# [SOLVED] Internet Explorer ABOUT:BLANK



## starwaves77 (Feb 17, 2002)

Hi to all,

Alas, I cannot fix this, but only after repairing many things and trying a very long time, uninstalling much spyware and a virus, and I still can't believe this adress bar is still giving me ABOUT:BLANK.

Fortunately this is not my primary computer.

Let me explain:

Explorer 6.0 started displaying ABOUT:BLANK in the URL window, if I delete that and enter an adress I can surf to a website, but it always defaults to ABOUT:BLANK .

HERE'S WHAT I'V DONE:
I scoured it looking for spyware with HIJACK THIS, AD WARE, & SPYBOT, and I have cleaned it meticulously, I will post the most recent HIJACK THIS log.

There was so much spyware, ugh, including WINSTART001.EXE, EZULA, TOPTEXT, IGETNET, Precision Time, WUPDTE.EXE, on and on, "the full catastrophe" but after a good wrestling match, I think she's clean of this ------and unbelievable as it is, I still have the about:blank.

1. the homepages are normal in Explorer's 'homepage" window, also for aol's window.......

2. spyware removed

3 registry cleaned

4. hosts files wiped out ------AND THEY WERE AWFUL!

5. all other pc maintenance sytem tools run ----A OK

6. removed all spy's from MSCONFIG

7. SPY software gone from add/remove --newdotnet, precision, etc

8. repaired Internet Explorer

9. *finally, need your ideas*

HERE'S THE MOST RECENT HIJACK THIS,

Logfile of HijackThis v1.94.0
Scan saved at 8:52:09 AM, on 8/12/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title=Microsoft Internet Explorer provided by America Online
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [QuickTime Task]

C:\WINDOWS\SYSTEM\QTTASK.EXE
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [HPAIO_PrintFolderMgr] C:\WINDOWS\SYSTEM\hpoopm07.exe Hewlett Packard's
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service

O4 - HKCU\..\Run: [Extreme Messenger for AIM] C:\PROGRAM FILES\EXTREME MESSENGER\EXTREMEMESSENGER.exe nosplash
O4 - Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 98\DMHKEY.EXE

O4 - Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: HPAiODevice.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\hpodev07.exe

O4 - Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe fish screensaver/removing

O4 - Startup: Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\FRU\Remind32.exe
O4 - Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe

O4 - Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe
O4 - User Startup: InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 98\DMHKEY.EXE

O4 - User Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE
O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - User Startup: HPAiODevice.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\hpodev07.exe

O4 - User Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - User Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - User Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe

O4 - User Startup: Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\FRU\Remind32.exe
O4 - User Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - User Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe

O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .bmp: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,64/mcinsctl.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,13/mcgdmgr.cab

O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net____ THIS HAS BEEN REMOVED

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

This is another "startup report" like HIjack......and also shows "fixed" entries>
STARTUP LIST 1.5 REPORT

startupList report, 8/12/03, 8:53:21 AM
StartupList version: 1.52
Started from : C:\PROGRAM FILES\AMERICA ONLINE 7.0\DOWNLOAD\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\SYSTEM\HPOOPM07.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
C:\PROGRAM FILES\DIAMOND\INCONTROL TOOLS 98\DMHKEY.EXE
C:\PROGRAM FILES\CALLWAVE\IAM.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PSC 700 SERIES\BIN\HPODEV07.EXE
C:\PROGRAM FILES\PRECISIONTIME\PRECISIONTIME.EXE
C:\PROGRAM FILES\DATE MANAGER\DATEMANAGER.EXE
C:\WINDOWS\FSSCRCTL.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PSC 700 SERIES\FRU\REMIND32.EXE
C:\PROGRAM FILES\AOL COMPANION\COMPANION.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PSC 700 SERIES\BIN\HPOEVM07.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PSC 700 SERIES\BIN\HPOSTS07.EXE
C:\PROGRAM FILES\AMERICA ONLINE 7.0\WAOL.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\AMERICA ONLINE 7.0\DOWNLOAD\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Profiles\Mandolinfarm\Start Menu\Programs\Startup]
InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 98\DMHKEY.EXE
Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
HPAiODevice.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\hpodev07.exe
PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe
Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\FRU\Remind32.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe

User shell folders Startup:
[C:\WINDOWS\Profiles\Mandolinfarm\Start Menu\Programs\Startup]
InControl Desktop Manager.lnk = C:\Program Files\Diamond\InControl Tools 98\DMHKEY.EXE
Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE

Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
HPAiODevice.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\hpodev07.exe
PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe

Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe
Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\FRU\Remind32.exe
AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe

Shell folders Common Startup:
[C:\WINDOWS\All Users\Start Menu\Programs\StartUp]
ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
TaskMonitor = C:\WINDOWS\taskmon.exe
SystemTray = SysTray.Exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
QuickTime Task = C:\WINDOWS\SYSTEM\QTTASK.EXE
EnsoniqMixer = starter.exe

HPAIO_PrintFolderMgr = C:\WINDOWS\SYSTEM\hpoopm07.exe
RealTray = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
VSOCheckTask = "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
VirusScan Online = "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"

MCAgentExe = C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
MCUpdateExe = C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
TrueVector = C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Extreme Messenger for AIM = C:\PROGRAM FILES\EXTREME MESSENGER\EXTREMEMESSENGER.exe nosplash

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=
drivers=mmsystem.dll power.drv

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 2/8/2003, 7:58:14)

[Rename]
NUL=c:\program files\america online 7.0\download\hijackthis\backup-20030730-162829-682.dll
NUL=c:\program files\ezula\mmod.exe
NUL=c:\program files\comet\services\update.js
NUL=c:\program files\comet\bin\csinstall.exe
NUL=c:\program files\comet\bin\comutil.dll
NUL=c:\program files\comet\bin\csinst.dll
NUL=c:\program files\comet\bin\csapputil.dll
NUL=c:\program files\comet\bin\csutil.dll
NUL=c:\program files\comet\bin\csbrange.dll
NUL=c:\program files\comet\bin\fileutil.dll
NUL=c:\program files\comet\bin\csctx.dll
NUL=c:\program files\comet\bin\csband.dll
NUL=c:\program files\comet\bin\comet.exe
NUL=c:\program files\comet\bin\skinui.dll
NUL=c:\program files\comet\bin\cseng.dll
NUL=c:\program files\comet\bin\csietb.dll
NUL=c:\program files\comet\bin\cscore.dll
NUL=c:\program files\common files\cmeii\store\core\appmgrgui.zip
NUL=c:\program files\common files\gmt\mepcme.dat
NUL=c:\program files\common files\gmt\gatorstubsetup.exe
NUL=c:\program files\common files\gmt\egieengine.dll
NUL=c:\program files\common files\gmt\scripts\gator.com.esp
NUL=c:\windows\ezinstall.exe
NUL=c:\windows\gatorplugin.log
NUL=c:\windows\ilookup\ttil.exe
NUL=c:\windows\profiles\mandolinfarm\start menu\programs\comet cursor.lnk
NUL=c:\windows\profiles\mandolinfarm\start menu\programs\gain\gain website.url
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected]bpdp.gator[1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected]www.qksrv[3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][4].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][4].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected]www.commission-junction[2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][3].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected]www.nowadvertising[2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected]www.qksrv[2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][2].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\profiles\mandolinfarm\cookies\[email protected][1].txt
NUL=c:\windows\start menu\programs\comet cursor.lnk
NUL=c:\windows\applog\gmt.lgc
NUL=c:\windows\all users\desktop\comet cursor.lnk
NUL=c:\windows\system\comet.dll
NUL=c:\windows\system\ezstub.exe

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

SET BLASTER=A240 I7 D1 T2
SET SNDSCAPE=C:\WINDOWS

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
McAfee.com Update Check 07122003075115.job
McAfee.com Scan for Viruses - My Computer tsid_07122003074632.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

[QuickTime Object]
InProcServer32 = C:\WINDOWS\SYSTEM\QTPLUGIN.OCX
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[QDiagAOLCCUpdateObj Class]
InProcServer32 = C:\WINDOWS\SYSTEM\QDIAGCC.OCX
CODEBASE = http://aolcc.aol.com/computercheckup/qdiagcc.cab

[McAfee.com Operating System Class]
InProcServer32 = C:\WINDOWS\SYSTEM\MCINSCTL.DLL
CODEBASE = http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,64/mcinsctl.cab

[DwnldGroupMgr Class]
InProcServer32 = C:\WINDOWS\SYSTEM\MCGDMGR.DLL
CODEBASE = http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,13/mcgdmgr.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL

--------------------------------------------------
End of report, 13,122 bytes
Report generated in 0.344 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

OK.......THANKS AGAIN FOR CHECKING ON THIS WITH ME


----------



## JenniferLore (Jul 7, 2003)

There are three things I can suggest:

The first one you may have already tried.

1. Go to the control panel
Double-click internet options
on the homepage section of the general tab type any web address. This is the default location when you start internet explorer.

If this doesn't work then 
2. Open regedit and browse to this key
HKEY_CURRENT_USER\software\microsoft\internet explorer\main

on the "Start page" key on the right panel change the value to whatever webpage you want iexplorer to use a its default.
THIS SHOULD WORK BUT IF IT DOESN'T THEN USE #3

3.open regedit (same path as #2 but the primary key is different)
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main

on the "Start page" key on the right panel change the value to whatever webpage you want iexplorer to use a its default


----------



## bassetman (Jun 7, 2001)

I started getting the "about blank" notice when I decided not to have IE start on any page.


----------



## JenniferLore (Jul 7, 2003)

That's the result.

Either you have a start page or you have about:blank


----------



## starwaves77 (Feb 17, 2002)

Thanks Jennerlore,

I had checked the homepage entries in explorer early on and changed them to my startpage, but still got the error.

When I browsed to>
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
on the "Start page" ------ found this>

http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"

that is a valid adress, I checked, so I left it, it looks hijacked but it's not........

the entries in LOCAL MACHINE, checked out the same as LOCAL USER, left them too.......

Looked at Searchpage, and other Default Adress's, no problem spy's there either,

PS....
Here are some valid default settings:
for others,

"*Default_Page*_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

*"Default_Search_*URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

*"Search Page"*="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

*"Start Page"*="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

Extra thanks for that tip,
Now I will just search the registry for leftover previous "spy" entries......


----------



## hackedagain (Aug 17, 2003)

I may have a similar problem.
Running ME, precisiontime and date-manager using
GAIN or gator are blocking 

Deinstalling is not working since on the add/remove
screen neither programs are present.

Running AD-AWARE 6.0 cleans it up for a while,


----------



## starwaves77 (Feb 17, 2002)

Get rid of Precision Time by using HIJACK THIS

Look for and delete ths>
O4 - User Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe

Also use it for GATOR.

AND DEFINITELY RUN 
SPYBOT

It will find spyware and registry entries the others don't,

Here's another website on PRECISION TIME / GAIN / GATOR removal 
Precision Time Removal

"Precision Time is part of the GAIN system. The Gator Advertising Information Network. It is generally installed with Gator, although it can be installed as a separate application. It installs itself as a drive-by application loading simply by clicking OK on a pop-up ad that appears on your screen. It synchronizes your computer's clock to the U.S. Atomic clock ensuring you have the correct time, however because it is part of the GAIN network, you receive pop up ads and other nuisances along with it."


----------



## starwaves77 (Feb 17, 2002)

Thank you JenniferLore for pinning this down for me, and this is now solved. I have a knack of overlooking the simplest things, or at least not double checking on them. There were so many spyware/trojan hijackers removed from the computer that I followed all ideas after that to the registry. I had checked "homepage" in Internet Explorer/Properties and saw a website I recognized, LOL, but I didn't bother to try and change it. Ay, yai, yai....!

Just for fun, I changed that link to another site I liked and forgot about it, the next time I rebooted the computer, and tested explorer, ABOUT:BLANK was gone!

In retrospect, there were so many ie/toolbars & other spyware/trojans removed that I don't think that would have worked in the begining of this, but it did in the end.


----------

