Posted on 07/09/2004 5:27:22 AM PDT by backhoe
There is a new plague of viruses, trojans, and exploits hammering web users... and no one easy solution.
Be advised, I will add the most useful information I have found so far in the first reply, which I am doing for the sake of simple formatting ease.
First off, here's the most current info and links- follow and read all of it:
In my comments that follow is the first block of information, in the reply is the second, more detailed:
It sure is a shame to see the PC community in such a whirl... but they can fix it, I'm sure! Just call Bill G!
If you get stricken with the about:blank CWS variant horror, you will be scouring the web for online fixes too. LOL!
The Windows updates/patches and firewalls are useless to stop it. Ad-Aware and SpyBot S&D are useless to remove it. Each one will find some components (though not all - and not the same ones between them) but they will come right back.
The only way to get rid of it is to corner the hidden .dll reloader file, and that's borderline impossible to do when Windows is running.
I can certainly see why!
I think the worm and trojan horse being downloaded from the remaining infected web sites are downloaded from that web site's server at the same time you download the web site content that you'd see on your monitor.
good work
The adware and anti-virus programs will not stop the latest CWS or iSearch variants. If you get one, you'll know it because your browser will be hijacked.
General fyi: the Congress is currently debating between two bills designed to criminalize spyware/adware/malware and they should get something passed soon. Not nearly as soon as they should've, though!
I traced my problem ( I hope! ) to a notepad.exe file, actually 3 of 'em, dated 06-26-04.
Bump for bookmark
Thanks for looking!
>>You just have to invest in a good Adware/virus program...in fact maybe two or three and scan every day.<<
I updated My FR homepage because I get asked these questions every day.
The biggest prevention is Firefox. The next is spyware blaster. The last is an ad remover as some infections come in that way. I use Ad-Muncher and I've tried them all. http://www.admuncher.com
Try it for 30 days for free. I bought two copies, worth every penny.
-Mal
Because of the way that windows is designed, yes.
Windows base design still assumes that any executables or script code was placed there by the user.
This is due to the original design as a single user stand alone system. This design flaw still permeates the entire windows architecture.
Just switched to Firefox. It is great.
Anyhow, if you want to ascertain whether you still have a problem, you should run a Find (Files or Folders) search for *.dll on your C Drive. Once that comes up, put your .dll files in order by the date modified. Look at the recently modified files to see if there are any random meaningless names. (For the record, my last one generated before I finally cleaned things up was Kbddjk.dll) If you find one (and you can just search for the .dll names on Google to see if they're legit - most of them can be found here: www.dll-files.com) then you haven't resolved the problem.
Alternatively, you can download HijackThis and search for suspicious BHOs which are another sign of malware activity. Examining the .dll files is the quickest way to go though.
Info's appreciated- thanks!
spent 6 hours on a customer pc, finally tracked CWS problem to "peper", there is a fix tool thru google...
never=ending problems this week - I don't do banking on a pc, and might stop buying on a pc, too...
I've been running spybot and BlazeFind.bridge?? keeps coming up, (I'm really a babe in the woods here so bear with me) and when I ask spybot for a definition none comes up. Is it trojan and can I delete all this stuff?
Among all those links and forums, there is a download of a zipped, clean notepad file-- that's what I used to replace my 2 copies in winnt & system32.
Bear in mind I am no expert- but that sure doesn't look like any legit file to me!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.