Please Help To Get Rid Of About:blank
#1
Posted 14 March 2005 - 11:03 AM
Register to Remove
#2
Posted 16 March 2005 - 08:32 PM
Please move HJT into its own permanent folder so backups can be made incase of a mistake - Suggest:
C:\MyHJT\HJT.exe or C:\MyDocuments\MyHJT\HJT.exe
Please read through the instructions before you start (you may want to print this out).
Please download and install these programs - don't run them yet!!
Please download and unzip
AboutBuster to a folder. Inside the folder is a readme file that has instructions on the use of the program.
AboutBuster MUST be updated before you use it.
Start AboutBuster, click the update button, check for update, drag the box to the side and hit download updates, close the box . Don't run it yet.
Download and unzip cwsserviceremove to your desktop. use link below:
http://lineofire.gee...rviceremove.zip
Download CW-Shredder at the link below:
http://cwshredder.ne.../CWShredder.exe
Open Windows Explorer & Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked.
Also uncheck "Hide protected operating system files" and untick "hide extensions for known file types" . Now click "Apply to all folders"
Click "Apply" then "OK"
Reboot into SafeMode. <---MAKE SURE YOU KNOW HOW TO DO THIS!!
+++++++++++++++++++++++++++++++++++++++++++++++++
Here's the fix:
Important Step
1. Go to Start->Run and type "Services.msc" (without quotes) then hit Ok
Scroll down and find the service called:
Network Security Service (NSS)
When you find it, double-click on it. In the next window that opens, click the Stop button, then click on properties and under the General Tab, change the Startup Type to Disabled. Now hit Apply and then Ok and close any open windows. If you dont find this service listed go ahead with the next steps.
2. Reboot into Safe Mode
3. Press Ctrl+Alt+Delete once => Click Task Manager => Click the Processes tab => Double-click the Image Name column header to alphabetically sort the processes => Scroll through the list and look for:
crqc.exe
Osaptp.exe
crmr32.exe
If you find the files, click on them, and then click End Process => Exit the Task Manager, if not continue on.
4. CLOSE ALL WINDOWS AND BROWSERS Scan with Hijack This and put checks next to all the following, then click "Fix Checked"
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\nlqii.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\nlqii.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\nlqii.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\nlqii.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\nlqii.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\nlqii.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\nlqii.dll/sp.html#28129
O2 - BHO: (no name) - {7FF827C3-DF9E-38DE-6A6A-C21E847B30E4} - C:\WINDOWS\ntsp.dll
O4 - HKLM\..\Run: [crmr32.exe] C:\WINDOWS\system32\crmr32.exe
O4 - HKLM\..\RunOnce: [crqc.exe] C:\WINDOWS\system32\crqc.exe
O4 - HKLM\..\Run: [secure] C:\WINDOWS\system32\Osaptp.exe
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O23 - Service: Network Security Service (NSS) ( 6Q'8) - Unknown owner - C:\WINDOWS\ieaw32.exe (file missing)
Click on Fix Checked and exit HijackThis.
5. Run AboutBuster . This will scan your computer for the bad files and delete them. It will ask to scan the system again, let it. Save the report (copy and paste into notepad or wordpad and save as a .txt file) and post a copy back here when you are done with all the steps.
6. Clean out temporary and TIF files. Go to Start > Run and type in the box: cleanmgr. Let it scan your system for files to remove. Make sure these 3 are checked and then press *ok* to remove:
Temporary Files
Temporary Internet Files
Recycle Bin
7. Double click on the cwsserviceremove and when asked to merge say yes.
8. Run CW-Shredder - Hit the FIX button - let it run and fix what it finds.
9. Reboot into normal mode.
10. Download and run this online virus scan:
http://housecall.tre.../start_corp.asp
Make sure you check "AutoClean"
11. Reboot and post a fresh HJT log back here by using the add reply button below, and lets see how we did, MrC
#3
Posted 23 March 2005 - 08:48 AM
#4
Posted 23 March 2005 - 07:40 PM
I went to Google and used this to search:
The memory could not be written Click on OK to terminate the program
and came up with these, there's many more to look at so try the search.
http://www.geekstogo...tten-t4911.html
http://www.winportal...p?ObjectID=4318
Let me know, MrC
#5
Posted 11 April 2005 - 07:56 AM
#6
Posted 11 April 2005 - 05:29 PM
http://www.spywarein...n/winfiles.html
You may also want to check out the System File Checker:
http://www.updatexp....cannow-sfc.html
Do you have a good restore point?
http://www.webtree.c...p/repair_xp.htm
Let me know, MrC
#7
Posted 08 May 2005 - 02:01 PM
If you need help please start a new thread and post a new HJT log
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users