[MadHijacked]

Here is another Key I found and deleted & exported to my desktop that has traces of items that we have found related to my hijacked browsers?

I assume it would be safe to completely remove this?

Also notice item "b"="zoneon"

Zoneon & Zoneoff are registry items I ask about previously.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find Spec MRU]
"a"=""
"MRUList"="fhabjidgce"
"b"="zoneon"
"c"="*.ICO"
"d"="google"
"e"="TAPISRV.EXE"
"f"="*.DLL"
"g"="NHC.DLL"
"h"="Nch.DLL"
"i"="*.exe"
"j"="Logbba.dll"

[Advertisements]

Don't give up on me please!

Something is going on.

I haven't had SpySweeper, Ad-Aaware, or CWShredder to detect about:blank,
but I believe it is still trying to rewrite it's self.

As you see from my last post that I found the above in the registry. I exported
it to my desktop and deleted it from the registery.

So I looked again today and found this in the same location.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find Spec MRU]
"a"=""
"MRUList"="habgfedcji"
"b"="Nav"
"c"="Logbba"
"d"="matcli"
"e"="*.lgc"
"f"="*.exe"
"g"="services.exe"
"h"="sis.dll"
"i"="*h.dll"
"j"="*C.dll"


I don't know what all this is but I don't like it.
I looked for the sis.dll file and it is located C:\Program Files\Webroot\Spysweeper
so I was affraid to delete it.

What caused me to look for the sis.dll and find the above in the registry is. that
I tried once again to install McAfee Antivirus and got an error message
That MCVSSTLD cause a page fault in SIS. Dll at 0177: 0091d40.

While I haven't seen about blank in several days why is the registry continually changing to these odd Keys.

[MadHijacked]

Don't give up on me please!

Something is going on.

I haven't had SpySweeper, Ad-Aaware, or CWShredder to detect about:blank,
but I believe it is still trying to rewrite it's self.

As you see from my last post that I found the above in the registry. I exported
it to my desktop and deleted it from the registery.

So I looked again today and found this in the same location.

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find Spec MRU]
"a"=""
"MRUList"="habgfedcji"
"b"="Nav"
"c"="Logbba"
"d"="matcli"
"e"="*.lgc"
"f"="*.exe"
"g"="services.exe"
"h"="sis.dll"
"i"="*h.dll"
"j"="*C.dll"


I don't know what all this is but I don't like it.
I looked for the sis.dll file and it is located C:\Program Files\Webroot\Spysweeper
so I was affraid to delete it.

What caused me to look for the sis.dll and find the above in the registry is. that
I tried once again to install McAfee Antivirus and got an error message
That MCVSSTLD cause a page fault in SIS. Dll at 0177: 0091d40.

While I haven't seen about blank in several days why is the registry continually changing to these odd Keys.

[MadHijacked]

Whoops ! I feel so stupid. But at least I have learned a few things about the registry.
Disregard my last two post. I realize now that the information:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find Spec MRU]

Was generated when I would do a Start/find/files or folders.
At least I think it was?

I would like to thank everyone who helped me with my problem.
It was a nightmare for me, but a great learning process.

I still have some problems that I feel was caused by the hijacker.

But if you would like you can close this topic.
And I will post other problems under their related topic title.

Thanks again you are tops.

[admin]

I think you're fine. Thanks for the update.