J
JON
recently, i was surfing, and got attacked by a web page
that bypassed system and posted a routine to load their
own web page product search, instead of the default MSN or
other that i would like to popup each time the IE is
opened.
my question, is that i can see "whois" listed on the
pirated page and controller of what pops up as the default.
origianlly on ie 5.5 the directory msuk was established
and an official file having the msie???.dll looked
official, but by date searched athte time of attack,
proved to be a pirate.
i removed, or thought i did, the culprit. after reloading
5.0 and upgrading to 6.02 ie; i still have the bug, but my
system is working without crashing as with 5.5 ie.
i also installed popup blocker and ad-aware 6.0.
this should almost stop any new attacks, but i still have
the ATTACKER http://1search.biz, owned by
WHOIS information for 1search.biz:
[whois.melbourneit.com]
Domain Name: 1SEARCH.BIZ
Domain ID: D6404495-BIZ
Sponsoring Registrar: GO DADDY
SOFTWARE, INC.
Domain Status: ok
Registrant ID: GODA-05678888
Registrant Name: Sergey
Zaporozhec
Registrant Organization: Unknown
Registrant Address1: Zhuljany 14
fl5
Registrant City: Lvov
Registrant State/Province: UA
Registrant Postal Code: 13729
Registrant Country: Ukraine
Registrant Country Code: UA
Registrant Phone Number: +380.48463815
Registrant Email:
(e-mail address removed)
Administrative Contact ID: GODA-25678888
Administrative Contact Name: Sergey
Zaporozhec
Administrative Contact Organization: Unknown
Administrative Contact Address1: Zhuljany 14
fl5
Administrative Contact City: Lvov
Administrative Contact State/Province: UA
Administrative Contact Postal Code: 13729
Administrative Contact Country: Ukraine
Administrative Contact Country Code: UA
Administrative Contact Phone Number: +380.48463815
Administrative Contact Email:
(e-mail address removed)
can anybody help to get this off my system?
JON S.
that bypassed system and posted a routine to load their
own web page product search, instead of the default MSN or
other that i would like to popup each time the IE is
opened.
my question, is that i can see "whois" listed on the
pirated page and controller of what pops up as the default.
origianlly on ie 5.5 the directory msuk was established
and an official file having the msie???.dll looked
official, but by date searched athte time of attack,
proved to be a pirate.
i removed, or thought i did, the culprit. after reloading
5.0 and upgrading to 6.02 ie; i still have the bug, but my
system is working without crashing as with 5.5 ie.
i also installed popup blocker and ad-aware 6.0.
this should almost stop any new attacks, but i still have
the ATTACKER http://1search.biz, owned by
WHOIS information for 1search.biz:
[whois.melbourneit.com]
Domain Name: 1SEARCH.BIZ
Domain ID: D6404495-BIZ
Sponsoring Registrar: GO DADDY
SOFTWARE, INC.
Domain Status: ok
Registrant ID: GODA-05678888
Registrant Name: Sergey
Zaporozhec
Registrant Organization: Unknown
Registrant Address1: Zhuljany 14
fl5
Registrant City: Lvov
Registrant State/Province: UA
Registrant Postal Code: 13729
Registrant Country: Ukraine
Registrant Country Code: UA
Registrant Phone Number: +380.48463815
Registrant Email:
(e-mail address removed)
Administrative Contact ID: GODA-25678888
Administrative Contact Name: Sergey
Zaporozhec
Administrative Contact Organization: Unknown
Administrative Contact Address1: Zhuljany 14
fl5
Administrative Contact City: Lvov
Administrative Contact State/Province: UA
Administrative Contact Postal Code: 13729
Administrative Contact Country: Ukraine
Administrative Contact Country Code: UA
Administrative Contact Phone Number: +380.48463815
Administrative Contact Email:
(e-mail address removed)
can anybody help to get this off my system?
JON S.