• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
zerohour

Having real troubles with about:blank

5 posts in this topic

I've tried using CWShredder, HiJackThis, the latest AdAware, and i haven't had any luck with About:Buster that's posted at the top of the page here (I keep getting a runtime error). I've also used the online scanner on this site.

 

HiJackThis has detected the problem but won't remove it.

AdAware detected and supposedly removed other problems, not sure if they were part of the about:blank thing.

The online scanner did the same.

And as i said before the about:buster wouldn't work at all, not sure if i'm doing something wrong with that. - keep getting Runtime error 53.

 

Can someone help out this has got to be the most annoying thing ever "placed" on my computer.

Edited by zerohour

Share this post


Link to post
Share on other sites

By the way, here's the logfile for Hijackthis, i've noticed everybody else is posting theirs. I've also read through the site's FAQ.

 

Also, when I scan with Ad-aware, it has found something called "coolwebsearch", which i can remove but it reappears when I restart my computer.

 

If anybody can give me any information, even on the problems i've had with the about:buster, it would be greatly appreciated.

 

 

 

StartupList report, 7/12/04, 1:12:18 PM

StartupList version: 1.52

Started from : E:\APPS\ALDENS\SECURITY\HIJACKTHIS.EXE

Detected: Windows 98 SE (Win9x 4.10.2222A)

Detected: Internet Explorer v5.00 (5.00.2614.3500)

* Using default options

* Showing rarely important sections

==================================================

 

Running processes:

 

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\SYSTEM\ATI2EVXX.EXE

C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCIOMON.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM\RNAAPP.EXE

C:\WINDOWS\SYSTEM\TAPISRV.EXE

C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMTRAY.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE

C:\PROGRAM FILES\KEMAILKB\KEMAILKB.EXE

C:\PROGRAM FILES\MICROSOFT HARDWARE\GAME CONTROLLERS\COMMON\SWTRAYV4.EXE

C:\WINDOWS\SYSTEM\STIMON.EXE

C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCGUIDE.EXE

C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCCLIENT.EXE

C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\POP3TRAP.EXE

C:\WINDOWS\RunDLL.exe

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\WINOA386.MOD

E:\APPS\ALDENS\SECURITY\HIJACKTHIS.EXE

 

--------------------------------------------------

 

Listing of startup folders:

 

Shell folders Startup:

[C:\WINDOWS\Start Menu\Programs\StartUp]

PowerReg Scheduler.exe

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

 

smapp = C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

ScanRegistry = C:\WINDOWS\scanregw.exe /autorun

TaskMonitor = C:\WINDOWS\taskmon.exe

SystemTray = SysTray.Exe

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

DisableEHCI = C:\WINDOWS\NoUSB20.EXE

ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

KEMailKb = C:\PROGRA~1\KEMAILKB\KEMailKb.EXE

SideWinderTrayV4 = C:\PROGRA~1\MICROS~1\GAMECO~1\COMMON\SWTRAYV4.EXE

StillImageMonitor = C:\WINDOWS\SYSTEM\STIMON.EXE

pccguide.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"

PCCIOMON.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"

PCCClient.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"

Pop3trap.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

 

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

SchedulingAgent = C:\WINDOWS\SYSTEM\mstask.exe

ATIPOLL = ati2evxx.exe

ATISmart = C:\WINDOWS\SYSTEM\ati2s9ag.exe

PCCIOMON.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"

PCCPFW = C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

 

Taskbar Display Controls = RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY

IEengine = C:\Program Files\Internet Explorer\IEengine.exe

 

--------------------------------------------------

 

Enumerating Active Setup stub paths:

HKLM\Software\Microsoft\Active Setup\Installed Components

(* = disabled by HKCU twin)

 

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *

StubPath = C:\WINDOWS\SYSTEM\ie4uinit.exe

 

[>PerUser_MSN_Clean] *

StubPath = C:\WINDOWS\msnmgsr1.exe

 

[PerUser_LinkBar_URLs] *

StubPath = C:\WINDOWS\COMMAND\sulfnbk.exe /L

 

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *

StubPath = "C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:WIN9X /user /install

 

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *

StubPath = "C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:WIN9X /user /install

 

--------------------------------------------------

 

Checking for EXPLORER.EXE instances:

 

C:\WINDOWS\Explorer.exe: PRESENT!

 

C:\Explorer.exe: not present

C:\WINDOWS\Explorer\Explorer.exe: not present

C:\WINDOWS\System\Explorer.exe: not present

C:\WINDOWS\System32\Explorer.exe: not present

C:\WINDOWS\Command\Explorer.exe: not present

C:\WINDOWS\Fonts\Explorer.exe: not present

 

--------------------------------------------------

 

C:\WINDOWS\WININIT.INI listing:

(Created 12/7/2004, 13:3:34)

 

[rename]

NUL=C:\WINDOWS\TEMP\GLB1A2B.EXE

 

--------------------------------------------------

 

C:\WINDOWS\WININIT.BAK listing:

(Created 12/7/2004, 12:13:48)

 

[rename]

NUL=c:\windows\cookies\ian@atdmt[2].txt

NUL=c:\windows\cookies\ian@bluestreak[1].txt

NUL=C:\WINDOWS\TEMP\GLB1A2B.EXE

 

--------------------------------------------------

 

C:\AUTOEXEC.BAT listing:

 

SET PATH=%PATH%;C:\PROGRA~1\ATITEC~1\ATICON~1;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;E:\APPS\ZIP

 

--------------------------------------------------

 

Checking for superhidden extensions:

 

.lnk: HIDDEN! (arrow overlay: yes)

.pif: HIDDEN! (arrow overlay: yes)

.exe: not hidden

.com: not hidden

.bat: not hidden

.hta: not hidden

.scr: not hidden

.shs: HIDDEN!

.shb: HIDDEN!

.vbs: not hidden

.vbe: not hidden

.wsh: not hidden

.scf: HIDDEN! (arrow overlay: NO!)

.url: HIDDEN! (arrow overlay: yes)

.js: not hidden

.jse: not hidden

 

--------------------------------------------------

 

Enumerating Browser Helper Objects:

 

(no name) - C:\WINDOWS\SYSTEM\JDJ.DLL - {78B561A3-D3F9-11D8-AE56-E924DB644204}

(no name) - C:\WINDOWS\SYSTEM\JDJ.DLL - {D392EAA1-D38D-11D8-AE56-44450740CF7E}

 

--------------------------------------------------

 

Enumerating Task Scheduler jobs:

 

Tune-up Application Start.job

 

--------------------------------------------------

 

Enumerating Download Program Files:

 

[shockwave Flash Object]

InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX

CODEBASE = http://download.macromedia.com/pub/shockwa...ash/swflash.cab

 

[{556DDE35-E955-11D0-A707-000000521957}]

CODEBASE = http://www.xblock.com/download/xclean_micro.exe

 

--------------------------------------------------

 

Enumerating ShellServiceObjectDelayLoad items:

 

WebCheck: *Registry key not found*

 

--------------------------------------------------

End of report, 7,014 bytes

Report generated in 0.109 seconds

 

Command line options:

/verbose - to add additional info on each section

/complete - to include empty sections and unsuspicious data

/full - to include several rarely-important sections

/force9x - to include Win9x-only startups even if running on WinNT

/forcent - to include WinNT-only startups even if running on Win9x

/forceall - to include all Win9x and WinNT startups, regardless of platform

/history - to list version history only

Share this post


Link to post
Share on other sites

Hey, just thought i'd bump my message. Can anyone help out? This thing is driving me nuts.

Edited by zerohour

Share this post


Link to post
Share on other sites

Still having no luck with it - i've run AdAware, Hijackthis, etc. over and over, with the same results (supposedly removes coolwebsearch (?) but it reappears). I've tried looking through my Windows directory for any other files that look suspect, but i've had no luck there either.

I'd really appreciate some help on this, ASAP. Even if somebody can help me out on getting about:buster working, that would be great.

Thanks.

Share this post


Link to post
Share on other sites

Well, I downloaded a newer version of CWShredder (version 1.59.1), it scanned and appears to have fixed the problem. Everything looks fine SO FAR.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0