Possible BIOS virus
-
joeclem111
- New visitors - please read the rules.
- Posts: 11
- Joined: Mon May 16, 2005 4:55 am
Done that in VCACHE. I have changed the default in hjt to my proper home page. I have seen many reports on the about:blank problem, seems lots of folks have had this so why should hjt use it? I am still having the memory drop problem. I also am getting the refresh problem where my home page (tiscali) gets a ?refresh=TRUE on it. When this happens the page constantly goes through a slow refresh process. The last hjt scan looked good. I removed a file called shdoclc.dll from the system, no obvious ill effects. It was shown in properties as a microsoft file but it isn't on the win98 disk (looked for it with A:\ext). More info on the about:blank thing can be found on www.geekstogo.com. Thanks for all the help so far.
Help me and I will help you (if I can).
-
Denniss
- BIOS Guru
- Posts: 3153
- Joined: Thu Mar 21, 2002 8:16 pm
- Location: Near Hannover (CEBIT) Germany
- Contact:
As said the About:blank or blank.html is a M$ dedault setting for IE, that's why HJT uses this. It's possible to hijack this default start page via IE infection (as well as other IE settings).
The ?refresh=TRUE looks like some JScrip (Javasricpt) action to refresh your page, maybe Ad-related.
Memory drop problem ?
The ?refresh=TRUE looks like some JScrip (Javasricpt) action to refresh your page, maybe Ad-related.
Memory drop problem ?
-
joeclem111
- New visitors - please read the rules.
- Posts: 11
- Joined: Mon May 16, 2005 4:55 am
As far as BLANK goes, maybe I thought I had found the bug. Remember that on many occasions, if I click to shutdown, the system goes through the shutdown then hangs. The error window comes up saying "This program is not responding" but there is no name on the window header. I associated the blank with the no name aspect of the bug.
If youy look on www.spywareguide.com there are a lot of folks trying to kill the "about:blank" infection. You are probably right about the IE being infected but if so, why does the virus or malware software not pick it up?
The refresh problem is, I can go on my home page and, after a while it starts to disappear and VERY SLOWLY refresh and the home page address has /?Refresh=TRUE added after it. I don't know where this comes from but I suspect it is part of the bug. Ad-Aware and spybot say the system is clean. The bug has now disabled spybot so I have top reinstall. It has also disabled Zone Alarm. Clever bug, knows where to strike. This bug acts like the old fashioned JS_Play where it fills the memory to slow down the system. It also introduces loop processes to clog the chip up and slow the system down. This is the memory drop problem. I have 512Mb, 64 for the Video function. There is 448 for the system. On boot up it should drop to about 250 after all programs are loaded. It is dropping to between 120 and 170. If I use ramidle to free up 112 from 120 it goes up to 244 but It then immediately drops by about 33, then it keeps dropping 2 or 3 Mb at a time. I have just been freeing up 56Mb over and over again and every time the system immediately took the free memory back to where it started minus 2. Is there a program I can download that would allow me to view the memory and also tell me the path and file I am looking at? That would fix things nicely, as we know the bug HAS to be in the memory.
If youy look on www.spywareguide.com there are a lot of folks trying to kill the "about:blank" infection. You are probably right about the IE being infected but if so, why does the virus or malware software not pick it up?
The refresh problem is, I can go on my home page and, after a while it starts to disappear and VERY SLOWLY refresh and the home page address has /?Refresh=TRUE added after it. I don't know where this comes from but I suspect it is part of the bug. Ad-Aware and spybot say the system is clean. The bug has now disabled spybot so I have top reinstall. It has also disabled Zone Alarm. Clever bug, knows where to strike. This bug acts like the old fashioned JS_Play where it fills the memory to slow down the system. It also introduces loop processes to clog the chip up and slow the system down. This is the memory drop problem. I have 512Mb, 64 for the Video function. There is 448 for the system. On boot up it should drop to about 250 after all programs are loaded. It is dropping to between 120 and 170. If I use ramidle to free up 112 from 120 it goes up to 244 but It then immediately drops by about 33, then it keeps dropping 2 or 3 Mb at a time. I have just been freeing up 56Mb over and over again and every time the system immediately took the free memory back to where it started minus 2. Is there a program I can download that would allow me to view the memory and also tell me the path and file I am looking at? That would fix things nicely, as we know the bug HAS to be in the memory.
Help me and I will help you (if I can).
