re: About Blank Saturday, June 5, 2004 at 2:13 pm Windows Me Annoyances Discussion Forum Posted by MrCharlie (4133 messages posted) OK, just have HJT fix this one, (it looks like it just surfaced) O4 - HKCU\..\Run: [msmc] C:\WINDOWS\SYSTEM\msmc.exe and delete this file: C:\WINDOWS\SYSTEM\msmc.exe There's a couple of ways to deal with the 'about blank' problem, lets try the easiest first. Download and unzip this small program. Win98Fix.zip Then doubleclick who.bat and post the log saved by the Badfile txt. for review. On Saturday, June 5, 2004 at 12:38 pm, Dan wrote: >did everything, thanks. This is what came up- > >Logfile of HijackThis v1.97.7 >Scan saved at 9:26:45 PM, on 6/5/2004 >Platform: Windows ME (Win9x 4.90.3000) >MSIE: Internet Explorer v5.50 (5.50.4134.0100) > >Running processes: >C:\WINDOWS\SYSTEM\KERNEL32.DLL >C:\WINDOWS\SYSTEM\MSGSRV32.EXE >C:\WINDOWS\SYSTEM\mmtask.tsk >C:\WINDOWS\SYSTEM\MPREXE.EXE >C:\WINDOWS\SYSTEM\MSTASK.EXE >C:\WINDOWS\SYSTEM\SCARDSVR.EXE >C:\WINDOWS\SYSTEM\STIMON.EXE >C:\WINDOWS\SYSTEM\DEVLDR16.EXE >C:\WINDOWS\EXPLORER.EXE >C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE >C:\WINDOWS\TASKMON.EXE >C:\WINDOWS\SYSTEM\SYSTRAY.EXE >C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE >C:\WINDOWS\SYSTEM\HIDSERV.EXE >C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE >C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE >C:\WINDOWS\SYSTEM\WMIEXE.EXE >C:\WINDOWS\SYSTEM\QTTASK.EXE >C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE >C:\WINDOWS\RUNDLL32.EXE >C:\SPYWAREGUARD\SGMAIN.EXE >C:\WINDOWS\SYSTEM\DDHELP.EXE >C:\PROGRAM FILES\LOGITECH\WINGMAN SOFTWARE\LWEMON.EXE >C:\SPYWAREGUARD\SGBHP.EXE >C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE >C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE >C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE >C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE >C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE >C:\WINDOWS\SYSTEM\SPOOL32.EXE >C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE >C:\WINDOWS\TEMP\SETUP.EXE >C:\DANIEL\HIJACKTHIS\HIJACKTHIS.EXE > >R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eltiempo.com/ >R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.megavision.com >R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = provided by Community >Internet Systems, Inc. >R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank >R3 - Default URLSearchHook is missing >O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} >- C:\WINDOWS\SYSTEM\MSDXM.OCX >O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - (no file) >O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN >TOOLBAR\01.01.1601.0\EN-US\MSNTB.DLL >O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun >O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe >O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s >O4 - HKLM\..\Run: [SystemTray] SysTray.Exe >O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme >O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run >O4 - HKLM\..\Run: [CpqBootPerfDb] C:\Cpqs\Scom\CpqBootPerfDb.exe >O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET >O4 - HKLM\..\Run: [Norton eMail Protect] C:\Program Files\Norton AntiVirus\POPROXY.EXE >O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" > -osboot >O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime >O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe >O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme >O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe >O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe >O4 - HKLM\..\RunServices: [ScardSvr] C:\WINDOWS\SYSTEM\ScardSvr.exe >O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec >Shared\Script Blocking\SBServ.exe" -reg >O4 - HKLM\..\RunServices: [RNBOStart] C:\WINDOWS\SYSTEM\RNBOSENT\SENTSTRT.EXE >O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE >O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\WingMan Software\lwtest.exe" >/detect /quiet /launch "C:\Program Files\Logitech\WingMan Software\lwemon.exe /noui" >O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background >O4 - HKCU\..\Run: [OfotoNow USB Detection] C:\WINDOWS\RunDLL32.exe C:\PROGRA~1\OFOTO\OFOTONOW\OFUSBS.DLL,WatchForConnection >OfotoNow >O4 - HKCU\..\Run: [msmc] C:\WINDOWS\SYSTEM\msmc.exe >O4 - Startup: BHODemon.lnk = C:\Program Files\BHODemon\BHODemon.exe >O4 - Startup: SpywareGuard.lnk = C:\SpywareGuard\sgmain.exe >O9 - Extra button: Hoteles (HKLM) >O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll >O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab >O16 - DPF: {72B09CA7-1B59-454E-95D9-461A9227B785} (UIWrapper Class) - http://webcomp1.mediaring.com/orion/consumer/pcphone/ver1.2.5.0/wbsc125.cab >O16 - DPF: {342999A3-728D-4DF6-BB81-CDD1A743096A} (MRActivXUI Class) - http://voizfone.mediaring.com/webcomp/pcphone/ver3.0.5.0/wbaxuiph305.cab >O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program >Files\AutoCAD 2002\AcPreview.ocx >O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program >Files\AutoCAD 2002\AcDcToday.ocx >O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program >Files\AutoCAD 2002\InstBanr.ocx >O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program >Files\AutoCAD 2002\InstFred.ocx >O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinstc.cab >O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab >O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab >O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab >O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab >O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx >O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/swdir.cab >O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38105.3232175926 >O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - >http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab > >thanks for the help. > >Dan > > > Written in response to: re: About Blank (Dan: Saturday, June 5, 2004 at 12:38 pm) Responses to this message: re: About Blank (Dan: Sunday, June 6, 2004 at 8:28 am) All messages in this thread [show all] About Blank (Dan: Wed, Jun 2, 2004, 3:27 am) re: About Blank (MrCharlie: Wed, Jun 2, 2004, 3:42 pm) re: About Blank (Dan: Fri, Jun 4, 2004, 2:25 am) re: About Blank (MrCharlie: Fri, Jun 4, 2004, 9:10 am) re: About Blank (Dan: Sat, Jun 5, 2004, 12:38 pm) re: About Blank (MrCharlie: Sat, Jun 5, 2004, 2:13 pm) re: About Blank (Dan: Sun, Jun 6, 2004, 8:28 am) re: About Blank (MrCharlie: Sun, Jun 6, 2004, 9:41 am) re: About Blank (MrCharlie: Sun, Jun 6, 2004, 9:57 am) re: About Blank (Dan: Mon, Jun 7, 2004, 5:20 am) re: About Blank (MrCharlie: Mon, Jun 7, 2004, 6:29 pm) re: About Blank (Dan: Wed, Jun 9, 2004, 5:45 am) re: About Blank (MrCharlie: Wed, Jun 9, 2004, 3:37 pm) re: About Blank (Dan: Sat, Jun 12, 2004, 10:36 am) re: About Blank (MrCharlie: Sat, Jun 12, 2004, 1:43 pm) re: About Blank (Dan: Sun, Jun 13, 2004, 12:54 pm) re: About Blank (MrCharlie: Sun, Jun 13, 2004, 6:39 pm) re: About Blank (darlene: Wed, Jun 2, 2004, 10:58 pm) Reply or follow-up to this message Search this forum Start a new thread on a different subject Report abuse of the forum Return to the Windows Me Discussion Forum