I need a fail proof method of ridding my computer of the "about:blank"
parasite. Nothing has worked so far. |
Request for Question Clarification by
livioflores-ga
on
17 Apr 2004 17:30 PDT
Hi!!
Please use HijackThis software and post a log, with that info I could
say you what to do to remove the parasite:
http://www.spychecker.com/program/hijackthis.html
You can find HijackThis tutorials in the following pages:
"HijackThis Quick Start":
http://tomcoyote.com/hjt/
"Hijack This Tutorial":
http://hjt.wizardsofwebsites.com/
I will wait your feedback.
|
Request for Question Clarification by
pinkfreud-ga
on
17 Apr 2004 17:40 PDT
I suggest downloading and using ToolbarCop:
http://www.mvps.org/sramesh2k/toolbarcop.htm
Please keep us posted.
|
Request for Question Clarification by
hummer-ga
on
17 Apr 2004 19:23 PDT
Hi lutra,
I suggest using CWShredder if you haven't yet (update before using):
http://www.spychecker.com/program/coolwebshredder.html
Variant 33: CWS.Winres - About:blank hacked:
Variant 34: CWS.Xmlmimefilter - About:blank hacked v2.0
Variant 35: CWS.Aboutblank - It's just a fad
Variant 38: CWS.Searchx - About:blank seems popular lately
http://www.spywareinfo.com/~merijn/cwschronicles.html
Good luck!
hummer
|
Clarification of Question by
lutra-ga
on
18 Apr 2004 16:13 PDT
Normally I open with explorer to my Google homepage. My homepage has
been taken over by URL "about:blank", which opens with a large "Web
Site Directory". This seems to be a search page linked to
"C:\searchpage.html." I delete all cookies/files/and clear history and
have deleted the "searchpage.html" the URL many times, but it always
comes back. Also attempted downloading several freeware spyware
killers including the links sent to me by the Google researchers
trying to answer my question, but all are blocked immediately and will
not download, but are replaced with the web directory
"searchpage.html". It's as if the "about:blank" is purposely not
allowing access to any freeware URL's which could eliminate it (the
"about:blank" URL). Also in my internet options, the home page option
are all directed to the searchpage.html web directory and refuses to
be changed. I appreciate your help.
|
Request for Question Clarification by
scriptor-ga
on
18 Apr 2004 16:29 PDT
Dear lutra,
I have found instructions that have successfully eliminated a problem
identical to yours. Please follow the link below, read the
instructions carefully and follow them. Please let me know if it
worked for you:
http://groups.google.de/groups?hl=de&lr=&ie=UTF-8&oe=UTF-8&newwindow=1&selm=utJyXcBJEHA.2452%40TK2MSFTNGP09.phx.gbl
Jim Byrd: "Re: PLEASE HELP!!!!! Cannot get address line to accept
addresses" Online posting (17 April 2004),
<microsoft.public.windows.inetexplorer.ie6.browser> via Google Groups.
Regards,
Scriptor
|
Request for Question Clarification by
hummer-ga
on
18 Apr 2004 18:41 PDT
Hi again, lutra,
Fingers crossed, I may have found something. First, I still think you
should run CWShredder if possible. Try typing the *whole* URL in the
address bar - don't just click on the link and don't leave out the
http:// -> type the entire address. If that works for you, download
it, reboot to safe mode and run CWShredder (click "Fix"). Let it clean
what it finds, reboot and run it again.
http://www.spychecker.com/program/coolwebshredder.html
Next, run Adaware, again, type in the *entire* URL:
Adaware:
http://www.spychecker.com/program/adaware.html
>>>>>>>>>>>>>>>>>>
Whether you were able to get that to work or not, use one of the
following virus scans (do not use Norton or McAfee).
HouseCall (very thorough online virus scan):
http://housecall.trendmicro.com/
Or if you prefer, download AVG (update before using):
http://www.grisoft.com/us/us_index.php
Run whichever one you used several times, until it comes back clean.
If you weren't able to download CWShredder before, try it again now.
>>>>>>>>>>>>>>>>
Here is the forum where I found this - there are a few more
suggestions you could follow through on, depending on how you make out
with the above.
Subject: c:\searchpage.html virus
http://www.computing.net/security/wwwboard/forum/11182.html
Please let us know how you are progressing,
hummer
|
Request for Question Clarification by
livioflores-ga
on
18 Apr 2004 21:29 PDT
Note that you can download HijackThis from a cyber and run it from a diskette!!
Try to do all this work in the Safe Mode. (Restart your PC and press
F8 while it is booting).
Good luck!!
|