I have been unable to find this particular variation of the about:blank issue posted anywhere.
1) Small "about:blank" window opens when opening a new web page.
2) After closing the window, another pops up saying: "this page has an unspecified security risk, would you like to continue?" This can be closed with several clicks on either yes or no.
3)After tha window closes, a script error wndow pops up.
I can still browse the web and use the computer, but it's slow for sure. The other issue that may or may not be related to this is after searching with Google and clicking on one of the search results, it re-directs me to a scam virus page, or search page. If I cut and paste the link, however, it will take me there just fine.
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
You are infected with malware. The suggestion from optoma was good; if you're unable to burn an ISO, try downloading and running Malwarebytes, from www.malwarebytes.org Let it do a COMPLETE scan, and then follow the directions it provides when it's done.
"after searching with Google and clicking on one of the search results, it re-directs me to a scam virus page,"
Search redirects when clicking on links, isn't necessarily mean the system is infected as the case below:
"The ads served by Bing and Google along with your search results are linking more and more often to sites trying to infect your machine."
Sponsored search results lead to malware:
http://windowssecr
BUT, It's also possible that the system is infected, so use Combofix if you already tried MalwareBytes:
Please download ComboFix by sUBs:
http://download.bleep
(If it doesn't run, re-download and rename before saving to your desktop)
You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepin
I would suggest that before you head for a LiveCD or slaving the drive(if the pc is infected) try running scans while windows is active.
One of the cons when slaving or using LiveCD is IF the bad file is removed and the loading point is left behind it can sometimes render the pc unbootable depending on how the nasties hook themselves.
Slaving and or using LIveCD is a very good idea when the pc is already unbootable or if no scanners are able to run. You haven't try other tools that are more effective like Combofix.
Thanks for the log.
c:\windows\system32\ws
ws2_32.dll is infected and CF didn't replace it probably because the clean one found in the system is a different version:(BELOW)
[-] 2004-08-10 . 2ED0B7F12A60F90092081C50FA
Here's a clean copy, same version as your infected ones, SP3, ver. 5.1.2600.5512
Download and extract it to C:\
Then run the script below:
Run combofix again using this script.
1. Open Notepad.
2. Now copy/paste the text between the lines below into the Notepad window:
-------------------
Fcopy::
C:\ws2_32.
C:\ws2
Fil
c:\prog
c:\progra
c:\program files\Common Files\vomufysutu.exe
c:\pro
Driver::
jzcsxdjuxv
rdykzow
-
3. Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt into ComboFix.exe. This will start ComboFix again.
I also suggest uninstalling Adware Away. Do you recognize all of the programs showing in the log? I haven't thoroughly checked all of them.
When I click on the download link, I get a window that says "cannot display the webpage", wth a tab to diagnose the connection problem. When I do this, it finds nothng wrong with the connection. Allother websites are displaying just fine. I also tried copying the shortcut into the address bar...same thing. I cannot get to that link.
I will uninstall ad-aware in the meantime.
I uploaded the zip file( ws2_32.dll) at EE-Stuff.com
http://www.ee-
pforbin,
The E_E web page did not appear available to me either. But it's ok now, and 'failure' was probably not due to Malware.
However, if you try again by logging in, you should be able to download rpggamergirl's file without a problem .. i just did.
Try this >
Click on her link.
Select "Expert Area" tab.
Select "Find files for a question".
Paste the number of your thread in the box, in this case it's:
http://www.experts-exchang
Click "submit" button, & you can access the file for download.
Time Zone differences is the probable reason that rpggamergirl has not been able to reply to you.
No worries, I appreciate everyone's help with this. I was able to download the file. I think I extracted it to the C drive, but it didn't really do anything when I extracted it. I ran the cf as instructed, and no luck. The window still pops up. Here's the log frommy latest attempt. Maybe I need to try it again?
It extracted okay and CF replaced the infected ones.
The Adware Away is still there too.
Try running an online scan with Kaspersky and save the log, if Kaspersky doesn't find any threats then try rootkit scanners.
Kaspersky Online Scanner
http://www.kaspersky.com/v
No popups yet, that sounds good then.
<<<"I did uninstall Adware Away, and it does not show in the list of current programs?">>>
Maybe it's just the folder left then, as the line below is showing in the Combofix log.
<<< 51: 2009-10-10 05:15 . 2009-10-10 14:39 -------- d-----w- c:\program files\Adware Away >>>
In the meantime run this
http://www.eset.eu/encyclo
Try this script and let Combofix remove that Adware Away folder which is still showing there.
Run combofix again using this script.
1. Open Notepad.
2. Now copy/paste the text between the lines below into the Notepad window:
-------------------
Folder:
c:\progra
----------------------
3. Save the above as CFScript.txt in the same location as Combofix.exe.
4. Then drag the CFScript.txt into ComboFix.exe. This will start ComboFix again.
I hope the issue is now resolved?
Thanks!
pforbin:
When you've definitely finished using ComboFix and do not require it again, you can uninstall it as follows >
Start > Run > then type "ComboFix /u" (with no quotes, and space between x and / )
Then hit enter. This will uninstall ComboFix, reset your clock settings, re-hide system hidden files, re-hide the file extensions and reset System Restore.
Sorry i didn't get back to you between 21st and 23rd, somehow i misplaced your return e-mail.
Business Accounts
Answer for Membership
by: optomaPosted on 2009-10-10 at 08:37:57ID: 25542642
Could you download this live cd and run its scan.
It is in iso/image format so you will have to burn it to a cd and then let your machine boot to that cd
Kaspersky live cd http://devbuilds.kaspersky