|
|
|
|
|
July 5th, 2004, 12:59 PM
|
|
General
|
|
Join Date: May 2002
Location: Canada
Posts: 3,227
Thanks: 7
Thanked 44 Times in 28 Posts
|
|
Re: OT: about:blank homepage hijacker..
I just checked my e-mail through MS Messenger and it launches IE instead of Mozilla. Guess what? I get a pop-up every time I go to a new page. Know what it is? An ad/warning that I have 'Spyware' on my computer. "Click OK to scan my system for free". I may well be a bit paranoid, but does this not seem to support my theory that it is the 'Spyware Removal" companies that have infected my computer? and in order to remove their spyware I have to 'Pay!' for their software? It's kind of like they shot themselves in the foot, how esle would they know if I had spyware on my system unless they themselves 'Spied' on my system to find out.
If I had the resources I'd sue the pants off the dasterdly spyware companies that are spreading this nasty virus in order to promote sales of their product.
Well, in a few days, I'll do the old Format and re-install of windows and then I'll know my system is clean. (then using Mozilla might help fend off the nasty buggers for a bit longer than IE) BTW, IMHO thise spyware/hijackers are worse than viruses.
Oh well, such is life, it seems that we do indeed live in 'Interesting times'
Cheers!
[ July 05, 2004, 12:00: Message edited by: David E. Gervais ]
|
July 5th, 2004, 03:14 PM
|
|
Corporal
|
|
Join Date: Jun 2004
Location: texas
Posts: 159
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Re: OT: about:blank homepage hijacker..
ok couple of things
to mention thgat you have probably already tried
one absolutly free ad remover program removes ads spyware etc and havs never done a pop[up on me
go to Ad-aware select the standard Version its free as a bird and truthfully i forgot it was on my machine for the Last 6 months since it doesnt remind me course as a free Version its totally manual not an auto runner not a continous shield or any of that
two check the left hand menu items for plugins and in plugins go to the vx2 page something there about a win nt/2k/xp thats EXtTREMLY diffucult to kill and they have a fix for it for free
__________________
Laaanndd!!!! ---lex luthor
se4 code
L+++ GDY $!+ Fr! C+++ SDS T+hot SF* TCP A&++ M++lrn Mp* RO!V Pw++ Fq Nd** RP+ G++ Au Mm+
|
July 5th, 2004, 03:49 PM
|
|
Shrapnel Fanatic
|
|
Join Date: Oct 2003
Location: Vacaville, CA, USA
Posts: 13,736
Thanks: 341
Thanked 479 Times in 326 Posts
|
|
Re: OT: about:blank homepage hijacker..
certain hijackers are really hard to remove. They not only edit the registry but insert variations of commonly used DLL's that will put it back if its removed.
Usually even with ad-aware or spybot you end up having to download a special program written to remove each variation of the program.
Such as... the "blank homepage" and inserting search results to sites like 2020..
http://forums.spywareinfo.com/index.php?showtopic=6000
__________________
-- DISCLAIMER:
This game is NOT suitable for students, interns, apprentices, or anyone else who is expected to pass tests on a regular basis. Do not think about strategies while operating heavy machinery. Before beginning this game make arrangements for someone to check on you daily. If you find that your game has continued for more than 36 hours straight then you should consult a physician immediately (Do NOT show him the game!)
|
July 5th, 2004, 05:40 PM
|
|
General
|
|
Join Date: May 2002
Location: Canada
Posts: 3,227
Thanks: 7
Thanked 44 Times in 28 Posts
|
|
Re: OT: about:blank homepage hijacker..
I got rid of it by removing any and all startup programs/dll's. Now in msconfig, the 'Startup' tab is completely empty.
I have removed all instances of about :blank in the registry and have rebooted several times, the problem seems to be solved. (until me or the system needs and runs one of the old programs/dll's that used to be in the startup.
FYI: the basic procedure for removing this kind of thing is as follows..
install and run Spybot Search & Destroy,
install and run AdAware (it catches some stuff spybot misses.)
scan your registry and remove any instances of about :blank. (or replace them with your original homepage.)
run HijackThis it catches even more leftover stuff and it can produce a log file that tells you what apps are running and therefore might be corrupt.
following this procedure did not fix the problem. and so I took the more drastic measure of not having any of the startup apps in the registry. (fyi: simply toggling them off in the msconfig does not prevent them from being re-activated by the worm. but if the worm finds no entry to 'modify' it aparently cannot install.
Time will tell if any of the 'startup' apps were critical to my system, but I always have them toggled off in the msconfig anyway, so I don't forsee any problems.
Mozilla is proving to be a very nice browser, I doubt that I will ever return to IE.
nuf said, Cheers!
[ July 05, 2004, 16:40: Message edited by: David E. Gervais ]
|
July 5th, 2004, 05:54 PM
|
|
National Security Advisor
|
|
Join Date: Oct 2001
Location: Toronto, Canada
Posts: 5,623
Thanks: 1
Thanked 14 Times in 12 Posts
|
|
Re: OT: about:blank homepage hijacker..
Like I suggested before, try system restore. I had a similar problem with a hard to kill hijack program, but got rid of it by restoring the system before I got infected. It was completely gone.
|
July 5th, 2004, 06:34 PM
|
General
|
|
Join Date: Aug 2000
Location: Ohio, USA
Posts: 4,323
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Re: OT: about:blank homepage hijacker..
The stories about how persistant and ingenious these spyware/adware/hijackware programs can be are getting quite amazing. I've heard about how they install processes to watch themselves and re-install, or hide 'bombs' all over your system in hopes of causing re-infection. I'm glad I've always surfed in 'paranoid' mode with a browser filter/proxy between me and the net. Now with Mozilla instead of IE I'm a bit safer, but being Online is still getting scarier every day. I'm very much afraid that this chaos will provide an excuse for the government to step in and regulate everything, ruining our nice 'free' Internet.
[ July 05, 2004, 17:35: Message edited by: Baron Munchausen ]
|
July 5th, 2004, 06:46 PM
|
|
Sergeant
|
|
Join Date: Dec 2003
Posts: 251
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Re: OT: about:blank homepage hijacker..
Quote:
Mozilla is proving to be a very nice browser, I doubt that I will ever return to IE.
|
Another convert! Chalk yet another up to the Gecko
You will be quite happy to know that the primary vector for spyware installation is closed when you use Mozilla. Mozilla will NOT install anything without your ok.
Now all you have to worry about are dubious "free" programs... and I think you should update your antivirus.
|
July 6th, 2004, 01:13 AM
|
|
General
|
|
Join Date: May 2002
Location: Canada
Posts: 3,227
Thanks: 7
Thanked 44 Times in 28 Posts
|
|
Re: OT: about:blank homepage hijacker..
Quote:
Originally posted by Karibu:
Okay, this seems to be tough case. I would have bet it was something in your Run -folder in Registry. Though, once there was one exe, which would install the virus every time I booted my computer. The situation was so, that merely deleting the virus itself diidn't solve the problem, but finding out which was the virus' installation executalbe, deleting it and removing its key from Run -folder in registry.
However, you said there is nothing in your Run -folder, so this is to no help. However, I put here a link to one thread in computer discussion group (its in finnish), but you can see the links in this particular thread, and can follow them. Take a look, there propably is some programs you haven't tried yet. How to get rid of banners, pop ups, etc.
|
I have already tried most of the removal programs listed on that page. I even did a search on google and found 'replies' on other forums that detail the process of how to remove the offending hijacker. the system does not seem to want to be purged of the hijacker. I have a 'Boot-CD' anti virus software (Kaperski) that has a virus database that was updated on june 14, 2004. When I do a deep scan of my system (it takes about 1 hour) the anti-virus software reports no viruses found.
Just because I was paranoid, I installed Avast and scanned with it, no virus found with avast. So, I'm pretty sure that my system is virus free, but this hijacker thing obviously can not be detected and removed by the anti-virus software. and the spyware removal programs do find it but are unable to remove it. So why should I believe that if I 'Purchase' (aka register) the spyware removal program it will all of a sudden gain the capability to remove the hijacker. Like I said, I think it's an evil plot by the spyware removal companies to promote sales. And it's not a 'Fear-tactic' campaign, they are simply using an "IN YOUR FACE" bug you to death tactic.
I really hope bill gate's computer get's infected by this piece of **** and he sues them to death.
[/babble mode off]
Cheers!
|
July 7th, 2004, 12:17 AM
|
|
Lieutenant Colonel
|
|
Join Date: Mar 2001
Location: Emeryville, CA
Posts: 1,412
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Re: OT: about:blank homepage hijacker..
DEG, you probably already knew about this, but be sure to run the update feature on both AdAware and Spybot. The installers, IIRC, come with definitions that are over a year old.
__________________
GEEK CODE V.3.12: GCS/E d-- s: a-- C++ US+ P+ L++ E--- W+++ N+ !o? K- w-- !O M++ V? PS+ PE Y+ PGP t- 5++ X R !tv-- b+++ DI++ D+ G+ e+++ h !r*-- y?
SE4 CODE: A-- Se+++* GdY $?/++ Fr! C++* Css Sf Ai Au- M+ MpN S Ss- RV Pw- Fq-- Nd Rp+ G- Mm++ Bb@ Tcp- L+
|
July 7th, 2004, 12:24 AM
|
|
Shrapnel Fanatic
|
|
Join Date: Dec 2000
Location: USA
Posts: 15,630
Thanks: 0
Thanked 30 Times in 18 Posts
|
|
Re: OT: about:blank homepage hijacker..
can someone post a link to mozilla?
__________________
Creator of the Star Trek Mod - AST Mod - 78 Ship Sets - Conquest Mod - Atrocities Star Wars Mod - Galaxy Reborn Mod - and Subterfuge Mod.
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is On
|
|
|
|
|