LocostBuilders - powered by XMB

about:blank hijacker

Peteff - 29/4/05 at 12:07 PM

A friend of mine has this on his computer and couldn't use the internet because of it. I've told him to download firefox for browsing but it was opening .dll files and causing virus alerts when he opened windows explorer so I formatted his computer and it was o.k. but now it's back. He's running ME, anyone know of an easy cure for it?

James - 29/4/05 at 12:22 PM

Symantec have a bunch of downloadable virus removal tools. Have a poke around there.
After that it's a case of decent scanner and regular updates.

HTH,
James

Kitlooney1000 - 29/4/05 at 12:26 PM

problem is symantec products were designed to run on any other OS than Windows,they cause to many conflictions and can slow your PC down, best one IMHO is McAfee,

flak monkey - 29/4/05 at 12:41 PM

I will also vote for McAfee over Symantec. My McAfee has died now (well over 2 yrs old) and i am running symantec until i get the new McAfee. Symantec is crap in comparision....

Do a search for the file name on mcafee.com here:
http://uk.mcafee.com/virusInfo/default.asp?cid=9339

And it will tell you what to do to remove it.

Cheers,
David

Peteff - 29/4/05 at 01:51 PM

Can't find anything about it on there. Looks like another format for it. I'll put him a firewall on before it goes back next time.

britishtrident - 29/4/05 at 04:10 PM

Should be no need to format but don't install Norton it is notorious for slowing PCs to crawl. McAffee is better but out on the net is a whole bunch of free tools.

The main ones new need are

Free-AV http://www.free-av.com/
HiJackThiis (all one word) http://www.spywareinfo.com/~merijn/downloads.html
StartupList http://www.spywareinfo.com/~merijn/downloads.html
Lavasoft Ad-Aware http://www.lavasoft.com/

You will also need a firewall I strongly recommend Keriio 2.14 or 2.15 (NOT the latest 4.1.x version of Kerio it is buggy and bloated) Kerio 2.14 can be found here http://castlecops.com/downloads-cat-5.html

After you download the before you do anything you have to turn off Windows system restore -- how this done varies between Windows versions but for Me

To disable Windows Me System Restore:

1. Click Start, point to “Settings”, and then click “Control Panel”.
2. Double-click the “System” icon. The System Properties dialog box appears.

NOTE: If the System icon is not visible, click "View all Control Panel options" to display it.

3. Click the “Performance” tab, and then click “File System”.
4. Click the “Troubleshooting” tab, and then check “Disable System Restore”.

[Edited on 29/4/05 by britishtrident]

MkIndy7 - 29/4/05 at 04:30 PM

On mine the about:blank was caused by a program with a name something like "Search Assistant"
and could be uninstalled from the add remove programs in the control panel. I think thats why the virus scanners don't pick it up.

Peteff - 29/4/05 at 04:40 PM

I disabled the system restore and uninstalled search assistant last time but it was in registry and kept coming back under a different name even with restore disabled, that's why it got formatted. It tries to install se.dll every time you start explorer and is so well embedded you can't find all the registry entries.

white130d - 30/4/05 at 12:49 AM

can you do the spyware/adware/virus checks, while in safe mode? It keeps the un wanted's from running while you check...

D.

flak monkey - 30/4/05 at 09:23 AM

You can yeah. Some virus scanners (McAfee can anyway) come with the option to make a boot up disk. Which will run the virus scanner on boot up before you even get to windows. Very handy....if not then you can still run them in safe mode usually.

David

britishtrident - 30/4/05 at 09:46 AM

A scan with StartupList is pretty essential for identifying malware processes that only run at start up. http://www.spywareinfo.com/~merijn/downloads.html

Having fun at the moment clearing out the "Alertspy" scamware out of an elderly clients Win2Kpro Thinkpad -- it has a lot of oddball software on so identifying the bad stuff is like walking on egg shells.