Browser hijack res://...

[Guest]

OK, been reading this board for several days now. Many
people are getting this
res://<random>.dll/<random>.html#<random> Hijack.

Nothing is fixing it! I have run the latest versions of
AdAware, HiJackThis, Norton AV 2004, Spybot S&D, and I
still have it.

We have gone throught the registry and deleted many
instances too.

I see many people posting this same problem. The only
solution I see is to go to
http://forums.spywareinfo.com/index.php?showtopic=8847 for
info.

I have been there and it is no help.

Surely somone has figured out a fix for this by now! Why
is this not listed anywhere on Symantec site...or more
importantly on Microsoft's?

My temporary fix has been to use crappy Netscape...

Microsoft needs to figure out a fix since it seems to be
targetting IE.

Someone PLEASE post a fix!!

 

[Jan Il]

Hi anonymous

Download, install and run the following and see if this helps.

CWShredder:
http://tinyurl.com/2l9kl


Hope this helps.

Jan

 

[Michael]

I to was having the same problems. I continue reading on
this newsgroup page and found a fix.

Try this: Tools > Internet Options > Advanced > Browsing
Uncheck the Enable 3rd party browser extensions

If this clears your problem then find out who the culprit
(s) is/are with
these tools.

Let AD-Aware Scan your system for advertising Spyware
http://www.lavasoftusa.com

Thanks to H Leboeuf

 

[LuckyStrike]

So, you are saying that no instance of
res://<random>.dll/<random>.html#<random> has appeared in any scan done by
Ad-Aware, HijackThis, etc.?

Now, if there was a fix that was fairly certain to *FIX* it, you would have
seen it by now. I have heard there is something in the works, but I've not
been made aware of what it is or when it will be "finalized" as yet.
Meanwhile, whatever answers that have been posted are the best that can be
done at the moment to offer help or assuage your misery.

IMHO surfing around the vast *network* called the Web with ActiveX and
Scripting enabled is akin to walking in a crime-ridden neighborhood flashing
$100 dollar bills and wearing a gold Rolex; something is eventually going to
happen. One need not even deliberately download a program or file to get
some kind of "bug". I wonder how most have managed to contract this one?

 

[Jan Il]

Hi anonymous

Here is more information on this new variant.

Per Merijn - http://www.spywareinfo.com/~merijn/index.html

New CWS variant that hijacks you to res://<random>.dll/sp.html#96676.

A solution is being worked on, see this thread on the SWI forums.
http://forums.spywareinfo.com/index.php?showtopic=7447

If it's not working for you, or it's too complicated, I heard from several
people that this workaround works as well:
Open the DLL you get hijacked to in Notepad
Select all content (Ctrl-A) and delete it
Save the file and exit Notepad
Find the file in Explorer, right-click it, select Properties, put a
checkmark in 'Read-Only' and click OK.
If you can't find the DLL file, make sure your settings allow you to view
"Hidden files". Open up any explorer windows and click on "Tools", "Folder
Options", "View" and be sure to check off "Show Hidden Files and Folders".

Hope this helps.

Jan

 

[Guest]

A lot of the security professional hang out a DSL
reports. They maintain step-by-step directions for
dealing with these uglies at
http://www.dslreports.com/faq/8428 I solved the issues
of 2 different friends using their advice. I hope it
works for you too.

 

[zheenma]

Now you can try Browser Hijack Recover .

Download from:
http://www.download.com/Browser-Hijack-Recover/3000-8022-10317935.html