My mate got fooled by a pop up and installed this totally bogus AV proggy, that loads trojans galore on to his system. :rolleyes: I’ve managed to remove the program and the trojans but there is a link that keep popping up whenever he uses IE. It says that the web page he is trying to access is dangerous and reroutes him to an About:Blank page with two buttons, one to return to the page which just loops back and one to a site that he got the infected proggy from in the first place.
I’ve set him up with Firefox, but he needs IE for some sites.I’ve checked the fixes and checked the registry, none are in the registry now, but this still keeps coming back up. I may have missed something as it was late when I finished playing. Any idea how to remove this last issue?
Give the machine a scan with : http://malwarebytes.org/
and see what happens… install with admin account the update it…then bust into safemode for the scan
Malwarebytes gets my vote too, had a similar problem ages ago and it worked first time
Ran Malwarebytes and it found 2 more reg entries and 4 additional virii. Still could not find the IE entries noted in the removal web site notes, but all seems to be clear now. MWB seems to be the weapon of choice for this problem. Cheers guys
The MWB user forum is pretty decent too
I’m currently running XP 64 bit, and an early scan with MWB found some strange results. A quick trip to the forums and I found out they were False Positives due to the 64 bit system.
I think the ‘developers’ are quick to jump on fixing things like that (when they can) in an attempt to keep on top of the game, and keep their customers happy
Seen that one twice, they look almost windows application for the “average joe” and unfortunately they DO take credit card details.
Generally the one’s I’ve seen were “blah blah pro” or similar trying to get you to buy something. One was cyberdefender which an person i know fell for and there registration key didn’t work funnily enough