Have About:Blank Malware and Can't Get Rid of It

[wonhoo]

Hi, I'm at my wit's end trying to get an about:blank malware off my box and anything else that might be related. I first thought it was a virus, but it doesn't hijack my homepage like the virus is reported to do. It generates an additional popup - sometimes with nothing on the page and sometimes it puts in an ad. It happens frequently (not at every website that my wife and I visit, but enough to know that something is in my box). I have XP Pro SP3 on my desktop, a Dell 530 Inspiron. I also have Nortons 360 installed. Nortons does not detect anything (it is the latest version). What I did so far:

#1 - I went first to the Norton Community Forum to see if they could help me. I read that it's best to work with only one expert since they know proper steps to take to avoid conflicts. Well, that hasn't worked out so well. One of their techs had me run ComboFix (I attached the report). This was done July 15th. At first, it appeared to fix the problem. But it only slowed it down momentarily. I'm getting it all the time now. When I went back to Norton Community to update my problem, I was ignored! I'm very respectful to people who volunteer their time to help others and I was always respectful in the forum. I'm not an expert by any means, but I think I can follow directions, and I'll ask questions if I'm not sure. It's over two weeks from my last post without a response, so I'm looking elsewhere to fix the problem. The tech who was helping me has been active in the forum helping others and appears to skip my request. I don't want to continue to reply to my own thread (I did one reply to my own thread to ask if they wanted me to do any additional steps). Frankly, I am surprised at their treatment of me. So I move on. From what I can gather, ComboFix has set my pop-up blocker to high, has disabled Microsoft security center from detecting my Norton's firewall and antivirus protection (I get the red security alert shield in the system tray but Nortons has the green check in the box) I don't know if it's related, but I now have to click Start->Shutdown twice to actually shut off my box. ComboFix also found that a system32 driver was missing - "i8042prt.sys" that you'll see on the log I uploaded. I have not deleted ComboFix on my box. Windows Updates are all current.

#2 - Before coming here to Malwarebytes, I googled my problem to see what would come up. I wound up with a program called AdwareAway then Spyhunter. AdwareAway has claimed that it removes all traces of cwshredder and about:blank variants. I later found that AdwareAway was bogus so I uninstalled it (I didn't send them any money). Their scan did appear to find a rootkit.pdcomp, and about 11 additional problems, but I think it "finds" that on everyone's box in order to get money. Spyhunter also found advertising cookies on my box, but they also wanted money to remove it. I uninstalled that program, too. I then found talk about your website. It appears that you're very highly regarded by anyone who does a review, which is why I'm here. I downloaded and ran your free version Malwarebytes. It did not find anything, but about:blank is still here.

#3 - As a prelude to starting this topic, I tried to run dds.scr, as per your instructions on the pinned start page. The instructions didn't say to run it in safe mode (it was run in normal mode). I got a blue screen:

DRIVER_IRQL_NOT_LESS_OR_EQUAL and a stop message:

0x000000D1 (0x8B7A3000, 0x000000FF, 0x00000000, 0xA7D3CBB2

mbr.sys - address A7D3CBB2 base at A7D3B000 datestamp 4cd665da

I have not installed any new hardware at all lately. I have only run dds.scr this one time. ComboFix had a problem with a 750Zip Drive driver when I first ran it in July, but I was instructed to disconnect it (which I did) then re-run ComboFix in safe mode (which I did), and it completed normally. I also disconnected my Zip Drive before running dds.scr and getting the blue screen.

Can you help me? I don't want to aimlessly try fixes without direction, because I think now I'll do more harm than good. Your help will be very much appreciated. Thanks!

log.txt

[daledoc1]

Hello and welcome to MBAM forum, wonhoo:

Sorry to hear you might be infected.

It sounds as if you've had a rough go of it.

We cannot review scan logs or work on malware removal in this sub-section of the forum, so please read below for assistance with cleaning your system.

(--> Please note, however, that it is very important that you obtain guided assistance in only one place. So, if you'd like expert help here at MBAM, please request that your topic be closed at the Norton forum or any other site where you may have requested help. )

IMPORTANT: Please do NOT use any temporary file cleaners unless instructed to do so - they can cause data loss, making recovery difficult.

IF YOU WOULD LIKE EXPERT HELP WITH MALWARE REMOVAL, PLEASE CHOOSE ONE OF THE FOLLOWING 3 OPTIONS:

OPTION 1: Free, one-on-one, expert assistance in the Malware Removal Forum.

OPTION 2: For licensed users of MBAM PRO, there is free, one-on-one, expert assistance from the MBAM support helpdesk.

OPTION 3: Fee-based, one-on-one, expert assistance from Premium Support.

OPTION 1:

• Please print out, read and carefully follow the instructions in the "I'm Infected - What Do I Do Now?" article.
  
• -->If the infection has so crippled the computer that you cannot complete some or all of the steps, then just do the best you can and start a new topic as described below.
  
• Then please start a new post in the Malware Removal Forum with a BRIEF description of the computer's current problem.
  
• An authorized, trained malware expert will provide free, one-on-one assistance as soon as one becomes available.
  

• When starting your new post, please note the following:
  
• Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  
• Do NOT run Combofix or other, similar, powerful malware removal tools without expert help -- they can severely damage your system.
  
• Please COPY/PASTE the requested logs directly into your post, rather than attaching them.
  
• Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.
  
• Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  
• Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  
• Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.
  

OPTION 2:

If you are a paid user of MBAM PRO and would like support via the helpdesk, please contact them here.

OPTION 3:

If you prefer the Malwarebytes Premium Services (comprehensive solutions to all your computer support needs – from installation and set-up to troubleshooting and tune-ups), please go to the Premium Support site here.

Please be patient – someone will assist you as soon as possible.

Thank you very much,

daledoc1