• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Sass

Whenever I open my browser, it goes to about:blank

9 posts in this topic

Hi! Okay, my browser (despite how many times i set a homepage :gah: ), always goes to "about blank", and gives me problems. I keep "fixing" my problems in spybot, but they are never really fixed. :techsupport: Help Me Find The Spy! :worm: I have included My Hijaked log, so please let me know what has to go! Thanks for looking!

P.S. i read the FAQ

<br>

Logfile of HijackThis v1.97.7

Scan saved at 11:15:46 PM, on 6/5/04

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE

C:\PROGRAM FILES\MICROSOFT BROADBAND NETWORKING\MSBNTRAY.EXE

C:\PROGRAM FILES\HANDSPRING\HOTSYNC.EXE

C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OUTLOOK.EXE

C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE

C:\WINDOWS\SYSTEM\PSTORES.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\PROGRAM FILES\MICROSOFT BROADBAND NETWORKING\IPHLPSVR.EXE

C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

 

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [sSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe

O4 - Startup: Microsoft Broadband Networking.lnk = C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE

O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O9 - Extra button: Related (HKLM)

O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)

O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/24be5a8d7080b5...ip/RdxIE601.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pub/shock...ector/swdir.cab

Edited by Sass

Share this post


Link to post
Share on other sites

thanks! i did that, and got rid of coolwebsearch, i updated the hijackthis log, and still have some spyware. can anyone else help?

Share this post


Link to post
Share on other sites

Well, I'm still here. Looking at your log again.

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://solongas.com/hp.htm?id=9

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

 

O2 - BHO: (no name) - {A9A674BF-771F-42E5-A440-D20DDA85A862} - C:\WINDOWS\SYSTEM\R6U461TCCFXP3.DLL

 

O4 - HKCU\..\Run: [uninstal] regsvr32 /u /s image.dll

 

O15 - Trusted Zone: *.greg-search.com

 

Now, restart in Safe-Mode(Press F8 a lot of times during startup of the computer untill you are prompted with a dialog, there, you should be able to select it)

 

Now, when Windows has booted up in Safe-Mode, delete the following files -

 

C:\WINDOWS\SYSTEM\R6U461TCCFXP3.DLL

 

Use the search function to find this file - image.dll

 

Now, restart in normal mode and post a new HijackThis log.

Edited by Nemesis6

Share this post


Link to post
Share on other sites

i have been able to remove everything except the image.dll, but i found an imagehlp.dll. is that the same thing, and should i remove it? i have also updated my log.

Share this post


Link to post
Share on other sites

Imagehlp.dll is a normal file. Don't delete it. Did you boot up in safe-mode? Either image.dll doesn't exist, or it's hidden.

Share this post


Link to post
Share on other sites

Then I hereby declare you: Clean. I'd recommend that you download SpywareBlaster, it's a program that blocks a large number (2900 +) of adware, spyware, viruses, cookies, malware, generally a lot of bad stuff from getting into your computer. Here's a link that contain some mirrors for it - http://www.javacoolsoftware.com/sbdownload.html

Remember to update it regularly.

Edited by Nemesis6

Share this post


Link to post
Share on other sites

Great tip on the SpywareBlaster, so I downloaded it and ran the install, however I get this error message at the end: "This program has been damaged, possibly by a bad sector of the hard drive or a virus. Please reinstall it.", so I did, about a dozen times, with the same message at the end. Any thoughts??

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0