|
|
#1
May 6th, 2004, 03:51 AM
|
|||
|
|||
Ad-aware 6.0 & false positive?
First i have to say that i use XP dutch and have my homepage set to blanco= about: blank
I updated Lavasoft Adaware to reference file 01R302 03.05.2004 and the scanned my PC. After the scan i got 2 warnings. I didn't think (yes , stupid stupid, i know) and deleted those entries.But immediately SpywareGuard (good program, thank you Javacool  ) warned me that my homepage was changed from "about:blank" to "microsoft...".So i changed it again to "about :blank"I scanned again with adaware and it came with the following: " vendor: Possible Browser Hijack attempt type :RegData category:data Miner object: HKEY_CURRENT_USER:software\Microsoft\Internet Explorer\Main "StartPage"("about:blank") comment: Possible Browser hijack attempt The other warning didn't come anymore.I hope i didn't do something harmful by deleting it.(i even deleted the quarantaine) It had also something to do with that "about :blank ,i remember. PS: i registerd with the lavasoft forum, but i have to wait before i can post there....that's why i already posted it here Last edited by ronny : May 6th, 2004 at 04:21 AM. |
|
#2
May 6th, 2004, 05:29 AM
|
||||
|
||||
|
Re: Ad-aware 6.0 & false positive?
ad-aware says "possible"....
I had the same thing, but when looking close into it , it was caused by a soft i installed... I use FreeSurfer (popup-blocker) and there the option to set the start page to about:blank was cheked, there is a simular option in SpybotS&D if i'm not mistaking, .....so first chek there before starting to panic. so first check if you have no softs who block your page agianst changing the settings, and if they do and you want to keep them then dont use about:blank as startpage. cu
__________________
Learning everyday something new |
|
#3
May 6th, 2004, 05:32 AM
|
||||
|
||||
|
Re: Ad-aware 6.0 & false positive?
If you set your IE hompage to about:Blank or it's equivilent in Dutch, then you have done nothing wrong. Because Coolwebsearch uses the about:Blank page as a hijack, Ad-Aware is now detecting and fixing it. However, it will detect any about:blank it finds and it found 2 on my system. I have chosen to have about:blank as my Internet Explorer home page, so I didn't have Ad Aware fix it. I also have SpywareGuard, and anytime the home page is changed, it will give the warning box you described. Since Ad-Aware was changing the home page, that is why SpywareGuard gave you the warning.
You can go to Tools>Internet Options> in IE and click the "Use Blank" in the Hompage section to restore it if you want it as your homepage. Next time you scan with Ad-Aware, it will detect it again, so I suggest that you put it in the ignore list to avoid it being detected in the future.
__________________
Nick's Computer Security Fight Back Against SpyAxe |
|
#4
May 6th, 2004, 05:37 AM
|
|||
|
|||
|
Re: Ad-aware 6.0 & false positive?
Thank you Nick and Helpless.You confirm what i was thinking
And i found the log in Adaware, here it is: "....started deep registry scan ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank Possible Browser Hijack attempt Object recognized! Type : RegData Data : "about:blank" Category : Data Miner Comment : Possible browser hijack attempt Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Main Value : Start Page Data : "about:blank" Possible Browser Hijack attempt Object recognized! Type : RegKey Data : OldStartPage="about:blank" Category : Data Miner Comment : Possible browser hijack attempt Rootkey : HKEY_CURRENT_USER Object : Software\XCleaner " |
|
#5
May 6th, 2004, 06:14 AM
|
|||
|
|||
|
Re: Ad-aware 6.0 & false positive?
Ok got answers on the Lavasoft forum:
"Just to clear this up, it is not a false positive and Aaron knew what the reactions would be. We were all notified of possible user reactions to this entry It clearly states: Possible Browser Hijack attempt Object recognized! In this case it is the only way to clear up the issue if it is indeed being caused by CWS. If AboutBlank is your designated Home\Start Page then add it to your Ignore List. If not, then remove it with the rest. To add objects to your Ignore List: Scan with Ad-aware, Click "Next", A list of detected items will be in the view window (always do the 'Ignore' list items 1st) Select any items from the list that you want to "Ignore", Right click in the scan results window, Select "Add selection to ignore-list", Click "OK". " I have to admit , they are right.They DID said "POSSIBLE" browser hijacks.  |
|
#6
May 7th, 2004, 07:02 AM
|
||||
|
||||
|
Re: Ad-aware 6.0 & false positive?
I may be missing the boat, or even the ocean...but i thought I understood the message, and yet my browser is set to google (out of habit) as it's home page. I never have understood why i see "about blank" listed in spybot S&D and HijackThis Logs but i decided, you know, i'm just going to let ad-aware remove it if good old CWS is exploiting the name. if i use google as my homepage do i need "about blank" for any reason, or am i just opening the door for CWS? i know i am missing something about the why i have that page in the first place. is what i did ok?
- HandsOff
__________________
"Oh, no, I've said too much" -REM |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
