ok i have reinstalled windows 2000 and installed windows into a "windows" named folder and not the regular default "winnt" named folder. This was done to isolate the bad file. Turns out the file is 57,344 kb like all have said too. I can go into my old "winnt\system32" folder now and find the file, its not hidden anymore due to the folder not being used for windows since i am running windows out of the new "windows" named folder i created. So since the file is now not hidden, called resnhmj.dii, i was able to rename it to about_blank or any other name but i can not delete it, i can not delete the "winnt\system32" folder either, i also dumped for a test every file into my recycling bin from the old "winnt\system32" folder and it lets me delete every file except 1, guess... right the resnhmj.dii (renamed about_blank). So im stuck, windows runs perfect now, i get no popups or homepage hijacks but i still would like to dump this damm piece of crap file. I try to delete it and i get the message "cannot delete about_blank: Access is denied. The source file may be in use" also then i try to change its attributes from "read only" to uncheck that but when i hit apply i get an error message "An error occurred applying attributes to the file C:system32\about_blank Access is denied. I put the file on my C drive and it sits inside a system32 folder that came from the old winnt windows folder so you follow me. So basically i can change the files name, see its properties, but i cant delete it or change its attributes, so know what or how to delete this thing? Also i tried looking at the file thru the Windows Recovery Console but when i go to the folder its inside i get a "denied access" message so i cant access or vies this file or delete it from the recovery console. So i got it isolated but how to kill it off my system? Should i try to change system security settings now under local security properties in the control panel? please guys im so close to fixing this for good now, well at least to i stumble across it again surfing the web... thanks for any ideas to delete the folder and 1 file inside.
how to delete a file i found that is the source
1 reply to this topic
Posted 06 July 2004 - 05:32 PM
ITS DONE !!! well i went with my gut on this one, i figured out how to get access and control over my files then i changed this bad files attributes and then it allowed me to delete it and the folder and then i deleted it from the recycling bin... I first went into start-settings-control panel-administrative tools-local security policy-local policies-security options-and changed both recovery console options to enable from disable(this allows access and floppy copy to all drives and all folders, then i went into the bad file i had named about_blank and went into properties-security-advanced-owner which was my name and then i changed myself to owner of the file, which i am the current administrator anyhow. Then clicked apply, then ok, then went into permissions under my name which now say "allow" and "full control" then went into changing all permissions to allow a checkmark in "full control,modify,read &execute,list folder contents,read, write and allow inheritable permissions from parent to propagate to this object all checkmarked to allow me permission. Then of course rebooted after applying the new settings, then came back into the folder and deleted the file 1st, then the folder 2nd then looked in the recycle bin to see if it went there and it did,then emptied it all out, then rebooted, then looked and it was all gone for good. then ran a search to make sure it was gone and it was, i do believe i am one of only a few now who totally got rid of this about:blank cool web search virus but i had to reinstall windows into another folder other then "winnt" and do alot of copy and pasting and then updating of all my programs but it took less than 3 hours or so and i got all the old windows 2000 files and viruses deleted, i think im free, thanks for the help but in the end i did it myself
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users