At that point you may as well just remove the infection instead of deleting the header. Aurora is not hard to fix if you know the files causing it. Generally nail.exe, bolger.dll, svcproc.exe, and then some random files in the %System% directory.
Nope....
Most users of Windows run at an adminstrator level. This causes any crapware to be able to run at the same level when it installs and then it can easily override the hosts file.
Unfortunately programs like spywareguard and teatimer do not monitor the editing of the host file.
Unfortunately this has method is known not to work. There are a ton of crapware out there that simply changes the attribute on the hosts file and does what it wants to it
With the amount of crapware out there and the amount of guides and articles written about this subject you would think people would still be a bit more secure. Unfortunately it does not seem to be the case.
This guide explains how to keep your damn computer from being stupidly compromised:
Its definitely newer then the vulnerable gdiplus.dll's on my machine.
GDIScan is reporting the version of the gdiplus.dll, and it not being vulnerable, from the redistributable package as being:
5.1.3102.1360
While the exploitable ones it sees floating around my machine are:
5.1.2600.1106
Bleeping Computer recently published a tutorial on how to use this program and interpret its results. You can find it here:
http://www.bleepingcomputer.com/forums/topict3077. html
Slashdot Mirror
At that point you may as well just remove the infection instead of deleting the header. Aurora is not hard to fix if you know the files causing it. Generally nail.exe, bolger.dll, svcproc.exe, and then some random files in the %System% directory.
Simple steps to keep your computer secure!
Doing these steps saves me a huge amount of time and heartache in the future.
Nope ....
Most users of Windows run at an adminstrator level. This causes any crapware to be able to run at the same level when it installs and then it can easily override the hosts file.
Unfortunately programs like spywareguard and teatimer do not monitor the editing of the host file.
Unfortunately this has method is known not to work. There are a ton of crapware out there that simply changes the attribute on the hosts file and does what it wants to it
With the amount of crapware out there and the amount of guides and articles written about this subject you would think people would still be a bit more secure. Unfortunately it does not seem to be the case.
This guide explains how to keep your damn computer from being stupidly compromised:
Simple and easy ways to keep your computer safe and secure on the Internet
Also heres a tutorial for switch from IE to firefox:
Switching from Internet Explorer to Firefox
For anyone who doesnt know how to switch from IE here is a tutorials for you:
Switching from Internet Explorer to Firefox
Enhancing Firefox with Browser Extensions
Its definitely newer then the vulnerable gdiplus.dll's on my machine. GDIScan is reporting the version of the gdiplus.dll, and it not being vulnerable, from the redistributable package as being: 5.1.3102.1360 While the exploitable ones it sees floating around my machine are: 5.1.2600.1106
Bleeping Computer recently published a tutorial on how to use this program and interpret its results. You can find it here: http://www.bleepingcomputer.com/forums/topict3077. html
Bleeping Computer has a tutorial on how to use GDI Scan, offered by ISC, to find apps with the vulnerable gdiplus.dll. The tutorial can be found here:
GDI Scan Tutorial and how to fix the GDI+ JPEG Vulnerability
Either update those apps so they dont have the problem anymore, or do not use the app.