Windows

General discussion

Gravatar
Locked

about:blank

By Oz_Media ·
Yeah I know, a common one isn't it?

Constant about:blank windows popping up in Explorer. Customer has win2K, has run CW shredder, AVG, Norton, spybot, adaware etc. nothing cleaned up yet.

I have found one virus in his files but it is not accessible in Windows. Dyfica, that resides apprently in the Administrator>local settings>Temporary Internet Files in a folder that doesn't appear in Windows, not was I able to find the directory from the command prompt.

I have read a few removal instructions from various sites and they all point to registry entires or supposedly infected files that don't show up on his computer.

Anyone else have ideas??

Cheers,
OM

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

gravatar
Collapse -

by Oz_Media In reply to about:blank

"not was I able to find the directory from the command prompt." Yoda speak!

...actually a typo.

"NOR was I able to find/access the directory from the command prompt."

gravatar
Collapse -

by wcp In reply to about:blank

I had several occasions on about:blank problem and was able to eradicate it each time.

1. Ran Ad-Aware SE Personal and Spybot S&amp.
2. Removed unnecessary programs.
3. Did Disk cleanup.
4. Set the Amount of Disk space to use to 1MB in Temporary Internet Files setting.
5. Ran HijackThis and removed any line that contained about:blank.
6. Made sure the IE startup page was set to other than about:blank.
7. Ran Kaspersky antivirus program (30-day trial version).
8. Scanned Registry to make sure no Keys, Values, and Data contained about:blank.
9. Installed SpywareBlaster that prevented a lot of spyware.

Of course, the key point is to use the latest programs and definitions.

gravatar
Collapse -

by wcp In reply to

For
4. You may need to set it for each user account.
5. I also removed any lines that were not needed.

gravatar
Collapse -

by wcp In reply to

When I scan Windows for virus, I always run

1. Stinger,
2. Whatever antivirus program that is in the system,
3. Hauri after I uninstalled the one in 2,
4. Kaspersky after I uninstalled Hauri.

gravatar
Collapse -

by Oz_Media In reply to

Thanks mate but I have done all of that with him already by phone, including some more specific about:blank suggestions for registry entries but still no go.
I just called him again and got him to do an online scan in safe mode with networking but no go. hmmmmmm.

gravatar
Collapse -

by BFilmFan In reply to about:blank

Is that a FAT32 or NTFS partition on the drive?

And this will sound really stupid, but did the user login as Administrator on the local box?

If he goes to folder options and checks the box for "Show hidden folders and files," he should be able to see what is hiding in there.

Did HiJackThis see anything in the log? And I am wonderinf if it is a virus hiding in the System Restore folder.


I've read where some systems with SP2 and other pop-up blockers are causing blank windows in IE.

gravatar
Collapse -

by Oz_Media In reply to

Hey there, and thank you!

Well I spoke with him last night and ended up going by this morning. Yes he is logging in as Administrator, as well as two other user accounts, all obviously have the same issue.

Hijack this appeared clean.

There WAS a virus found 'Dyfica' ut manual removal seems to have worked to some extent as it is no longer found, mind you traces can still ne in there I suppose.

I hate to keep rejecting such good responses but they really are things that have all been done or checked so far.

I usually hav eno problems with the About:blank issues on other machines, this one's just a ***** though.

ONE thing I have noticed, his HOMEPAGE is Yahoo. If I switch his homepage to ANY other page, it will be find UNTIL visiting his home page at Yahoo. Even then all is fine until you click a Yahoo link. ANY link you click on still works, but a minimized about:blank shows up as well, for EVERY LINK in his homepage. Unfortunately he insists on Yahoo as a home page and relies on it for his online email account.

But if you set TR as the home page, everything works fine until visiting Yahoo. Even if his user account is logged out of Yahoo and the generic page is viewed it wil still start the about:blanks. I saw this exact same issue with Excite once, but it mysteriously went away after a few weeks.

I thought maybe explaining how it is being activated may help?

Thanks again!

gravatar
Collapse -

by Oz_Media In reply to about:blank

BFilmFan: sorry I missed it, it is a FAT32 partition.

gravatar
Collapse -

by glyall In reply to about:blank

How you check task manager's processes?
Check for unknown processes
check Google to see which the processes are good or bad.

check the following web site for spyware and it show which files to delete and remove from the registry
http://www.actualresearch.com/spyware_db.php?type=all

I check Google for about:blank and got 560,000 hits. the one I check state that you how spyware.

the following site states how to Removing about:blank Homepage Hijacker
http://www.securiteam.com/securityreviews/5RP0L0UD5U.html


good luck

gravatar
Collapse -

by Oz_Media In reply to

Thanks for your inputm this doesn't appear to be the same old about:blank hijack though, no traces of it found by anything.

I have a few more ideas and then it's time to just drag it to the beack and drown it.

Back to Windows Forum

Start or search

Related Discussions

Related Forums