About:Blank hijack on Win98SE with a network...

Okay, first off, let me say that I have read both the Spyware, Trojan And Virus Removal and Hijack This tutorials. However, being a Win98SE user, there were some things that I couldn't follow to the letter. (For example, the services.msc program doesn't exist, and safe mode with networking support is impossible.)

I also have been a fairly long-time user of Ad-Aware, and have also recently downloaded and ran Spybot and Hijack This. None of them could solve my problem, which I assume you are accustomed to hearing by now.

My problem all started on April 10th, when searching for song lyrics, (I can't say I remember which song, though) I came across a lyric site that asked me if I wanted to install something. I said No, but it seems it put the About:Blank hijack on my cpu anyways. When I start up my browser, the homepage is About:Blank, naturally, and it takes me to something that appears to be a search engine (not Coolweb, though). In addition, a variety of pop-ups telling me that my system's infected with Spyware appear. (Occasionally, there's a single casino one as well.) Clicking on them takes me to a search result page of Anti-Spyware programs, all of which are either malware in their own right or stuff you hafta pay for.

In addition, it seems that this hack has made the Rundll32 application (which normally is associated with power management) into a pop-up generator. Even when no internet windows are open, pop-ups for random things, (Expedia, Orbitz, casinos, etc) will appear unless I close Rundll32 with the Task Manager. (It reopens itself eventually, however...)

Now, running Ad-Aware seems to detect the problem, (or at least I thought it did) but is unable to delete it. While the program doesn't tell me that it can't delete, all the symptoms of the hijack are still present, and my next scan shows that the objects which I thought to contain the problem are still present.

Then, today I installed and ran Spybot for the first time. It picked up a lotta things that Ad-Aware didn't, but it was unable to delete 3 items. Upon restarting my computer, it deleted those three, but still, the About:Blank hijack didn't go away.

Then, I installed Hijack This! I was able to figure out the difference between malicious and regular commands, etc. from using the tutorial, and I've even located the problem areas, but when I ask Hijack This to fix them, it doesn't. Mind you, it doesn't return an error message, but the problem hasn't disappeared, and my next Hijack This scan shows that the problem areas are still there.

From that, however, I have been able to locate the problem file as MFNJ.DLL in the C:\WINDOWS\SYSTEM folder. However, when I try to delete that file, it tells me that it's in use by Windows, and can't be done.

Now, I've read some other threads, and seen the suggested solutions, but they all seem to be really, really long. And, in addition, I didn't see any of those people who were running Win98SE through a home network. I dunno if it makes a difference, but my home network consists of three computers, which all access the internet through the network hub. If the hub computer is turned off, the other two are unable to access the internet or the other computers on the network.

The network hub is not the computer that's infected, however, but would the fact that the infected machine needs the hub to access the internet make any difference in solving the problem?

Anyways, I'm hoping that someone out there can help me; after 3 weeks, this About:Blank thing has gotten pretty annoying...

 

Well, other than CCleaner, I've run all the steps in the tutorial. Is CCleaner all that important? I figured that I could probably just skip it... I did run about:Buster, and CWShredder too, although neither seemed to have much of an effect. Granted, this was after I ran Hijack This for the first time, as I had been told to use it before stumbling upon this forum. Would it have made any difference if I had ran them first?

Anyways, I'm a n00b around here, so if something goes wrong in attaching the log, that's why... (And yes, I know that I have waaay too many applications running all the time, so it is kinda long.)

Alright, done. So, what next?

 

Alright, I've done as you've suggested, and I seem to have solved the problem. Thanks for your help! (Yes, it is about 24 hrs later; I'm not on my computer all the time...)

The thing is, while I'm now able to access the internet without the about:blank page showing up and without popups, it seems that something I've done has messed up my network settings, as I can no longer access any of the other computers on my network! Do you know what might've done this, and how I can fix it?

For the record, yes I do know what Warning.Bat is, it's a personal message that I put there to run at startup... And no, I don't think I've ever gone to Windows Update... Should I do that now?

Anyways, here are the logs, as you requested. Note that I took the liberty to fix the R1 lines. It seems to have worked, although, as I've said, I now have an issue with my network settings. Is this something that normally happens?

Don't ask me how I can access the internet on this computer when the internet connection is supposed to run through the network hub, which I am not able to access...

 

Hey, things are working great now! Thanks so much for your help! (As you may have noticed, I'm posting earlier tonight! )

Yes, the R1 lines did stay fixed, and it turns out that after fixing the other things you suggested me to, my network is running fine again. However, there were a couple of minor issues that came up along the way...

For one thing, neither WinTools or WildTangent showed up on the Add/Remove programs list, although I suppose that's not too big of a deal. However, it turns out there was no WildTangent folder in Program Files at all, and doing a search of my drives for WildTangent only turned up a .cab file in a folder related to Java. I do remember getting rid of WildTangent a while ago using Ad-Aware, so is it possible that its command was just outdated? Either way, it didn't seem too big a deal...

The only thing that caused some concern was that I couldn't get CCleaner to work. Trying in both safe and normal mode, whenever I clicked on the desktop icon, a message box popped up saying:

Run-time error '429':

Active X component can't create object


Know what this means?

But, other than not being able to use CCleaner, everything on my machine is working fine. I'm posting the HJT log so you can see that everything's been fixed. Thanks again!