about.blank is driving me insane

hi guys....this is day 6 of my fight against about.blank.
so far the programs i have used to rid myself of this PAIN IN THE REAR!!! ARE AS FOLLOWS...MCAFEE ANTI SPYWARE....NORTON....ADAWARE....SPYBOT...CWSSHREDDER....AGV
Im now at a loss and on the verge of binning my hard drive.
can some1 please read my hijack this log and tell me where i am going wrong...i have constant fake virus warnings...popups...i have run norton and agv and they both say i have a trojan but they cant fix it.and now to top it all off i have lost my homepage to about.blank

please please please can some1 help me.


Edit: Inline HJT log removed, so steps in guide can be run.

 

still plagued by about.blank

hi again...after following ALL the steps and instructions i am still suffering.
still cant change my homepage from about.blank.ive attatched my logs
i also ran spybot and it came with "no threats"
ad-aware detected alexa,mrv list,and tracking cookie...all removed.but as you can see from my logs in panda and bitdefender i am still infected.is this what is causing the about.blank???
any ideas what to do next??/ help

 

i think im getting there.

hi again...i have followed all the steps as u said.
but i still cant change my homepage...the steps did solve the majority of my malware issues and no longer get loads of fake warnings...popups etc...
im now using a different browser...mozilla firefox.but my ie homepage is still about blank
i have found trojans on the pc...is this causing the about.blank.?
i am attatching my hijack this scan please some1 take a peep for me
the stuff i have found are : trojan horse downloader zlob.ye
i have two of those
and also trojan horse puper.da two of these as well
have also got some adware that i cant get rid of and i have done all the steps by the letter and order in which i was given.
mysrchas.dll
btwebcontrol.dll(agv says this is a harmfull dialler)
adware generic kfk singles2tripletrouble.exe or something.
anyone understand any of this? cos i dont and am lost.

 

Empty the Norton Quarintine folder and the Norton Protected Recycle bin.

You hav both AVG and NAV installed. Only 1 resident AV program should ever be installed on a computer. Pick either NAV or AVG, unintall the other.

Your version of Java is outdated; update to 1.5.0_06.

Follow the SpywareQuake Removal Procedure directions.

Post the smitfiles.txt from the SpywareQuake procedure and a fresh HijackThis log.

 

followed further steps

hi again....well i did all the steps u said..emptied norton protected bin and the norton quarantine bin..
what about agv?...do i empty the vault too?
i uninstalled norton anti virus and updated my java to 5.0 update 6
followed all the steps in spyware quake removal procedure.
there were none of the files mentioned so i moved on to the next step and ran runthis and let it do its thing...rebooted in normal modeand looked for the other files that were mentioned and none were found
ive attatched my smitfiles.txt as requested and a fresh hijack this log.
thank you for all the help so far your a godsend.

 

Yes, empty the AVG VIrus Vault.

Scan with HijackThis and fix the following:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hp2198.tmp
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [ICcontrol] C:\WINDOWS\iccontrol.exe

Download
- Pocket Killbox
- ExplorerXP

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

 

followed steps.....heres my new hijackthis log

 

Follow the directions for Smitfraud, SpySheriff, SpyAxe & PSGuard Removal

Post teh smitFIles.txt and a fresh HijackThis log.

 

me again..........
heres my pandascan and my smit txt file
still cant change homepage...when i do i see all my desktop restart and homepage goes back to about.blank
ive cleaned and cleaned this thing.
all the files i was to look for and delete were not there.
i cant see where this problem is coming from.

 

Post a fresh HijackThis log.

 

sorry i forgot

 

The infection respawned.

Follow the directions for:
Running WinPfind by OldTimer
Using GetRunKey

Post both WinPFind.txt and runkey.txrt.

 

hi...its me (the pain in your rear) lol
heres my attatched logs from runkey and winfind.
what does respawned mean?(im a dumb blond)

 

Now, I know exactly what we are dealing with. Follow the directions for SpywareQuake & SpyFalcon Removal Procedure.

 

ive done that.and none of the spyfalcon or spyware quake files were found but i continued with the steps anyway.heres my smit txt file.

 

Your last HijackThis log did in fact show a file associated with SpywareQuake.


Post a fresh HijackThis log.

 

i cant find it then.
heres a fresh hijack log.the files i was suppossed to be looking for are not there to remove.im soooo dumb.

 

OK, that file appears to be gone.

Scan with HijackThis and fix the following:

Follow the directions for Running Ewido Anti-Malware.

Post the Ewido log and a fresh HijackThis log.

 

yeahhhhh!!!! i have my homepage back
i think i love u!!!
thank u thank u thank u
for all your help!! and your patience!
heres my eiwdo log and fresh hijack log
u are a diamond!

 

Empty Your NortonProtected Recycle Bin
Empty the Norton Quarintine Folder

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

Scan with HijackThis and fix the following line:

Disable System Restore, REBOOT and then enable System Restore. This will flush all your restore points and create a new clean one for your system.

System Restore Tutorial
How to Protect yourself from malware!

Safe surfing.