Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Sign in to follow this  
AndrewB

Annoying Spyware

Recommended Posts

Upon opening a new IE browser window, I am greeted with a web page that has every general link to search for. (I.E. Art, Entertainment, Shopping, Electronics, etc...) I also get a pop-up (looks like an ordinary spam pop-up) that says
"ALERT !!!! SPYWARE ACTIVITY DETECTED ON YOUR COMPUTER
FIND OUT HOW TO REMOVE SPYWARE"

The home page on the browser is still set at about:blank, so I'm not sure what the actual address of this annoying general-link site is. AVG keeps detecting spyware and fixing it, but cannot otherwise solve the problem.

Share this post


Link to post

in before "ie sux use moz firephoenix" posts

i don't think i've had control of my homepage for a while. i don't really use a homepage, but every few weeks a new spyware changes it to some random half-ass search engine or web portal. hell, right now it's a 404.

also, it took spybot a good month to update it's reference file with the solution for this and this.

Share this post


Link to post

In Tools/Internet Options, what's the address list for the starting page?

Share this post


Link to post

I think I had that exact problem. I did manage to fix it with something called "BPS Spyware Remover" uhh, but is also stopped Systray from starting automatically.

Share this post


Link to post

What do you mean by update its signature file?

Ichor said:

In Tools/Internet Options, what's the address list for the starting page?

Like I told you, it's about:blank.

Share this post


Link to post

Oh ok. Have you tried searching for 'about:blank' in your registry? Usually these programs add or change something in the registry anything with 'about:blank' was probably put there by the program. I removed more spyware programs this way.

Share this post


Link to post

Well, I ran USE3D's utility, and it fixed my home page, but it did not find any infection for that particular thingy. I guess the problem is half-solved.

And no, I don't search the registry for things, because really, nothing productive ever comes out of that.

Share this post


Link to post

Same here, but in cases like this, it may be necessary.

Share this post


Link to post

Search it and what? "Oh, I found an entry that matches my search criteria. Great."

Share this post


Link to post

Delete it so it won't reset to that website anymore.

Share this post


Link to post

No, but the last time one of these things changed my home page, I searched for that address in the registry. Then I deleted all instances of that website. Also, there is usually a reference to a strange .exe program (it turned out to be a .reg file on mine). I would then find, and either delete or rename that file so that next time my computer is restarted, the program isn't activated anymore and the home page is no longer being changed.

Share this post


Link to post

... Which is exactly why there's something wrong with your computer when about:blank leads to a lame spam search page.

Share this post


Link to post

Check your hosts file (%systemroot%\Hosts in Win95/98, %systemroot\system32\drivers\etc\hosts in 2k/XP AFAIK) for things being resolved to domains unnecessarily. The only use I can really see for that hosts file when we now have most resolution done by external services is so we can locally block other domains by resolving to localhost (where the data will not be found, and thus nothing loads), but MS has kept it in for whatever reason and now it is used for hijack attempts. I think it can be made read-only, but what you'd really have to do is give access to Administrator only and log in as a restricted account with no permission to modify all that in order to prevent spyware from installing. I don't know if spyware exploits the OS in such a way that it can bypass the permissions system supplied by NTFS, though.

Best solution: Don't use an OS of any kind. :P

Share this post


Link to post

To fix such a thing manually:

Look for the patch editing your registry. Remove it from the INI or config file that deals with additions to the registry (don't recall the name, might vary with the OS anyway.) Then look up the info in that registry patch and fix up the registry entries it fucked with or added.

Share this post


Link to post

Could you people please for the love of god use a decent firewall (try ZoneAlarm, it's free!) and browse with all ActiveX / Java options disabled (IE > Tools > Security > Internet Icon + Custom level). Also, run Windows Update once every month or whenever there's news about the next big hole having been plugged.

Hijackers are a clear signal that your internet security is not up to par. Patch up, before you catch something really nasty.

Share this post


Link to post
Ichor said:

Oh ok. Have you tried searching for 'about:blank' in your registry? Usually these programs add or change something in the registry anything with 'about:blank' was probably put there by the program. I removed more spyware programs this way.


Do you run that from the normal search program (there isn't one in the control panel for searching the registry) or do you just search it manually?

Share this post


Link to post

Or do this: press ctrl+alt+delete.

Go to Task Manager, then Processes. Some processes are obviously from Windows, some less obvious. You have to go through each file, and Google it under the Message Boards.

If you get a hit, then someone will be talking about what the file does/where it hides/how to remove it. The simplest solution is to go into the DOS prompt and delete the file manually.

Share this post


Link to post

i HATE spyware, infact i would rather deal with a virus. while some is easy to get rid of, many are a total bitch. if you dont know what you are doing many can and will kill window's networking abilities. once that happens it is just easier to reinstall.

the simple fact is that IE is not good to use in this day and age. use of mozilla has cut down 90% of the spyware that my brother would get, and he is an abid porn addict. however mozilla is in no way perfect, there are programs that will get thru it.

it helps to be paraniod when working with computers, and mainly with windows.

the other fact is this issue will only get worse before it gets better.

keep vigilant and do checks every few days. IE may be good but it is also the worlds biggest target, so use something else or live with it.
you could use linux/unix but there has to be spyware for that aswell, i have seen none, but that doesnt mean there isnt any. hell i am sure those fuckers at gator/claria are even trying to make a linux version

Share this post


Link to post

My homepage is getting switched all the time. It's no problem, as it still goes to the homepage I want, just with a little extra nonsense in the http adrress. But, when the homepage comes up, it gives me this gay toolbar. Ad-aware and (amazingly) CWShredder haven't done anything to it. Will it be here forever!?

Share this post


Link to post
Ct_red_pants said:

I think I had that exact problem. I did manage to fix it with something called "BPS Spyware Remover" uhh, but is also stopped Systray from starting automatically.


BPS Spyware Remover is an illegal ripoff of Spybot S&D, which is free and BPS SW is not.

Ad-Aware should get rid of the garbage, and SpywareBlaster should prevent such crap from getting on anymore.

Share this post


Link to post

Ad-Aware

It checks running processes and deep scans the hard drive and registry for data miners, hijacks, and spyware/malware. When it's done scanning it gives you a list of suspicious objects and a description of each, and allows you to decide which to delete or keep (for instance if you need certain cookies, you can leave them).

Share this post


Link to post

I rarely have problems with spyware/shitware/kitchensinkware, and the only things that I've gotten so far have been this damn N-Case shit which has two noticeable programs that it runs constantly: Optimize.exe and ..some other one that resides in the temp folder. I could delete those to no end, so I used spybots 'immunize' feature to get rid of the shit perminantly.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×