What a shock! More computer problems for pkbites! HELP!

General Questions
#1

I’m really getting pissed about this shit. I have to run anti-spy ware programs (adaware, hijack this, etc.) every single night! Isn’t there some way to keep this garbage off in the first place?

My latest problem isn’t being fixed by any of the cures, and it’s a bad one: Everytime I try to log into my email, I’m immediatly transfered to a strange, generic search engine I don’t use. The url of the engine is simply “about:blank”.
It simply won’t let me log into my email. (my email is Hot Mail). I can’t seem to get this evil hijack off my computer. I really need to get into my email.
HELP!

#2

About:blank is one of the most persistent, difficul to remove variants of spyware in the wild today. It requires some special tools and spcial techniques to eradicate it. Here is a thread at spywareinfo.com that details what you need and how to remove it. Good luck!

#3

Once you get your system clean, you’ve got to figure out where you are going on the Net that is hijacking your browser. Do you have your anti-virus software running? How about a firewall?

#4

pkbites, get the following:

  1. Firewall: Zone Alarm
    http://www.zonelabs.com/store/content/home.jsp

  2. Anti-Virus. Make sure you update the definitions regularly.

  3. Run AdAware and Spybot. Use Spybot’s immunization option, that should keep most spyware out.

  4. Try another browser like Opera or something, see if that helps.

#5

I will recommend you ditch MS IE for Mozilla Firefox instead.

#6

The professional version of ZoneAlarm offers more protection. I costs about $25/yr., but is worth considering.

#7

I echo Fear Itself’s advice about using the forums at spywareinfo.com. The about_:blank hijacking is about the worst sort of malware to have. I spent a frustrating couple weeks before finally getting rid of it.

Without the help of the folks at www.spywareinfo.com, I don’t think I’d have been successful. They are truly helpful – but unfortunately, they’re swamped. It can take days for one of the experts to respond.

I’d suggest going to their forums (my link above), and doing a lot of reading. They have numerous tools, techniques, and suggestions that they give to people day after day. You can obtain enough knowledge just by reading to solve your hijacking.

For example, it is not sufficient to simply run AdAware. The settings need to be modified in such a way so that this malware can be taken care of. And HijackThis is needed to modify the registry entries. Then there are hidden files to remove. And all this should be done in Safe Mode.

Good luck. But it can be done.

#8

As has probably been said multiple times before, to avoid automatic downloads of objects, choose:
Tools Menu - Internet Options - tab: Security - Custom Level

… and deny them access.

Ot stop downloading trialware, if that’s what your doing.

#9

Welllll…

#10

One need not turn to the Dark Side to avoid spyware, Ahunter3. Spybot 1.3 has a very good IE plug in that repels spyware silently, and they also offer a registry guard called Tea Timer that prevents changes to the registry.

#11

If people would stop logging on as Administrator this wouldn’t happen.

Windows security, at least after 98, is actually pretty good.

But by running as admin, you’re telling Windows to turn off 100% of its security features. And then you’re buying bandaids to make up for the features you already paid for but turned off.

#12

Any luck yet, PK??

#13

pkbites, I had the same problems up until about six months ago. I got so fed up with adware and spyware (and so sick of ALT+TAB to change windows) that I tried out Mozilla Firebird.

I know you’ve heard it all before, and I’m imploring you to at least give it a try. When you’ve cleared up this latest glitch, try the following for a week:

  • Give yourself a regular user account without admin privileges
  • Install Mozilla’s latest browser with the Adblock plugin and the Tabbed Browser Extensions
  • Set Mozilla’s cookie-handling to semi-paranoid
  • Run fully updated Spybot to immunize, and once a week thereafter
  • Run AdAware at startup daily

…and go about your regular surfing routine. If you hate it, you can always switch back, but at least see what you’re missing!

#14

Sort of. I tried http://www.oz.msie.tv which I found here.. I did this today (sunday, August 1, 2004) so I can’t comment on the long term. But so far it’s allowed me to get into my email account, and my homepage isn’t changing. A search on the web for about:blank reveals that it’s a very nasty, shitty program!
I intend on calling my Congressman and both U.S. Senators. This crap should not be legal! It’s worse than telemarketers, I swear!

#15

I agree, and what do these dikwads think the end result is going to be when the user (you) gets this thing on their PC and screws it up beyond repair? That it’s the best thing since sliced bread? Not! More like “I intend on calling my Congressman and both U.S. Senators. This crap should not be legal! It’s worse than telemarketers, I swear!”. Indeed.
Good long-term luck.

#16

Well, I just got off the phone with the offices of Congressman Kleczka, Senator Feingold, and Senator Kohl and voiced my concerns. Kohls office had some pending legislation info they’re sending me. I guess thats all I can do for now.

#17

Good luck with that. The CoolWebSearch abomination comes out of Russia, with over 1100 affiliates around the world spreading their pestilence, so I don’t think they really care what Congress does.

#18

There are a bunch of things you can do. I have been on the internet since the early days, I’ve used it almost every day since I started. While others around me get infected with all kinds of goo I go about my day and am rarely bothered. I did slip up once from an email I asked to get from my local winery…it had the happy99.exe virus and my click finger worked faster than my brain in that case.

  1. Good firewall, sygate is free and works fine
  2. Good Antivirus, I recommend Norton
  3. Patch your windows PC, its free and normally harmless, this is absolutely key
  4. Stop downloading crap from the internet! I know Bonzai Buddy looks so cute and all, and he really does seem eager to help you. But, like most things on the internet masquarading as free, there is a price, and that price is spyware. Here is a hint…just assume anything aside from music, movies and pictures that you download from the internet is spyware. Even some picture formats are said to contain viruses though this seems limited for the moment. A few of the anti-spyware tools you can download are themselves spyware!

As with all things the more you know the better you can handle the situation. Learn about how Windows starts up and the MSCONFIG tool to see exactly how these little annoyance programs get loaded and bog your system down.

#19

I agree with your recommendations Bongmaster, but unfortunately those actions are necessary but not always sufficient. I use ZoneAlarm, Norton, always up to date with Updates, and never download crap. I still got hit with a variant of CoolWeb Search*.

I have since taken more steps, such as installing SpywareBlaster (freeware to prevent spyware from getting loaded), increased the security for ActiveX controls, and have switched to Mozilla Firefox. (I’ve also changed to a different anti-virus program, which immediately found a couple instances of a virus that Norton missed. This isn’t particularly unusual though, so I don’t put a lot of weight on it.)

  • As I tried to figure out how it happened, I think I got tricked. ZoneAlarm asked me if Windows Media Player could connect o the Internet, and I said OK. From that moment on my homepage was hijackedt.
#20

Definately try Firefox for at least a week.

Get CWS shredder:
http://www.spywareinfo.com/~merijn/

Also Stinger:
http://vil.nai.com/vil/stinger/

And Spybot Search nad Destroy, if you don’t already have it:

Also for the recent MyDoom variant and its symbiote a scanner/cleaner from FSecure:
http://www.f-secure.com/index.shtml