Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 321
  • Last Modified:

IE home page..about:blank possible hijack.

Hi,
Recently when i'm browsing the net, some software(spyware/adware) might have got installed in my PC(WIn98). When the internet explorer is loaded , the initial page is set to 'about:blank' .This page opens up with the address bar pointing to 'about:blank'. But in the page, there are several links(something similar to a Search Assistant) . There are different sections in it(Health:,Adult:,Online Gambling:,Homes:,Finances:,Careers:, and so on).When the mouse is moved over to any of the link, say, Travel section under Insurance ,it is pointing to "http://nyam-nyam.biz/search.cgi?acc=1010;q=Travel Insurance". All the links are point to "nyam-nyam.biz/....".
  I tried to remove it by using Ad-adware 6.0, it says possible browser hijack and shows some bugs and when i press 'Delete', everything gets deleted. But the about:blank page still points to the search links. Also, sometimes i get some pop-ups in between that my system may be infected with spyware/adware asking me to press the given submit button. I'm closing the popup without submitting.

  ANy help to get rid of this problem is highly appreciated. I want the about:blank to be just a blank page woth out any links further.

Thanks in advance..

Ramesh Chandra


0
vvrchandra
Asked:
vvrchandra
1 Solution
 
joseywalesCommented:
Sounds like a trojan virus, we had one that kept opening yahoo like pages with an addy of j0r.biz

run the online scanner at trendmicro
housecall.trendmicro.com

then try AVG antivirus
www.grisoft.com

run a combination of antispyware products, one is never enough

run hijack this and post the logfile here or use a webbased log analysis tool like this one

http://www.tomcoyote.org/hjt/

get a personal firewall
http://www.sygate.com/
www.zonelabs.com

make sure you have all the windows 98 patches
www.windowsupdate.com

also remember, if you dont update your AV software and anti spyware software, its useless, so update each time you run it and set for automatic updates if possible

0
 
TolomirAdministratorCommented:
Petelong was so nice ;-)


 about:blank Removal

Automated Removal
Download http://66.38.1.249/helpdesk/tools/AboutBuster.zip
Then unzip all files from the zip folder to a folder or your desktop. Start it and hit ok. Then hit update. A new screen should popup. On that screen hit Check for Updates. If it says it found an update hit Download Updates. If it doesnt it will automatically tell you and exit. Now for the scanning part. Hit start and then Ok. The program should start scanning. Then hit exit and reboot. Once rebooted run AboutBuster 4.0 once more to make sure everything is ok. The database will be updated very frequently so check your versions once a day.

http://www.experts-exchange.com/Operating_Systems/WinXP/Q_21300301.html?query=&clearTAFilter=true



Tolomir
0
 
TolomirAdministratorCommented:
Latest version and a tutorial can be found here:

http://www.besttechie.net/forums/index.php?showtopic=1488

I see there is an update available: Version 4 instead of version 3, in the link above.

Tolomir
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
tmehmetCommented:
once you use mulitple tools to clean the offending files (make sure the scanners include deep registry scans and memory scan), do not open the browser afterwards, instead, open the registry and go the the hkey_local_machine/software/IE*

go thur every element, i know its boring but double check for anything that has a odd looking URL or IP addresses and remove them. If you have these in there then when you run the browser you are back to square 1 again. Also, if you open the browser before you check, theres a chance that if the trojan file survived the scans (and they usually do), it will see your browser and again you are back to square 1 again.

NOTE: editing the registry can break your machine, be careful.

If after cleaning and registry check still shows suspect behaviour then I would suggest you really clean the machine by backing up your data and reformat becuase you can not trust your machine.

0
 
TolomirAdministratorCommented:
I think it would be sufficient to use the "about:black" remover I have posted above and try firefox (www.getfirefox.com)

Tolomir
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now