|
| ||
| Re: about:blank virus i have had this virus for about a month and i just did everything the messages instructed...it said to post the log that i got from hijackthis...so i guess i can post it here..I am new to all this so any help i recieve would be greatly appreciated. When exactly will the about:blank thing go away? Is it gone now or do I still need to do more? Thanks, RSuave427 Logfile of HijackThis v1.97.7 Scan saved at 1:13:26 AM, on 5/31/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\svchosd.exe C:\HJT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://yellow-pages.ws/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank F0 - system.ini: Shell=Explorer.exe svchosd.exe F1 - win.ini: run=C:\WINDOWS\system32\services\wmplayer.exe F2 - REG:system.ini: Shell=Explorer.exe svchosd.exe O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe" O4 - HKLM\..\Run: [win32.exe] C:\WINDOWS\win32.exe O4 - HKLM\..\Run: [mswspl] C:\WINDOWS\sb.exe O4 - HKLM\..\Run: [Aplune Service] svchosd.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: AIM (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: *.flingstone.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab |
| ||
| Re: about:blank virus Hey rsuave427 you should not post a new problem on this thread. create your own. As DMR said (If you need to repost, please start your own thread instead of continuing here. To keep threads clear and concise, we ask that members abide by our policy of "one member, one problem" per thread.). Also did you try CAPERJACK's instructions. |
| ||
| Re: about:blank virus The most direct response to the about|blank hijack I've seen is in this topic: http://daniweb.com/techtalkforums/thread5531.html |
| ||
| Re: about:blank virus You have more than about blank ,like this one --O4 - HKLM\..\Run: [Aplune Service] svchosd.exe. This is why its always best to start your own thread instead of piggie backing to one like this one. Everyones log is different!!Everyones problems are different! Run this free online virus scan ,check off auto fix.and and then Scan http://housecall.trendmicro.com/hous...start_corp.asp |
| ||
| Re: about:blank virus about:blank trojan removed! (aka HomeOldSP hijacker) I tried most adware programs to no avail. The wicked pest kept returning. Now I am happy to report that there is a cure: Adware Away. It is as easy as pie to use. The about:blank trojan was killed in minutes. Click "more" on Adware Away's menu. Icons with names of various hijackers are displayed. Click on those bothering you, and they're gone!! In fact it also trashed CoolWebSearch, Lycos SideSearch and IstBar - trojans I didn't even know I had. All I can say, "Adware Away is FANTASTIC". www.AdwareAway.com |
| ||
| Re: about:blank virus Does the program actually remove them, or just disguise them?? I am trying to get more info on it. If it only prevents the running of these programs it's not much cop. You also have to pay for it. |
| ||
| Re: about:blank virus Quote:
They have a five day free trial. The tech support guy is great. Responded to me immediately. And even updated his fine program the same day with a suggestion of mine. After running Scan on the first page of Adware Away, click on More. This takes you to a menu of Hijackers. Click on the about:blank icon. It is zapped instantly! The trojan, that is! (not the icon.) hehe It was like finding the cure for cancer. This guy was so happy he paid ten bucks extra for their CD. The program even found other malware on my PC that I was ignorant of, as mentioned above. |
| ||
| Re: about:blank virus I was afflicted with the same virus and thanks to this message post I was able to fix it. I just wanted to say thank you very much for all your help! :mrgreen: |
| ||
| Re: about:blank virus Quote:
|
| ||
| Re: about:blank virus Quote:
|
| All times are GMT -4. The time now is 5:24 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC