Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 12-31-2004, 04:10 PM   #1
Solid State Member
 
Join Date: Mar 2004
Posts: 14
Default 'about:blank'

Hi,

My browser is hijacked by 'about:blank'. Each time I close and open the browser, it always shows 'about:blank' as my homepage! I tried 'CWShredder' and 'Ad-Aware' but with no success and both programs are updated. I always use these two programs for this kind of problem and they really works fine, but this time I really can't solve this problem!!

------------------------------------------------------------------------------

Logfile of HijackThis v1.99.0
Scan saved at 20:55:09, on 01/01/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\system.exe
C:\Program Files\DR4\DR4.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Documents and Settings\miniman\Application Data\r??p?.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\miniman\My Documents\Downloads\Programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = C:\WINDOWS\_hp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = C:\WINDOWS\_s.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\_hp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = C:\WINDOWS\_hp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = C:\WINDOWS\_s.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = C:\WINDOWS\_sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = C:\WINDOWS\_hp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = C:\WINDOWS\_hp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0. dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {3FE6D5FF-1A9F-4B45-8BF5-B2665794A42B} - C:\WINDOWS\System32\bnji.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0. dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\Grisoft\AVG7\avgregcl.exe /BOOT
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - HKLM\..\Run: [nemkdhhezv] C:\WINDOWS\System32\iuoanz.exe
O4 - HKLM\..\Run: [WinUpdate] C:\system.exe
O4 - HKCU\..\Run: [DateRemember] C:\Program Files\DR4\DR4.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [HistoryKill] C:\Program Files\HistoryKill\histkill.exe /startup
O4 - HKCU\..\Run: [Aado] C:\Documents and Settings\miniman\Application Data\r??p?.exe
O4 - HKCU\..\Run: [UninstallAbility] "C:\Program Files\UninstallAbility\uability.exe" /AUTO
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1055.dll,InstantAccess
O4 - HKCU\..\Run: [Spyware Begone] C:\Program Files\freescan.exe -FastScan
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.vladzone.com
.37.211
__________________

miniman is offline   Reply With Quote
Old 12-31-2004, 08:30 PM   #2
In Runtime
 
SocK_MaN's Avatar
 
Join Date: Dec 2004
Posts: 376
Send a message via MSN to SocK_MaN
Default

I suggest spybot s&d. I'm not sure about CWShredder but it has more than ad-aware
__________________

__________________
Windows XP Home Edition
Intel P4 2.4 Ghz
80Gb HDD(7200 rpm)
NVIDIA GeForce4 Ti 4800 SE
1024 DDR Ram
SocK_MaN is offline   Reply With Quote
Old 01-03-2005, 12:29 PM   #3
Baseband Member
 
Join Date: Dec 2004
Posts: 44
Default

i understood the only adware proggy that can destroy it is pest patrol corporate edition.it aint for free though *cough*torrent
Doper is offline   Reply With Quote
Old 01-03-2005, 12:31 PM   #4
In Runtime
 
SocK_MaN's Avatar
 
Join Date: Dec 2004
Posts: 376
Send a message via MSN to SocK_MaN
Default

lol i think spybot does get rid of it
__________________
Windows XP Home Edition
Intel P4 2.4 Ghz
80Gb HDD(7200 rpm)
NVIDIA GeForce4 Ti 4800 SE
1024 DDR Ram
SocK_MaN is offline   Reply With Quote
Old 01-03-2005, 11:26 PM   #5
The Candyman
 
~mr mixx~'s Avatar
 
Join Date: Jun 2004
Location: USA
Posts: 11,312
Default Re: 'about:blank'

Here you go.....
__________________
" Let the music move you "
~mr mixx~ is offline   Reply With Quote
Old 01-05-2005, 09:41 AM   #6
Solid State Member
 
Join Date: Jan 2005
Posts: 7
Default Re: 'about:blank'

I've got the exact same problem with a few other issues. I will post a seperate thread. I just wanted to add my.02 worth. I've run adAware,CWShredder, and Spybot, but this particular "nasty" will not go away.
kb-resq is offline   Reply With Quote
Old 01-07-2005, 04:19 PM   #7
Beta Member
 
cheekymonkey's Avatar
 
Join Date: Jan 2005
Posts: 1
Send a message via ICQ to cheekymonkey Send a message via AIM to cheekymonkey Send a message via MSN to cheekymonkey Send a message via Yahoo to cheekymonkey
Default

Hey, I had the exact same problem and was going mad cos it wouldn't let me use the internet. But anyways I found a solution that worked for me. Here goes:

Run Ad-Aware or another spyware program but don't carry on to delete the files and spyware hold for a minute and look at the spyware names and their locations on your computer.
Then go to - start>run>"regedit" - which opens the Registry Editor, and find these locations in the Registry Editor and then delete these nasties. Careful not to delete anything you shouldn't!

It worked for me, however if anything goes wrong for you, don't blame me please I am only trying to help.

Thanks, Jess
cheekymonkey is offline   Reply With Quote
Old 01-08-2005, 05:15 PM   #8
Solid State Member
 
Join Date: Jan 2005
Posts: 7
Default

Try Microsoft's new Antispyware program. I had this same problem and it fixed it!!
http://www.microsoft.com/athome/secu...e/default.mspx
kb-resq is offline   Reply With Quote
Old 01-10-2005, 02:47 PM   #9
Solid State Member
 
Join Date: Mar 2004
Posts: 14
Default

Hey guys, drop me an email and I will send you a remover!
__________________

miniman is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 03:00 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0