[thelist] IE6 Hijacking WinShow Solution

Andre Genic g3nic at lycos.co.uk
Tue Sep 16 17:29:17 CDT 2003

Hi Everyone,
           Looks like this is a BHO "browser helper object" exploit.

It's down to 2 files winshow.dll and winshow.cfg and it creates a ton of
registry keys that can only be removed whilst being off line.

The easiest method of getting rid of this is to simply rename the .dll and
.cfg file to something else, then the registry can't put 2 and 2 together,
then you can delete at your pleasure.

For more info go to http://www.mvps.org/inetexplorer/darnit_2.htm you want
the WinShow.dll section.

As for browsers, I'm running virtually everything, I'll be glad to see the
back of IE which looks like being sooner, rather than later, be nice if
Mozilla (and it's variants) wasn't so picky when it comes to plug ins, but
despite that minor gripe, I prefer it to anything else.



More information about the thelist mailing list