?
Solved

IE home page..about:blank possible hijack.

Posted on 2005-03-01
8
Medium Priority
?
314 Views
Last Modified: 2010-04-11
Hi,
Recently when i'm browsing the net, some software(spyware/adware) might have got installed in my PC(WIn98). When the internet explorer is loaded , the initial page is set to 'about:blank' .This page opens up with the address bar pointing to 'about:blank'. But in the page, there are several links(something similar to a Search Assistant) . There are different sections in it(Health:,Adult:,Online Gambling:,Homes:,Finances:,Careers:, and so on).When the mouse is moved over to any of the link, say, Travel section under Insurance ,it is pointing to "http://nyam-nyam.biz/search.cgi?acc=1010;q=Travel Insurance". All the links are point to "nyam-nyam.biz/....".
  I tried to remove it by using Ad-adware 6.0, it says possible browser hijack and shows some bugs and when i press 'Delete', everything gets deleted. But the about:blank page still points to the search links. Also, sometimes i get some pop-ups in between that my system may be infected with spyware/adware asking me to press the given submit button. I'm closing the popup without submitting.

  ANy help to get rid of this problem is highly appreciated. I want the about:blank to be just a blank page woth out any links further.

Thanks in advance..

Ramesh Chandra


0
Comment
Question by:vvrchandra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 

Expert Comment

by:joseywales
ID: 13436672
Sounds like a trojan virus, we had one that kept opening yahoo like pages with an addy of j0r.biz

run the online scanner at trendmicro
housecall.trendmicro.com

then try AVG antivirus
www.grisoft.com

run a combination of antispyware products, one is never enough

run hijack this and post the logfile here or use a webbased log analysis tool like this one

http://www.tomcoyote.org/hjt/

get a personal firewall
http://www.sygate.com/
www.zonelabs.com

make sure you have all the windows 98 patches
www.windowsupdate.com

also remember, if you dont update your AV software and anti spyware software, its useless, so update each time you run it and set for automatic updates if possible

0
 
LVL 27

Accepted Solution

by:
Tolomir earned 2000 total points
ID: 13436887
Petelong was so nice ;-)


 about:blank Removal

Automated Removal
Download http://66.38.1.249/helpdesk/tools/AboutBuster.zip
Then unzip all files from the zip folder to a folder or your desktop. Start it and hit ok. Then hit update. A new screen should popup. On that screen hit Check for Updates. If it says it found an update hit Download Updates. If it doesnt it will automatically tell you and exit. Now for the scanning part. Hit start and then Ok. The program should start scanning. Then hit exit and reboot. Once rebooted run AboutBuster 4.0 once more to make sure everything is ok. The database will be updated very frequently so check your versions once a day.

http://www.experts-exchange.com/Operating_Systems/WinXP/Q_21300301.html?query=&clearTAFilter=true



Tolomir
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 13436897
Latest version and a tutorial can be found here:

http://www.besttechie.net/forums/index.php?showtopic=1488

I see there is an update available: Version 4 instead of version 3, in the link above.

Tolomir
0
Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

 
LVL 5

Expert Comment

by:tmehmet
ID: 13463168
once you use mulitple tools to clean the offending files (make sure the scanners include deep registry scans and memory scan), do not open the browser afterwards, instead, open the registry and go the the hkey_local_machine/software/IE*

go thur every element, i know its boring but double check for anything that has a odd looking URL or IP addresses and remove them. If you have these in there then when you run the browser you are back to square 1 again. Also, if you open the browser before you check, theres a chance that if the trojan file survived the scans (and they usually do), it will see your browser and again you are back to square 1 again.

NOTE: editing the registry can break your machine, be careful.

If after cleaning and registry check still shows suspect behaviour then I would suggest you really clean the machine by backing up your data and reformat becuase you can not trust your machine.

0
 
LVL 27

Expert Comment

by:Tolomir
ID: 13465052
I think it would be sufficient to use the "about:black" remover I have posted above and try firefox (www.getfirefox.com)

Tolomir
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question