir. That's when I noticed that
the file is
> supposed to be about 850K BUT, the one in my
windows/system dir. was
> about 1600K. I know that troublesome code can get written
into files,
> but this file almost doubled in size. How can that be?
>
> One last thing. That file is needed for Media Player, and
even after
> replacing the correct file, Media Player would not run. I
reinstalled
> it completely and now it works again too.
>

Object lesson: I do at least a Google and Google Groups
search before I install anything - hardware or software on
any of my systems. That way I know what to expect!
--
Chas. verktyg@aol.spamski.com (Drop spamski to E-mail
me)

<me@myhome.com> schreef in bericht
news:3rul50la49v0kvfuktf45hq1lereqasebe@4ax.com...
> I recently installed a trial version of a thing called Download Boost
> (Magellass Company). Right after I installed that thing, IE started
> acting weird, would freeze up on sites that need me to "sign in", such
> as the Yahoo (discussion) Groups. My home page was also changed
> without my approval. The file did NOT contain a virus, just some sort
> of spyware/hijacking crap.

> It was finally when I ran a program called Hijackthis, that I found
> many references to this Download Boost software. I removed this
> Download Boost, and IE began working again.
>
> But here's the tickler. Hijackthis kept pointing to a file called
> MSDXM.OCX, but would not repair it. I finally found a reference to
> this file on the MS website, and found it was included with IE. I
> extracted it to a temp dir. That's when I noticed that the file is
> supposed to be about 850K BUT, the one in my windows/system dir. was
> about 1600K. I know that troublesome code can get written into files,
> but this file almost doubled in size. How can that be?

How does Hijackthis point to the MSDXM.OCX file, I cannot remember it is
pointing at a specific file at all :-)
It is a part of windows media player so why you are bothered by it?
http://www.liutilities.com/products...llibrary/msdxm/