OT: about:blank homepage hijacker..

[Baron Munchausen]

The stories about how persistant and ingenious these spyware/adware/hijackware programs can be are getting quite amazing. I've heard about how they install processes to watch themselves and re-install, or hide 'bombs' all over your system in hopes of causing re-infection. I'm glad I've always surfed in 'paranoid' mode with a browser filter/proxy between me and the net. Now with Mozilla instead of IE I'm a bit safer, but being Online is still getting scarier every day. I'm very much afraid that this chaos will provide an excuse for the government to step in and regulate everything, ruining our nice 'free' Internet.

[ July 05, 2004, 17:35: Message edited by: Baron Munchausen ]

[Sivran]

Quote:

Mozilla is proving to be a very nice browser, I doubt that I will ever return to IE.

Another convert! Chalk yet another up to the Gecko

You will be quite happy to know that the primary vector for spyware installation is closed when you use Mozilla. Mozilla will NOT install anything without your ok.


Now all you have to worry about are dubious "free" programs... and I think you should update your antivirus.

[Will]

DEG, you probably already knew about this, but be sure to run the update feature on both AdAware and Spybot. The installers, IIRC, come with definitions that are over a year old.

[Atrocities]

can someone post a link to mozilla?

[Phule]

www.mozilla.org

[Thermodyne]

Link to kill it:
http://www.securiteam.com/securityre...RP0L0UD5U.html

And as the others have said Mozilla or Firefox to prevent it. If you have to keep IE6, then Firefox is a little more IE friendly. If you work with SQL web apps or Frontpage, then you will want to keep IE around.

[David E. Gervais]

Quote:

Originally posted by Thermodyne:
Link to kill it:
http://www.securiteam.com/securityre...RP0L0UD5U.html

And as the others have said Mozilla or Firefox to prevent it. If you have to keep IE6, then Firefox is a little more IE friendly. If you work with SQL web apps or Frontpage, then you will want to keep IE around.

Interesting link Thermodyne. Especially the note at the bottom of tyhe page, Aparently my suspicions were right, it is indeed an spyware/hijacker removal service that has been spreading this piece of malware. They should be sued into bankrupsy and given life prison terms fo their maliscious act.

btw: following this kind of procedure does not always work, and it did not work for me. I still had the problem after running through the procedure. But I found a workaround.. I viewed all the files in my ..\windows, \system and \system32 folders and sorted by date. I then deleted all suspicious files and made special notes of the ones that said 'unable to delete' and removed them in dos. When I rebooted the system complained but was nice enough to let me know what it was looking for. I searched the registry and removed any references to these files. it seems fine now.

BTW I wouldn't reccomend this type of drastic procedure unless you have a good knowledge of what is what in the windows folder. It would be easy to delete a 'needed' file and cause windows to die.

One good indication that it's a bad file is when it has a very obscure name, like snxyfc.dll or mxtargoo.dll etc.

Anyway, the problem seems to be solved, and now that my primary browser is Mozilla I should be safer.

Cheers!

P.S. Thermo, I'm approaching 100 folds for the sharky team. Man I hat getting these ***/400 folds, they take several days to complete.

[ July 07, 2004, 11:57: Message edited by: David E. Gervais ]