about:Blank - some problems working through thread 35407

Hi all,

My home machine is infected with the about:Blank hjiack and Im am currently trying to work through the thread that describes how to remove spyware etc "How to: Spyware, Trojan And Virus Removal - thread -35407".

I have a couple of issues which Im currently stuck with. Firstly my operating system is Windows ME and when I try to boot into Safe Mode there is no option for "safe mode with networking support". As a result I have been unable to carry out an online scan. Does anyone know if Windows ME should have this option?

I have executed a virus scan using AVG in safe mode and I have also executed the scan steps using AdAware, Spybot, CWSShreader, Kill2Me and aboutBuster. Some illegal enteries were found in my registery and also AVG found a virus. However when I restart my machine into SafeMode an error is diplayed on the console saying

"Windows could not copy the Windows setup file %1 into %2"

It then tells me that the Windows setup may not have executed correctly. Im guessing that part of removing the illegal enteries from my registry requires the file to be replaced on startup and this is failing. As a result about:Blank still exists when I restart my machine. Can anyone give me some pointers as to why this file copy is failing on restarting the machine?

Cheers,
BB

 

No this option is not available on 98/ME

if any regisrtry entries are missing they will be replaced when you boot up in normal mode

the about blank hijacker is a variant of the cool websearch hijacker and if not removed correctly it will reproduce itself each time

download hijack this

Here
http://www.majorgeeks.com/download3155.html

Read this firstly http://forums.majorgeeks.com/showthread.php?t=26149

Also you better read this about sending your log file if you need to

http://forums.majorgeeks.com/showthread.php?t=38752

sorry about the extra reading

Any probs reading through post backhttp://forums.majorgeeks.com/images/icons/icon7.gif

 

oops http://images/icons/icon9.gif

 

Thanks for your help guys. Rebooting into normal mode after running the scans seemed to solve my problems. I then ran HijackThis and used it to remove an entry in my registery related to "C:/TEMP/se.dll". Not sure what this was doing but HJT seemed to think it was nasty....