browser hijack

Discussion in 'privacy general' started by bert, Dec 3, 2003.

Thread Status:
Not open for further replies.
  1. bert

    bert Guest

    There is a new broser hijacker directing browser to http://www.search2004.net/ and www.windowws.cc. Does anybody know how to fix it. These domains belong to following people:


    http://www.search2004.net/
    Registrant:
    Robert Stark
    Wiesliacher 14
    Zürich, CH-8053
    Switzerland

    Registered through: Vadim Fedorov
    Domain Name: SEARCH2004.NET
    Created on: 12-Nov-03
    Expires on: 12-Nov-04
    Last Updated on: 13-Nov-03

    Administrative Contact:
    Stark, Robert greg1@mail333.com
    Wiesliacher 14
    Zürich, CH-8053
    Switzerland
    +41 1 632 44 78 Fax --
    Technical Contact:
    Stark, Robert greg1@mail333.com
    Wiesliacher 14
    Zürich, CH-8053
    Switzerland
    +41 1 632 44 78 Fax --

    Domain servers in listed order:
    PL0.GREG-SEARCH.COM
    PL1.GREG-SEARCH.COM


    Domain Name:
    windowws.cc
    Registrant:
    Stas Bekman (greg1@mail333.com)

    Aba Silver 12/29
    Haifa, NONE 32694
    IL
    972-(0)4-828-2274
    Administrative, Technical, Billing Contact:
    Stas Bekman (greg1@mail333.com)

    Aba Silver 12/29
    Haifa, NONE 32694
    IL
    972-(0)4-828-2274
    Record expires on:
    Record created on:
    Nov 14 2004
    Nov 14 2003
    Domain Name Servers:
    ns1-hosts.srsplus.com
    ns2-hosts.srsplus.com
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi bert,

    Sounds like CWS to me. :(

    Please go to http://www.tomcoyote.org/hjt/, and download 'Hijack This!'.
    Unzip, doubleclick HijackThis.exe, and hit "Scan".

    When the scan is finished, the "Scan" button will change into a "Save Log" button.
    Press that, save the log as a .txt file, and copy and paste its contents into your next post.

    Most of what it lists will be harmless, so do not fix anything yet.

    Regards,

    Pieter
     
Loading...
Thread Status:
Not open for further replies.