T
TCS
On Tuesday afternoon one of our users went to aaroads.com from the yahoo
directory. He then click on the road sign icon and got what he explained as
"the screen exploded with all kinds of pop-ups" He couldn't close some of
the windows and shut down the machine. Now he had a new batch file on the
desktop and it was instructing the system you install infamous downloader
executable. I removed the file and check the registry and sys files for any
startup commands... all's good so far. Now the reset the IE settings and
then went to Security tab. The slider is missing and the Custom Level &
Default Level Buttons are grayed out. The Use Current and other buttons on
the general tab are also grayed out and can not be changed. What is going to
have to be done to repair this hijacking? I already ran Ad Aware and Hijack
This! and found the "possible browser hijack" with ad aware and deleted the
files. Hijack This! didn't show any unusual objects other than the google
toolbar. Maybe someone from Microsoft can respond to this...
Thanks
directory. He then click on the road sign icon and got what he explained as
"the screen exploded with all kinds of pop-ups" He couldn't close some of
the windows and shut down the machine. Now he had a new batch file on the
desktop and it was instructing the system you install infamous downloader
executable. I removed the file and check the registry and sys files for any
startup commands... all's good so far. Now the reset the IE settings and
then went to Security tab. The slider is missing and the Custom Level &
Default Level Buttons are grayed out. The Use Current and other buttons on
the general tab are also grayed out and can not be changed. What is going to
have to be done to repair this hijacking? I already ran Ad Aware and Hijack
This! and found the "possible browser hijack" with ad aware and deleted the
files. Hijack This! didn't show any unusual objects other than the google
toolbar. Maybe someone from Microsoft can respond to this...
Thanks