New One - MYBLUEZIPPER

RADARADA Apple Valley, CA Member
edited April 2004 in Spyware & Virus Removal
MYBLUEZIPPER
Has anyone encountered this hijacker? Its tearing through the computers here at work. I can remove the offending files from the registry with Hijackthis, but it re appears on reboot. CWShredder doesn't even see it. Any clues?

Comments

  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian
    edited April 2004
    Post a HJT log and we'll be all over this beeyotch ;D
  • RADARADA Apple Valley, CA Member
    edited April 2004
    OK solved this one.

    Hijackthis shows the offending files in your registy, but you have to look in your Program Files folder for a file named PRCPROP2 or something like that.

    If its there, don't try to delete it, you can't. Go into task manager and find the process associated with the prcprop2 and stop it.

    Now go back to the file in your Program Files folder and delete it.

    Run Hijackthis again and delete all suspect files. You should have your browser back.


    :thumbsup:

    -RADA-
  • KwitkoKwitko Sheriff of Banning (Retired) By the thing near the stuff Icrontian
    edited April 2004
    Add 
    127.0.0.1 bluezipper.com
127.0.0.1 [url="http://www.bluezipper.com"]www.bluezipper.com[/url]
127.0.0.1 precisionpop.com
127.0.0.1 [url="http://www.precisionpop.com"]www.precisionpop.com[/url]

    to the hosts files on your office PCs. It will help stem the problem and prevent further infections.
This discussion has been closed.