"Only The Best" CSS Files???????????

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Casey33626, Jun 18, 2004.

  1. Casey33626

    Casey33626 Private E-2

    It can appear that all is clean until I visit the homepage of one site I developed. On this page the same word is "hotlinked" with the links going nowhere (somewhere?) and always a small "only the best" window appears.

    I read somewhere on these threads where this *&^$%^#!! hijack drops a couple of style sheets on your PC ~ which would explain how my browser sees this particular page as being whacked whereas those not effected by CWS hijack sees the page just fine with no links.

    I've searched for these rouge stylesheets but came up empty. ANyone else have a handle on this?

    Thx,
    Casey
     
    Casey33626, Jun 18, 2004
    #1
  2. Casey33626

    Casey33626 Private E-2

    I hate to start another thread dealing with an "only the best" issue so I'll post it here as well seeing how this is mostly a generic thread about the hijack.

    I unplugged my infected PC from the Internet while all my search and destroy missions today for DLLs, DATs, and misc files associated with this bugger. I've scanned, logged, rebooted numbers of times today and I've yet to plug my notebook back into a phone jack and get on the net. So in a sense, I've been hijack-free all day.

    Anyway, all my logs look clean and that gives me hope for later on tonight when I finally do decide to plug back in. But one thing still bothers me and that is every time I start IE and check the address bar, I should see the URL that's set as my homepage. However, I do not see that, but instead see "res://cxoks.dll/http_404.htm"

    Now, let's say my homepage is My Yahoo. If you don't have an open connection to the Internet and you start a browser session, IE will look to make a connection and load http://my.yahoo.com. When it can't find it, it should report back with a standard 404 page but the address in your address bar should be http://my.yahoo.com/

    Because my browser isn't doing that I fear I've left some remnant of this bugger behind. And since I feel I'm sooooooooo close to eradication (no, bad term ...um ... let's see how 'bout disabling?) this problem I'd like some feedback on how to track that redirect down and kill it.

    Thx,
    Casey
     
    Casey33626, Jun 18, 2004
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds