Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Windows Defender And A Nasty Trojan

  • Please log in to reply
1 reply to this topic

#1 endedge


  • Members
  • 1 posts
  • Local time:05:03 PM

Posted 21 August 2006 - 07:59 AM

Ok. It picked up the trojan that was doing weird things to my computer. But it wouldn't delete or do anything- on the grounds that it's read-only. So on my history, they are programs that are simply being 'allowed' when defender still claims them to be potentially dangerous.

This program is horrible. It seems to attack other antivirus programs so I can't get rid of it! I'm not allowed to update the Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903). Windows files are turning up corrupt and the computer keeps crashing. And the controls for my address bar on exlorer are faded out. The CPU is running at 100% - constantly! I have the registry entries here:

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\PostNotCached
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\NavigationFailure
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\NoAdd-ons
and a few others like that.

Is it okay to delete these entries manually? I'm not a computer expert, but I know they look important. The problem is, if they're infected, what way can they be disposed of? No problem I know can detect them or dispose of them, even when I am able to delete them.

BC AdBot (Login to Remove)


#2 Jacee


    Bleeping around

  • Malware Response Team
  • 3,716 posts
  • Gender:Female
  • Local time:03:03 PM

Posted 22 August 2006 - 01:01 PM

Hi endedge, looks like you have a CoolWebSearch (About:Blank) hijack. Follow the instructions in this link to get the help you need in our HijackThis forum:

MS MVP Windows-Security 2006-2016
Member of UNITE, the Unified Network of Instructors and Trusted Eliminators

Admin PC Pitstop

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users