I need assistance to remove about:blank virus from my computer

Jessica Cruise

Level 1
Thread author
Feb 11, 2014
10
Hello. I have a Dell System Inspiron N7110 x64-based PC with Windows 7 Home Premium 6.1.7601 Service Pack 1 Build 7601. It has an Intel(R) Core(TM) i3-2310 CPU @ 2.10 GHz, 2100 MHz, 2 Core(s), 4 Logical Processor(s). I have Kaspersky PURE 3.0 subscription version anti-virus and Malwarebytes Anti-Malware 1.75.0.1300 Free Trial Version. I have an about:blank virus in my IE Internet Explorer browser that I can not remove. It is a white empty page with about:blank in the address bar. I can not change the address bar to correct it. My Mozilla Firefox browser had the same problem but I used restore point to fix my Firefox browser and now my Mozilla Firefox is working as it should except for a minor glitch. My Google Chrome is also working good. I can go online and into websites if I need to, but I have tried to not do so while I have this about:blank virus in my computer. Any help is very much appreciated. Thank you.
 

Attachments

  • FRST.txt
    45.9 KB · Views: 126
  • aswMBR.txt
    1.9 KB · Views: 72
  • Addition.txt
    31.5 KB · Views: 188
  • AdwCleaner[R0].txt
    14.8 KB · Views: 113

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Hi and welcome to the malwaretips.com forums!

I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:
  • I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.


Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
------------------------------------------------------------------------------------------------------------------------------

Download attached fixlist.txt on the same location as FRST (otherwise the fix won't work)

Open FRST, and click Fix. Attach me that report after it is finished.
 

Attachments

  • fixlist.txt
    1.9 KB · Views: 114
Last edited:

Jessica Cruise

Level 1
Thread author
Feb 11, 2014
10
To Kuttus - Thank you so much for helping me. I followed your instructions and here is the report you requested.
 

Attachments

  • Fixlog.txt
    4.5 KB · Views: 100
Last edited:

kuttus

Level 2
Verified
Oct 5, 2012
2,697
STEP 1: Run a scan with Junkware Removal Tool

Please download Junkware Removal Tool to your desktop from here
  • Turn off your antivirus software now to avoid potential conflicts
  • Double-click to run the tool. For Windows Vista or 7 users, right-click the file and select Run as Administrator
  • The tool will open and start scanning your system
  • Please be patient as this can take a while to complete depending on your system's specifications
  • On completion, a log (JRT.txt) will be saved to your desktop and will automatically open
  • Post the contents of JRT.txt into your next reply




Download Malwarebytes Anti-Rootkit from here to your Desktop
  • Unzip the contents to a folder on your Desktop.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Make sure there is a check next to Create Restore Point and click the Cleanup button to remove any threats. Reboot if prompted to do so.
  • After the reboot, perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If there are threats, click Cleanup once more and reboot.
  • When done, please post the two logs in the MBAR folder(mbar-log.txt and system-log.txt)



Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • When it prompts you to try their 30-day trail, click decline
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


 

Jessica Cruise

Level 1
Thread author
Feb 11, 2014
10
I encountered a problem today with Junkware Removal Tool and can not you the result. I followed your instructions, turned off antivirus software, double-click to run tool as administrator. The JRT tool started as it should and began scanning. When it got to Check Processes... a box opened that read:

Taskkill.exe - System Error. The program can't start because dbghelp.dll is missing from your computer. Try reinstalling the program to fix this problem.

The JRT program will go no further at this point. I waited one hour and JRT scan remained at Check Processes with the taskkill.exe box also displayed and I could not remove the taskkill.exe box while the JRT scan was running. I clicked the X in the corner and clicked OK but nothing helped. When I stopped the JRT scan... the taskkill.exe box disappeared from my screen at same time the JRT scanner disappeared. I try running the JRT scan in normal mode and in safe mode but got same result... the taskkill.exe box appeared every time at the exact same place... Checking Processes. I took screen shots of the taskkill.exe box for you to see and will include them below. The first photo (JRT normal) is what the JRT scan looked like at the beginning. The JRT.Problem photo is what it looked like when the taskkill.exe box appeared. The JR T not normal photo is when I moved the boxes into position so you could see both boxes clearly. I did the other scans and included their results below. The taskkill.exe box appeared only when I ran the JRT scan. I did not encounter the taskkill.exe box when I ran the other scans. I will await for you to give me further instructions before attempting to do anything else.
 

Attachments

  • JRT normal.jpg
    JRT normal.jpg
    75.8 KB · Views: 106
  • JRT not normal.jpg
    JRT not normal.jpg
    101.3 KB · Views: 114
  • JRT Problem.jpg
    JRT Problem.jpg
    66.3 KB · Views: 91
  • mbar-log-2014-02-12 (17-33-15).txt
    2 KB · Views: 78
  • system-log.txt
    26.5 KB · Views: 81
  • protection-log-2014-02-12.txt
    982 bytes · Views: 60

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Okay. Ignore the JRT Scan then...

STEP 1 : Run a scan with Kaspersky TDSSKiller
  1. Download Kaspersky TDSKiller from the below link.
    KASPERKSY TDSSKILLER DOWNLOAD LINK (This link will automatically download Kaspersky TDSSKiller on your computer)
  2. Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  3. Click Change parameters
    tdss2.png
  4. Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  5. Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  6. During the scan it will look similar to the image below:
    tdss4.jpg
  7. When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg

    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  8. If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
      Make sure that Cure is selected. VERY IMPORTANT! - If Cure is not available, please choose Skip instead. DO NOT choose Delete unless instructed to do so.
  9. Click Continue to apply selected actions.
  10. A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg

    Reboot immediately if TDSSKiller states that one is needed.
  11. Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_2.12.2012_14.17.04_log.txt which is based on the program version # and date and time run.
  12. Attach this log to your next reply.
 

Jessica Cruise

Level 1
Thread author
Feb 11, 2014
10
I followed your instructions concerning Kaspersky TDSSKiller program and it detected no threats.
 

Attachments

  • TDSSKiller.3.0.0.23_13.02.2014_10.03.10_log.txt
    787.1 KB · Views: 101

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hi, Jessica

Kuttus is away, so I'll be working with you.

Can you run Adwcleaner again, but now making sure to press Clean after Scanning is complete. After you do that, tell mi in short, what are the issues you experience.
 

Jessica Cruise

Level 1
Thread author
Feb 11, 2014
10
Hi TwinHeadedEagle. Nice to meet you. I followed your instructions and included below is the report you requested. I have occasional browser glitches with my Firefox and Chrome where you go to a website and it does not connect and you have to retry. But after two or three retry attempts it connect and work perfect. This happens only occasionally... like one time in 15 attempts? Not every time. I do not use Internet Explorer as I do not like IE but it appear to be working good. And I noticed a message box: "The program can't start because dbghelp.dll is missing from your computer. Try reinstalling the program to fix this problem." This message appears when my Accuweather.com widget/gadget tries to load when I first start my computer. The Accuweather.com widget/gadget was included in a set of pre-loaded programs I received from Dell when I purchased my computer from them three years ago. Not certain what dbghelp.dll is or how to fix that? The problem with my missing Accuweather.com gadget began at the same time I discovered the about:blank virus on my computer. The weather gadget had disappeared from the top right corner of my screen. When I went online to try to find out why my weather gadget had vanished, that was when I discovered my Mozilla Firefox and Internet Explorer browsers had the about:blank virus. Firefox still operated but Internet Explorer did not. My Chrome browser seemed good. That was when I came to your website for help. But beside the missing dbghelp.dll and occasional browser glitches, my computer seem to now work perfect and I am experiencing no further problems. My Mozilla Firefox, Google Chrome and Internet Explorer browsers are all working good. Kuttus has did a super-amazing job of fixing my computer and removing the dreaded about:blank virus. I am very happy with his work.
 

Attachments

  • AdwCleaner[S0].txt
    12.7 KB · Views: 72

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
That's good to hear :)


The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
checkmark.png
Remove disinfection tools
checkmark.png
Create registry backup
checkmark.png
Purge System Restore

Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
 

Jessica Cruise

Level 1
Thread author
Feb 11, 2014
10
TwinHeadedEagle and kuttus... I wish to tell you that after you requested that I use DelFix, my missing Accuweather.com widget returned and is working perfect. The missing dbghelp.dll message box and browser glitches I told you about are gone and my computer is performing like brand new. Everything is now perfect! Thank you so very much for fixing my computer. I am so very happy! Thank you! :D
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top