How to Get Rid of About:Blank Home Page

[mobo]

mdreyes:



Download and install APM from: http://www.diamondcs.com.au/index.php?page=apm

Close all windows except HijackThis and fix the lines above.

In the upper window select explorer.exe
In the lower window find and rightclick the BHO from the HijackThis log (cmmj.dll)
Select Unload DLL and click OK on the prompts that follow.

Reboot and scan with AdAware to remove the txt and html protocol association.

 

[yandaoben]

got it

i got it too but managed to fix it by turning my firewall back on.
Hope it works for you too.

 

[Toblerone]

sighz yeh that seems to be the only way for me...effing spyware

 

[irbk50]

About:Blank

Don't hijack another users thread. Post this in the main forum and I'll go through it for you. BTW...you have a lot of crap in your log. Download Ad-aware SE, Spybot Search&Destroy, CWShredder..update them and run them to clean some of this crap out. Thanks!===MicroBell


I read some of the earlier postings and downloaded Hijack This. The results are to follow. Can someone please assist me and tell me what to delete.

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\System32\USRSTA.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\PROGRA~1\STOMPS~1\SPYWAR~1\PPControl.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BlueLight Internet\exec.exe
C:\Documents and Settings\Administrator\Application Data\rpao.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Q817287.log:hcaat
C:\WINDOWS\apiez32.exe
C:\Documents and Settings\Administrator\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\aqyqc.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\aqyqc.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\aqyqc.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\aqyqc.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\aqyqc.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\aqyqc.dll/sp.html#37049
O2 - BHO: (no name) - {27C69AB9-7058-A173-08CD-4881744A47E8} - C:\WINDOWS\system32\netnx.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [USRSTA.EXE] USRSTA.EXE START
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [msfh.exe] C:\WINDOWS\system32\msfh.exe
O4 - HKLM\..\Run: [bkuomsvtneiut] C:\WINDOWS\System32\bdjmue.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\STOMPS~1\SPYWAR~1\PPMemCheck.exe
O4 - HKLM\..\Run: [Spyware X-terminator Control Center] C:\PROGRA~1\STOMPS~1\SPYWAR~1\PPControl.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\STOMPS~1\SPYWAR~1\CookiePatrol.exe
O4 - HKLM\..\Run: [SpywareXterminatorCL] C:\PROGRA~1\STOMPS~1\SPYWAR~1\SpywareXterminatorCL.exe c:\
O4 - HKLM\..\Run: [apiez32.exe] C:\WINDOWS\apiez32.exe
O4 - HKCU\..\Run: [uoltray] C:\Program Files\BlueLight Internet\exec.exe regrun
O4 - HKCU\..\Run: [Ossr] C:\Documents and Settings\Administrator\Application Data\rpao.exe
O4 - HKCU\..\Run: [Nlrdcjk] C:\WINDOWS\System32\npddzhm.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKLM\..\RunOnce: [hcaat] C:\WINDOWS\Q817287.log:hcaat
O4 - HKLM\..\RunOnce: [Remove at boot] C:\DeleteAtReboot.bat
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.mybluelight.com/s/sp
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchmiracle.com
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...3d36297b2b37:b70ac5aa8ec48e2e58a29296baabe1d6
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A891396-3418-4BD0-91BD-051FB9743448}: NameServer = 198.6.1.1,198.6.1.6

 

[wead]

i just got to say the maker of cws needs to be held accountable for his actions. new anti spyware legislation is passing. lets get his arse thrown in jail.

 

[bobt9908]

about:blank

I went nuts trying to remove "about:blank" as my start page and then thought of a simple solution that works every time. The first thing you have to do is delete out everything from your temp folders [I use windows 98 SE] including all of the cookies in your folders. Then immediatly reboot your computer and press the F8 key. The menu that comes up gives you a bunch of options. I select "dos promt in safe mode" When the dos prompt comes up I change over to the directory "c:\windows\command" Then I type in "scanreg/restore" You can then restore your registry to the previous day or to a previous time on the same time day that you developed your "about:blank" problem. you will only have a problem if you loaded a new program after the registry date you selected to restore to and at the time you developed your problem. If that happens you only have to reload you new program after you have restored your system to the previous registry date. Please check instructions about restoring you registry. I have used this system several times and it has worked flawlessly every time I have used it. It only takes about 5 minutes to do it.