|
|
|
|
|
#1
01-04-2009, 07:15 AM
|
||||
|
||||
Mark sent me a PM with a screenshot of what is going on when he tries to update spybot and I think you guys are right it is this vundo thing. I checked it out, it's a bastard.
For the techie types that may be interested, it works by using a Browser Help Object to snag requests to anti spyware sites and redirect them to localhost. This is especially evil because any spyware definition update that use a dll from the standard microsoft network package seem to be also redirected by the BHO. Hijack This! is probably the best tool for getting rid of this kind of thing but like Snaz says it isn't exactly simple to use. Mark, I'll put the Vundofix program from Atribune on my site and send you a link. 
|
|
#4
01-04-2009, 04:47 PM
|
|||||
|
|||||
|
If it is a Browser Helper Object(BHO) that is doing the redirect then Hijackthis should clean that up.
http://www.download.com/Trend-Micro-...-10227353.html Close all other programs, install HJT and then click "Do System Scan and Save a Log file" It will list all kinds of switches and programs that determine how your computer behaves. As a start, select all BHO and click "FIXED CHECKED". Becareful with the other items HJT finds as some of them are needed for your computer to run. Removing all BHO should not an issue but yahoo toolbars etc will be missiing but you can always install them again as needed. The object today is to get you browser to goto your AV home to update definitions. If your current AV does not fix it try AVG Free AV at: http://grisoft.com and search there site for "FREE" and try the free version, very nice. If that does not work and you have the time, try the HJT upload service, it may take you further. Keith
__________________
Last edited by Snaz; 01-04-2009 at 04:51 PM.
|
Hybrid Mode
