VirusScan Online - 125x125button

 [gazette archive]

more info on the google redirect
We got another solution from a surfer. If you get redirects on sites you might be infected with something that Dan sent us the fix for:

Many thanks for the details, it allowed me to find the kind of infection it is. You can point your surfer here, post #21:

Basically it’s a DNS infection, some website changes the DNS servers you use, i.e. they replace your ISP’s DNS servers with theirs, allowing them to redirect any requested domain name (like they wish to the IP address they want; and I guess they allow other domains to go through to prevent the user from thinking their computer is broken.

If he goes into his TCP/IP settings in the control panel, in properties, I bet he will see the following 2 DNS servers: and

The fix is to put back the original ones, or put the option at ‘obtain DNS server address automatically’, depending on how his ISP works. It should do the trick..


redirects to google
We received some reports about people that got redirected to google on various pictures. One of the people reporting proved to be a true detective by mailing the way he fixed this problem. Here is what he sent us, maybe it can be of help!

It seems that is somehow making use of your website to install their spy/malware to force users to pay for their products to remove software install by them. Via NetLimiter Monitor I was able to log the loading of fjhmaabi.exe (orginally named loader.dat) on to my system. This loader then downloaded winsrc32.exe (identified as AntispyLab's "Spyware Scanner") which overtook my system and constantly loaded spy/malware onto my system while advertising their removal software. This is the first major spy/mlalware i have ever gotten after visiting The IP address logged to these two programs was ( which is listed as a known bad promoting spy/malware downloading and scamming.

The way I removed this infection was as follows:

- Restart system in safe mode. Before Windows loads press F8 to bring up the load menu. Choose "Safe Mode" and then your version of windows. Log into your user account which should be the Admin account also.

- Run any and all virus/spyware scanners you have. I had to run Spybot SD, Ad-Aware, HijackThis, ETRemover, and erase the start up list via MSConfig to completely remove all the spy/malware that was loaded on to my system. Another suggestion is to make sure start/search pages were also not changed. Security Center on my system also was altered, so I have disabled it for now. Microsoft had not solution for the reset of Security Center yet.

- Rerun all scanners until no listings appear. I had to run each three times to completely remove all files. Once you are sure it is all gone restart in normal Windows mode. If you see network activity (or your dialer pops up) shutdown ASAP and rerun the spy/mallware scanners in safe mode.

I suggest having a firewall or network monitor like NetLimiter so you can see what files are accessing the internet. Also checking Task Manger for Processes can help. As soon as you see a file that you did not run or recall downloading end that task and run your scanners.

Fix for redirects
We have been getting reports about people experiencing redirects from several different sites list on The Hun's. This is caused by a piece of spyware that got in through an exploit in Internet Explorer. There is a fix for this that works for a lot of people. Here you go:

clear your computer's cache (go to tools | Internet Options and select Delete Files in the folder Temporary Internet Files) and go to You will get a blank page and if all is right the redirects are history!

Some people have CreazyRealm pop up on their site. A Hunner sent us a workaround for that problem. It's not a fix, it's more a patch, but 'till the anti-virus people have a solution for this it's pretty effective:

OK here is what works (at least so far) Let the site open then copy the URL to your clipboard (right click and select 'copy shortcut') Go to IE and tools and Internet Options Click on the Security Tab and select Restricted sites Paste in the URL and click on add and apply So far NO Crazyrealm

Of course we thank 'the pony' for this workaround!

IE problems fix
We had a bit of a problem with a hacker last week. Some people reported their Internet Explorer having problems after it (The application failed to initialize properly). The fix for this problem is at

New Internet Explorer Exploit
On Internetnews an article was released about a new IE exploit that hasn't been fixed by microsoft so far. We get in a couple of reports a day now that we suspect are due to this exploit. We're working on finding where this comes from and how it can be fixed. Keep your eye on the Gazette, more news about this will follow!

Copyrights (c) by The Hun