Browser hijacking removal help

0 Votes

Browser hijacking removal help

I have a remote user who is experiencing some sort of browser hijacking attempts. Thank goodness we run content advisor on IE.

The sites that keep trying to load as follows:

I have run the latest version of Spybot, but it hangs towards the end when trying to scan for zlob

Searching for *.hta or *.js is coming up blank. All *.tmp files have been deleted just in case.

Any suggestions would be appreciated.