Home   |   Register   |   Rules   |   Calendar   |   Get Daily   |     |  
 


If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

 
Go Back  dBforums > General > Suggestions & Feedback > "about:blank" please help!

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 05-24-04, 12:14
wasser wasser is offline
Registered User
  
Join Date: May 2004
Posts: 1
"about:blank" please help!
Hello,

Need some help. I am not familiar with the game of viruses et al at all so bear with me.

My laptop - HP with '98 system - is in real trouble. I keep getting "about:blank" whenever I open up IE even though the default should be google.

This page shows millions of conventional links but when I click on them I get "connection problems please try later" and the first of innumerable pop up boxes: "Spyware detected on your PC" etc.

I have run lavasoftadaware but makes no difference.

When I tried to access this site or download lava I had all sorts of problems. My A drive just started up for no reason like someone was trying to access my floppy.

Anyway downloaded hijackthis but have no idea of what it means and need guidance.

I noticed on an earlier dBforum mention of "msxml* having more than one letter or number after msxml and having a date different from the other msxml* functions."

I've tried this but found no match.

This is Hijack log below:

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\ATI2PLXX.EXE

C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\EXPLORER.EXE

C:\Program Files\NETVIGATOR\NETVIGATOR BROADBAND\driver\CFOSDW.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\ATIPTAXX.EXE

C:\WINDOWS\SYSTEM\ATI2CWXX.EXE

C:\WINDOWS\SYSTEM\PRPCUI.EXE

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE

C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE

C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE

C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE

C:\WINDOWS\SYSTEM\STIMON.EXE

C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\WCESCOMM.EXE

C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUNOTIFY.EXE

C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE

C:\PROGRAM FILES\NETVIGATOR\NETVIGATOR BROADBAND\DRIVER\CFNDIS.EXE

C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\RNAAPP.EXE

C:\WINDOWS\SYSTEM\TAPISRV.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\WINDOWS\PROFILES\KERRIDGE\DESKTOP\ADAMTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\SYSTEM\NAKLJA.DLL/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\SYSTEM\NAKLJA.DLL/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\SYSTEM\NAKLJA.DLL/sp.html (obfuscated)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\SYSTEM\NAKLJA.DLL/sp.html (obfuscated)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\SYSTEM\NAKLJA.DLL/sp.html (obfuscated)

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\SYSTEM\NAKLJA.DLL/sp.html (obfuscated)

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 218.102.23.27:8080

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

F1 - win.ini: run=C:\PROGRA~1\NETVIG~1\NETVIG~1\DRIVER\cfosdw.ex e

N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%206%5 Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\jerzfq80.slt\prefs.j s)

O1 - Hosts: 127.127.127.127 elite

O1 - Hosts: 64.191.95.139 www.altavista.com

O1 - Hosts: 64.191.95.139 altavista.com

O1 - Hosts: 64.191.95.139 search.yahoo.co.jp

O1 - Hosts: 64.191.95.139 www.lycos.de

O1 - Hosts: 64.191.95.139 www.lycos.ca

O1 - Hosts: 64.191.95.139 www.lycos.jp

O1 - Hosts: 64.191.95.139 www.lycos.co.jp

O1 - Hosts: 64.191.95.139 alltheweb.com

O1 - Hosts: 64.191.95.139 web.ask.com

O1 - Hosts: 64.191.95.139 ask.com

O1 - Hosts: 64.191.95.139 www.ask.com

O1 - Hosts: 64.191.95.139 www.teoma.com

O1 - Hosts: 64.191.95.139 search.aol.com

O1 - Hosts: 64.191.95.139 www.looksmart.com

O1 - Hosts: 64.191.95.139 search.fr.msn.be

O1 - Hosts: 64.191.95.139 search.fr.msn.ch

O1 - Hosts: 64.191.95.139 search.msn.at

O1 - Hosts: 64.191.95.139 search.msn.be

O1 - Hosts: 64.191.95.139 search.msn.ch

O1 - Hosts: 64.191.95.139 search.msn.co.in

O1 - Hosts: 64.191.95.139 search.msn.co.jp

O1 - Hosts: 64.191.95.139 search.msn.co.kr

O1 - Hosts: 64.191.95.139 search.msn.co.za

O1 - Hosts: 64.191.95.139 search.msn.de

O1 - Hosts: 64.191.95.139 search.msn.dk

O1 - Hosts: 64.191.95.139 search.msn.es

O1 - Hosts: 64.191.95.139 search.msn.fi

O1 - Hosts: 64.191.95.139 search.msn.fr

O1 - Hosts: 64.191.95.139 search.msn.it

O1 - Hosts: 64.191.95.139 search.msn****

O1 - Hosts: 64.191.95.139 search.msn.no

O1 - Hosts: 64.191.95.139 search.msn.se

O1 - Hosts: 64.191.95.139 search.xtramsn.co.nz

O1 - Hosts: 64.191.95.139 search.lycos.com

O1 - Hosts: 64.191.95.139 www.lycos.com

O1 - Hosts: 64.191.95.139 www.google.ca

O1 - Hosts: 64.191.95.139 google.ca

O1 - Hosts: 64.191.95.139 www.google.uk

O1 - Hosts: 64.191.95.139 www.google.co.uk

O1 - Hosts: 64.191.95.139 www.google.co.jp

O1 - Hosts: 64.191.95.139 www.google.jp

O1 - Hosts: 64.191.95.139 www.google.at

O1 - Hosts: 64.191.95.139 www.google.be

O1 - Hosts: 64.191.95.139 www.google.ch

O1 - Hosts: 64.191.95.139 www.google.de

O1 - Hosts: 64.191.95.139 www.google.dk

O1 - Hosts: 64.191.95.139 www.google.fi

O1 - Hosts: 64.191.95.139 www.google.fr

O1 - Hosts: 64.191.95.139 www.google.ie

O1 - Hosts: 64.191.95.139 www.google.co.il

O1 - Hosts: 64.191.95.139 www.google.it

O1 - Hosts: 64.191.95.139 www.google.co.kr

O1 - Hosts: 64.191.95.139 www.google****

O1 - Hosts: 64.191.95.139 www.google.co.nz

O1 - Hosts: 64.191.95.139 www.google.pl

O1 - Hosts: 64.191.95.139 www.google.pt

O1 - Hosts: 64.191.95.139 www.google.co.th

O1 - Hosts: 64.191.95.139 google.at

O1 - Hosts: 64.191.95.139 google.be

O1 - Hosts: 64.191.95.139 google.de

O1 - Hosts: 64.191.95.139 google.dk

O1 - Hosts: 64.191.95.139 google.fi

O1 - Hosts: 64.191.95.139 google.fr

O1 - Hosts: 64.191.95.139 google.ie

O1 - Hosts: 64.191.95.139 google.co.il

O1 - Hosts: 64.191.95.139 google.it

O1 - Hosts: 64.191.95.139 google.co.kr

O1 - Hosts: 64.191.95.139 google****

O1 - Hosts: 64.191.95.139 google.co.nz

O1 - Hosts: 64.191.95.139 google.pl

O1 - Hosts: 64.191.95.139 www.hotbot.com

O1 - Hosts: 64.191.95.139 hotbot.com

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {8165B401-AD73-11D8-A86E-00015FB5C43E} - C:\WINDOWS\SYSTEM\NAKLJA.DLL

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe

O4 - HKLM\..\Run: [Ati2cwxx] Ati2cwxx.exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe

O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe

O4 - HKLM\..\Run: [ccRegVfy] c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe

O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE

O4 - HKLM\..\RunServices: [ATIPOLAB] ati2plxx.exe

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [ccEvtMgr] c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg

O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\WCESCOMM.EXE"

O4 - HKCU\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe

O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE

O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O9 - Extra button: Create Mobile Favorite (HKLM)

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/...ash/swflash.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...B?1069800904700

O16 - DPF: {11111111-1111-1111-1111-111111111123} - file://c:\Recycled\1.exe
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


 
 
 
Home  |   Register  |   Get New  |   FAQ's  |   Sitemap

Powered by vBulletin
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.