Re: About:Blank Homepage Hijacker
From: Phil Weldon (notdiscosed_at_example.com)
Date: 11/09/05
- Next message: Marc Hoffman: "WSUS error: Computer "Net yet reported""
- Previous message: Bigbruva: "Sony Rootkit now detected by Symantec"
- In reply to: Teacher Dave: "Re: About:Blank Homepage Hijacker"
- Next in thread: Nick Skrepetos \(SuperAdBlocker.com\): "Re: About:Blank Homepage Hijacker"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 09 Nov 2005 17:48:41 GMT
'Teacher Dave' wrote, in part:
| In my simplistic view of the world, viruses, spyware & adware all amount
to
| the same thing - an unwanted intrusion onto your computer. I'm always
| disappointed that my antivirus software doesn't protect my networks from
all
| these security threats.
_____
I'm always disappointed vulnerabilites exist in operating systems and
applications that allow malware to function in the first place. But with
more power, more complexity, and more connectivity, there it is.
The vulnerabilites of software aren't the only entry points for malware.
Unwise decisions by the user can open the door. User education is the first
and last line of defense, wrapped around
real-time antivirus protection
adware blockage and deletion
spyware
trojans
intrusion via the Internet (or wireless LAN)
physical intrusion.
All of the protection software requires VERY frequent updates of specific
malware definitions for identification.
There is something to be said for having protection from malware provided by
a publisher other than the Operating System software, thus keeping the wall
between the vulnerable system and the protection programs as high as
possible.
Phil Weldon
"Teacher Dave" <TeacherDave@discussions.microsoft.com> wrote in message
news:CC9F9260-6430-4C37-9D2B-893441F226BE@microsoft.com...
| Thanks to you David & also Jurren for your prompt replies. I'm off site
now &
| won't be back there until next Wednesday but I'll certainly report back as
to
| which of your methods I use to solve my little problem.
|
| I'm still a bit confused as to why the Microsoft AntiSpyware doesn't pick
up
| About:Blank - is it classed as Spyware or some other category?
|
| In my simplistic view of the world, viruses, spyware & adware all amount
to
| the same thing - an unwanted intrusion onto your computer. I'm always
| disappointed that my antivirus software doesn't protect my networks from
all
| these security threats.
|
| Regards
|
|
|
| "David H. Lipman" wrote:
|
| > From: "Teacher Dave" <Teacher Dave@discussions.microsoft.com>
| >
| > | I have several machines on a school network infected with About:Blank.
| > | Expected that the Microsoft AntiSpyware Beta version would get get rid
of
| > | this, but the Quick Scan doesn't spot it at all.
| > |
| > | There are lots of bespoke tools out there claiming to remove
About:Blank,
| > | but I've no way of telling if they are from reliable sites.
| > |
| > | I've had a glance at some instructions on how to remove the offeding
files
| > | from the registry, but it seems hard work to me.
| > |
| > | Surely someone has already done the hard work so that I just have to
press a
| > | button to make everything OK? Preferably without costing me anything!
| > |
| > | Am I asking too much?
| >
| > For non-viral malware...
| >
| > Please download, install and update the following software...
| >
| > Ad-aware SE v1.06
| > http://www.lavasoft.de/
| > http://www.lavasoftusa.com/
| >
| > SpyBot Search and Destroy v1.4
| > http://security.kolla.de/
| >
| > After the software is updated, I suggest scanning the system in Safe
Mode.
| >
| > I also suggest downloading, installing and updating BHODemon for any
Browser Helper Objects
| > that may be on the PC.
| >
| > BHODemon
| > http://www.definitivesolutions.com/bhodemon.htm
| >
| > For viral malware...
| >
| > Download MULTI_AV.EXE from the URL --
| > http://www.ik-cs.com/programs/virtools/Multi_AV.exe
| >
| > It is a self-extracting ZIP file that contains the Kixtart Script
Interpreter {
| > http://kixtart.org Kixtart is CareWare } 4 batch files, 6 Kixtart
scripts, one Link
| > (.LNK) file, a PDF instruction file and two utilities; UNZIP.EXE and
WGET.EXE. It will
| > simplify the process of using; Sophos, Trend, Kaspersky and McAfee Anti
Virus Command
| > Line Scanners to remove viruses, Trojans and various other malware.
| >
| > C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in
C:\AV-CLS}
| > This will bring up the initial menu of choices and should be executed in
Normal Mode.
| > This way all the components can be downloaded from each AV vendor's web
site.
| > The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
Reboot the PC.
| >
| > You can choose to go to each menu item and just download the needed
files or you can
| > download the files and perform a scan in Normal Mode. Once you have
downloaded the files
| > needed for each scanner you want to use, you should reboot the PC into
Safe Mode [F8 key
| > during boot] and re-run the menu again and choose which scanner you want
to run in Safe
| > Mode. It is suggested to run the scanners in both Safe Mode and Normal
Mode.
| >
| > When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help
| > file.
| >
| > To use this utility, perform the following...
| > Execute; Multi_AV.exe { Note: You must use the default folder
C:\AV-CLS }
| > Choose; Unzip
| > Choose; Close
| >
| > Execute; C:\AV-CLS\StartMenu.BAT
| > { or Double-click on 'Start Menu' in C:\AV-CLS }
| >
| > NOTE: You may have to disable your software FireWall or allow WGET.EXE
to go through your
| > FireWall to allow it to download the needed AV vendor related files.
| >
| > * * * Please report back your results * * *
| >
| >
| > --
| > Dave
| > http://www.claymania.com/removal-trojan-adware.html
| > http://www.ik-cs.com/got-a-virus.htm
| >
| >
| >
- Next message: Marc Hoffman: "WSUS error: Computer "Net yet reported""
- Previous message: Bigbruva: "Sony Rootkit now detected by Symantec"
- In reply to: Teacher Dave: "Re: About:Blank Homepage Hijacker"
- Next in thread: Nick Skrepetos \(SuperAdBlocker.com\): "Re: About:Blank Homepage Hijacker"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
