Pieter_Arntz
January 2nd, 2004, 07:25 AM
Hijacks the startpage to popnav.com and produces popups.
In a HijackThis log fix:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.popnav.com
O4 - HKLM\..\Run: [MSVersion] C:\WINDOWS\System32\iefeaturesversion.exe
O4 - HKLM\..\Run: [iefeatures] C:\WINDOWS\System32\iefeatures.exe
O16 - DPF: {2CAB81F6-1CBB-49FD-809E-B2D37D0CFFED} (IEFeature Class) - hxxp://www.popmonster.com/control/src/iefeatures.ocx
After a reboot delete these files:
C:\WINDOWS\System32\MSrdk.xml
C:\WINDOWS\System32\iefeaturesversion.exe
C:\WINDOWS\System32\iefeatures.exe
HTH,
Pieter
In a HijackThis log fix:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.popnav.com
O4 - HKLM\..\Run: [MSVersion] C:\WINDOWS\System32\iefeaturesversion.exe
O4 - HKLM\..\Run: [iefeatures] C:\WINDOWS\System32\iefeatures.exe
O16 - DPF: {2CAB81F6-1CBB-49FD-809E-B2D37D0CFFED} (IEFeature Class) - hxxp://www.popmonster.com/control/src/iefeatures.ocx
After a reboot delete these files:
C:\WINDOWS\System32\MSrdk.xml
C:\WINDOWS\System32\iefeaturesversion.exe
C:\WINDOWS\System32\iefeatures.exe
HTH,
Pieter