IE is hacked..

**grr** · 03-17-2010

posting for a friend.

IE is hacked & opens by default site

hxxp://www.adserver5.com/dsnr/dec/sa.html

actions taken
1. MBAM-comes clean-Full scan
2. Spybot - fixed 42 problems-still same issue

what next needs to be done?

Friends here is the exact error message/warning:

**acr** · 03-17-2010

Originally Posted by grr

posting for a friend.

IE is hacked & opens by default site:
hxxp://www.adserver5.com/dsnr/dec/sa.html

actions taken
1. MBAM-comes clean-Full scan
2. Spybot - fixed 42 problems-still same issue

what next needs to be done?

also sometimes synmentic antivirus popups the msg saying Http loop toolbar activity...

The first thing you could do is edit your post so there is no direct link to a known malware site...
Good grief...

**grr** · 03-17-2010

Originally Posted by acr

The first thing you could do is edit your post so there is no direct link to a KNOWN MALWARE SITE !!!! Good grief...

done. .

**LunarWolf** · 03-17-2010

Scan your computer with ESET Online Scanner

ESET Online Scanner is able to remove threats. Post a HijackLog as well.

**fletch** · 03-17-2010

Go to control panel>add or remove programs

Is there a toolbar there that you don't recognize {remove it}

If no try doing a system restore to a time before the problem

**Gabethebabe** · 03-17-2010

Originally Posted by fletch

If no try doing a system restore to a time before the problem

This is bad advice. System Restore is last resort.

Start by uninstallin symantec antivirus, which sucks and installing a better one, like Avira. Run a scan and post a Hijackthis log. I´m sure some expert here can have a look at your log.

**acr** · 03-17-2010

Originally Posted by grr

done. .

No it's not done. MBAM's IP protection blocks the site from loading. But your link is still a direct link to a malicious site. If your "friend" was infected just by visiting the site then it is possible for someone else to be infected by clicking your link. Your editing the link has only succeeded in making the matter worse. It's normally better to edit the address of the site so that it will not load (for instance, use hxxp instead of http).

**hellnoire** · 03-18-2010

I was going to suggest a HijackThis log as well... works to show the host file, which we can then fix out if need be. (it happens with a lot of hijackers)

**leofelix** · 03-18-2010

I think that the friend of Grr catched this

Code:

hxxp://loop. myfamilytoolbar. com/

Which is a type of counduit toolbar (loop toolbar).

Generally a-squared free is able to detect and remove this kind of adware once installed

After hellnoire will tell you how to fix this issue with HiJackThis, do not forget to reset IE to the default settings

http://support.microsoft.com/kb/923737

[EDIT to add]

Here is the Threat Expert analysis:

http://www.threatexpert.com/report.a...5755b709ced215

**grr** · 03-18-2010

Thanks Everyone.

From what all i have seen recommended here, I would ask my friend to do the following in the sequence:

1. try to remove toolbar from add or remove programs, if visible
2. Scan your computer with ESET Online Scanner
3. analyze computer using HijackThis, and share the logs
4. scan using a-squared-free
5. analyze computer using HijackThis, and share the logs

I have no words to Thank You all for the help. Hope everything goes fine..

Regards,
Grr

Friends here is the exact error message/warning:

Thread: IE is hacked..

LinkBack

Thread Tools

Display

IE is hacked..

Similar Threads

Twitter Hacked

Wordpress hacked?!

I keep getting Hacked!