The About:Blank homepage hijacker is a variation of a more advanced
CoolWebSearch hijacker. There are several variants of the About:Blank
hijacker and all of them are difficult to remove manually.
The simplest way to remove the About:Blank adware is to use a specially
designed tool and clean up your system. Step one is to flush out all the
temp files on your machine: Cookies, Temporary Internet Files and Temp files
(you can do this via Internet Explorer's Tools-Internet Options or use Disk
Cleanup. To clean up CoolWebSearch you will need CWShredder. And because of
other malware which may be present, HijackThis will tell you everything that
is running on your system. Be sure to read the tutorial. The information
below will give you links and advice to clean and secure your computer.
Tools such as Ad-Aware, Spybot and AntiVirus all need to have latest
updates, then run each
of them in SAFE Mode. I further recommend that you install a Firewall as
well as be sure to visit Windows Update..
--
~john aka: jopa
WARNING: If your PC is already infested with spyware/adware, resist the
temptation to impulse buying of anti-spyware products that you see on the
Net or receive as e-mail Spam. Vendors of "rogue/suspect" anti-spyware
products advertise heavily via Google's "AdWords". And many are known to
create problems or your machine just to try and sell you the way to "fix"
it. There are a variety of anti-spyware products and web sites -- some
reliable and trustworthy, some not.
Instead, you can get help online from a corps of savvy volunteers who
specialize in busting spyware.
First:
I suggest you read this informative tutorial:
Dealing with Unwanted Spyware and Parasites
http://mvps.org/winhelp2002/unwanted.htm
CAUTION!!! Some malware may kill your internet connection when you remove
it. This program, LSPFIX, should enable you to regain your connection by
correcting the errors in your registry. Before you try to remove spyware
using any of the programs below, download a copy of LSPFIX and WINSOCKXPFIX
from the following sites, just-in-case:
http://www.cexx.org/lspfix.htm
http://www.spychecker.com/program/winsockxpfix.html
And for expert online help, the following links are recommended:
http://forums.spywareinfo.com/index.php OR
http://www.spywarewarrior.com/ OR
http://forum.aumha.org/
The folks at these forums have a lot of experience in dealing with
Hijackers/Spyware/Malware. There is no charge for the help and information
available although donations are accepted. Be sure to read the guidelines,
and following their instructions you will download a little program called
HijackThis. Its purpose is simply to scan your computer and generate a LOG
of everything that is running at that moment. It does not decide what is
Good or Bad. That's what the experts at the forums will do. So *DO NOT* just
arbitrarily start deleting what it finds.
Next:
To use these forums, set up an account and post your LOG there, not here.
Someone will analyze it and let you know if anything is amuck and what you
can do to fix it. In the event your chosen site is down -- go here for a
list of other Security Analysis sites and/or forums:
http://a-sap.org/
***Always follow safe Internet practices:***
1. Keep your virus definitions up to date, and scan your system regularly.
2. Keep your anti-spyware up to date, and scan your system regularly.
NOTE: WindowsME/XP users should disable system restore prior to scanning.
Run scans in SAFE Mode to ensure complete removal, then turn System Restore
on again and create a new Restore Point.
3. Don't open email, or download attachments from unrecognized email
addresses.
4. Be careful when downloading email attachments, EVEN FROM PEOPLE YOU KNOW!
Many viruses, worms, and trojans infect a person's system then immediately
spread themselves to the people in the infected person's address book via
email attachments.
5. Be careful downloading files from the Internet. Scan all downloaded files
with a reliable UP-TO-DATE antivirus program. Scan "zip" files BEFORE
unzipping, and scan all unzipped files BEFORE USING THEM.
6. Keep your Windows and IE current with all the latest patches and updates.
7. USE A FIREWALL.
Scumware/Cr@pware - Removal & Protection Tools:
BEWARE of Rogue/Suspect Anti-Spyware Products & Web Sites
Many unscrupulous companies/individuals are trying to "cash-in" on people's
need for anti-spyware products. Evidence to this effect is the sheer number
of applications that are mere rip-offs of Spybot Search & Destroy or
Ad-Aware (two of the most recognized and trusted anti-spyware apps on the
Net). Proof of this can be found here:
http://www.spywarewarrior.com/rogue_anti-spyware.htm
http://www.spywarewarrior.com/family_resemblances.htm
but,... the following list contains a number of (mostly) FREE programs that
can be used to eliminate immediate threats as well as secure your system.
CWShredder Version 2.1 (FREE) - stand-alone version
Removes all variations of the spyware/hijacker "CoolWebSearch".
This is the first line of defense whenever you suspect possible parasite
infestation. Some current variations of CoolWebSearch block Ad-Aware and
Spybot from catching everything.
http://majorgeeks.com/download3019.html
http://www.intermute.com/spysubtract/cwshredder_download.html
Some variants of CoolWebSearch will close every browser window visiting many
anti-spyware sites, anti-virus sites or even Windows Update. It will even
close Spybot S&D and some other anti-spyware applications when you try to
use them. To eliminate this threat, use CWS.SmartKiller Removal Utility:
http://www.safer-networking.org/minifiles.html
http://majorgeeks.com/download4113.html
Spybot (FREE)
Removes hijackers, spyware, adware, usage tracks and more. Resident
""TeaTimer"" feature monitors crucial processes on your machine. It
immediately detects known malicious processes wanting to start and
terminates them. In addition, TeaTimer detects when something wants to
change some critical registry keys. It can protect you against such changes
giving you an option to "Allow" or "Deny" the change.
http://www.safer-networking.org/en/index.html
http://majorgeeks.com/download2471.html
Ad-Aware (FREE) & Pro
Protects against Data-mining, Ad-Ware, Parasites, Scumware, selected
Trojans, Dialers, Malware, Browser hijackers, and tracking components.
http://www.lavasoftusa.com/software/adaware/
http://majorgeeks.com/download506.html
HijackThis (FREE)
As mentioned above -- USE WITH CAUTION -- Just scan your machine, then save
& post the log to: Spywareinfo or other forum.
http://majorgeeks.com/download3155.html
http://www.tomcoyote.org/hjt/
TUTORIAL: HJT
http://www.pchell.com/support/hijackthistutorial.shtml
SpywareBlaster 3.2 (FREE)
Prevent spyware from installing in the first place! Prevent the installation
of ActiveX-based spyware, adware, browser hijackers, dialers, and other
potentially unwanted pests. Block spyware/tracking cookies in Internet
Explorer and Mozilla/Firefox
http://www.javacoolsoftware.com/spywareblaster.html
http://majorgeeks.com/download2859.html
McAfee Stinger (FREE)
Stinger is a stand-alone utility used to detect and remove specific viruses.
It is not a substitute for full anti-virus protection. Download a *fresh*
copy each time you need it.
http://vil.nai.com/vil/stinger/
Check your browser settings here:
http://www.jasons-toolbox.com/BrowserSecurity/
A series of "tests" (and suggested fixes) to help tweak IE's settings to
help prevent infections when surfing the web.
Check security settings here:
https://www.grc.com/x/ne.dll?bh0bkyd2
http://www.pcflank.com/test.htm
General computer check and tune-up
PC Pitstop
http://www.pcpitstop.com/
If you need a good (FREE) antivirus:
AVG
http://free.grisoft.com/freeweb.php
AVAST
http://www.avast.com/eng/avast_4_home.html
Online Virus Scanner:
-you are wise to use one or more of these in conjunction with your own
antivirus. Never install more than one AntiVirus or Firewall app on a single
machine.
Trendmicro
http://housecall.trendmicro.com/
BitDefender
http://www.bitdefender.com/scan/licence.php
RAV AntiVirus
http://www.ravantivirus.com/scan/
eTrust Antivirus
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Panda ActiveScan
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
If you need a good (FREE) Firewall:
ZoneAlarm (FREE) & Pro
http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
Sygate Personal Firewall(FREE) & Pro
http://smb.sygate.com/free/spf_download.php
This may sound like a lot of work and it is. But, if you follow this
outline, you'll learn a whole lot in the process and have a much more secure
computer.
