ABOUT BLANK IS DRIVING ME CRAZY!!!!!

PLEASE HELP ME REMOVE THE ABOUT BLANK FROM MY HOMEPAGE!!!!!!!!!!!!! I CANT TAKE IT ANYMORE!!!!!!!!!!!!!!!!!
I HAVE DOWNLOADED SPYWARE DOCTOR, SPYBOT S & D, NORTON ANTIVIRUS, MICROSOFT ANTISPYWARE, SPYWARE BLASTER, ADADAWARE, & CC CLEANER. NOTHING WILL STOP IT!!!!!!!!!!!! PLEASE HELP RIGHT AWAY!! BY THE WAY I HAVE WINDOWS 2000 PROFESSIONAL.
steph62898Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sajuksCommented:
download hijackthis from http://tools.radiosplace.com/HijackThis.exe
Click analyse, scroll down the page
Save the Analysis, a new page will open,
post that at http://www.hijackthis.de and check the recmnd. be sure to remove all unwanted/unknown processes.

aslo take a look at this
http://www.besttechie.net/forums/index.php?showtopic=1488
0
steph62898Author Commented:
i have removed about blank from my hijack this several times now, why is this not being corrected?
0
sajuksCommented:
did you do this in safe mode ?
did u try using AboutBuster ?
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

steph62898Author Commented:
i did not do it in safe mode    i didnt try about buster
0
sajuksCommented:
please try that too.

Check the manual soln at
http://www.pchell.com/support/aboutblank.shtml
Also could you post a link to the hijacklog that got generated.
0
steph62898Author Commented:
this is the most recent hijack log from the scan..

Logfile of HijackThis v1.99.1
Scan saved at 6:05:51 PM, on 3/13/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe
C:\WINNT\Cpqdiag\Cpqdfwag.exe
C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\NMSSvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Compaq\Compaq Management
Agents\Dmi\Win32\bin\Win32sl.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINNT\system\jjmca.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\SPYWAR~2\swdoctor.exe
C:\WINNT\explorer.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\WINNT\about.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP =
about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP =
about:blank
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
C:\PROGRA~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor -
{B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search
& Destroy\TeaTimer.exe
O4 - Global Startup: Microsoft Find Fast.lnk.disabled
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk.disabled
O4 - Global Startup: Office Startup.lnk.disabled
O9 - Extra button: Spyware Doctor -
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O13 - DefaultPrefix:
O16 - DPF: Yahoo! Chess -
http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} -
http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer
ActiveX Control) - http://download.toontown.com/sv1.0.14.41/ttinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object)
- http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation
- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Local Alerter (CPQALERT) - Compaq Computer
Corporation - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent
(CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINNT\Cpqdiag\Cpqdfwag.exe
O23 - Service: cpqdmi - Compaq Computer Corporation -
C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer
Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) -
VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) -
Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation -
C:\WINNT\System32\NMSSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) -
Symantec Corporation - C:\Program Files\Norton
AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec
Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program
Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
0
steph62898Author Commented:
CAN SOMEONE HELP ME WITH THIS LOG PLEASE?? I AM SO AT MY WITS END! LOL  THANK YOU
0
sajuksCommented:
first fix these entries from ur log

         C:\WINNT\system\jjmca.exe
         O2 - BHO: PCTools Browser Monitor -
         O4 - Global Startup: Microsoft Find Fast.lnk.disabled                 
        O4 - Global Startup: Microsoft Office Shortcut Bar.lnk.disabled
         O4 - Global Startup: Office Startup.lnk.disabled
         O9 - Extra button: Spyware Doctor -         To be fixed if the entry 'Spyware Doctor ' is unknown.
O9 - Extra 'Tools' menuitem: Show &Related Links -         To be fixed if the entry 'Show &Related Links ' is unknown.
       O13 - DefaultPrefix:       
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} -                 Check if you know this site and fix it if you do not.
        O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}               Check if you know this site and fix it if you do not.
        O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer               Check if you know this site and fix it if you do not.
        O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object)Check if you know this site and fix it if you do not.


0
steph62898Author Commented:
OK I DID THAT, BUT, I COULDNT FIX THE C:\WINNT\system\jjmca.exe BECAUSE THERE WAS NO BOX TO CHECK NEXT TO IT...WHAT SHOULD I DO, IM STILL GETTING POP-UPS.

Logfile of HijackThis v1.99.1
Scan saved at 8:41:17 PM, on 3/13/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe
C:\WINNT\Cpqdiag\Cpqdfwag.exe
C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\NMSSvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINNT\system\jjmca.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\WINNT\explorer.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\administrator.WS-W2K-EVP2A\Local Settings\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1.WS-\LOCALS~1\Temp\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/old
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Compaq Local Alerter (CPQALERT) - Compaq Computer Corporation - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe
O23 - Service: Compaq Remote Diagnostics Enabling Agent (CpqDfwWebAgent) - Compaq Computer Corporation - C:\WINNT\Cpqdiag\Cpqdfwag.exe
O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe
O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
0
sajuksCommented:
reboot in safe mode.
make sure in windows explorer the option "show all files" are on.
now try deleting it.

also
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1.WS-\LOCALS~1\Temp\se.dll/sp.html
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
needs to be fixed.

try doing an online scan ar http://housecall.trendmicro.com/
0
steph62898Author Commented:
i just downloaded mazilla as a browser. now that ive done that, can i remove internet explorer? if i do remove IE, will that get rid of all this crap?
0
sajuksCommented:
yes that would solve most of your problems.But be aware that IE cannot be completely removed from ur system ( microsoft has ensured that). Set mozilla as ur default browser and you should be a happy person.
and mozilla is the rite way, i gave up browsing using IE a long time ago
0
steph62898Author Commented:
oh ok   lol
well even though i am using mozilla for the last hour, IE pop-ups keep poping up???? what shall i do??
0
steph62898Author Commented:
can i set up mozilla home page to be yahoo instead of google?
0
sajuksCommented:
"well even though i am using mozilla for the last hour, IE pop-ups keep poping up???? what shall i do??"
have you got ie running in the background ??


" can i set up mozilla home page to be yahoo instead of google?"
in firefox....go to tools > options>general> location...here you can've multiple home pages
for eg: www.yahoo.com;www.google.com whcih would then open in two seperate tabs in the same browser
0
steph62898Author Commented:
IE doesnt appear to be running, but i do have a cable modem, isnt it running always?
0
sajuksCommented:
nope...i'd recommend doing an antivirus scan on ur pc.
try this tool
http://www.scosoft.com/download-remove-about-blank-buddy.htm

0
steph62898Author Commented:
i have pop ups even when i dont click on internet explorer & i have norton antivirus, spybot s & d, microsoft antipsyware, hijack this, &  a couple other spyware protectors
0
steph62898Author Commented:
my spybot s & d keeps telling me that a registry change is trying to be made, "about blank & trojan.startpage" are trying to get in the registry
0
sajuksCommented:
running cwshredder http://www.spywareinfo.com/~merijn/files/cwshredder.zip and then using hijackthis should've sorted it out.
can you run cwshredder and post ur hijackthis log file again ( just save the link at http://www.hijackthis.de and post the link reference).
0
blue_zeeCommented:

SearchExe Manual Removal:

Follow these steps to remove Search-Exe from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.

   1. Kill these running processes with Task Manager:
      se.exe

   2. Unregister these DLLs with Regsvr32, then reboot:
      se.dll

(regsvr32 /u c:\....\.....\se.dll from the Run command box)

   3. Remove these files (if present) with Windows Explorer:
      app.dat
      bm.dat
      se.dll
      se.exe

Source:

http://www.securemost.com/articles/trou_3_remove_searchexe.htm

regsvr32 /u c:\winnt\winshow.dll

Good luck (you will need it).

Zee
0
blue_zeeCommented:

Please disregard the regsvr32 /u c:\winnt\winshow.dll (Not on topic at all)
0
caza13Commented:
Open the Internet Options window from the control panel, and delete all Cookies and Temporary Internet Files.  In the Documents and Settings folder open the folders for each user including the Administrator and find the Temp sub-folder in the Local Settings folder.  Delete everything that you can from each Temp folder but leave the empty folder.  Use the Task Manager to locate and end the jjmca.exe process.  Then delete the file.  Fix the following items, and delete the files below:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\ADMINI~1.WS-\LOCALS~1\Temp\se.dll/sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

C:\WINNT\system\jjmca.exe
C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
C:\DOCUME~1\ADMINI~1.WS-\LOCALS~1\Temp\se.dll/sp.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
caza13Commented:
Correction!  Leave the following items:

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
0
steph62898Author Commented:
WHAT IS THE JJMCA.EXE?  
AFTER NORTONS ANTIVIRUS DETECTS THE TROJAN.STARTPAGE, IT DELETES IT & THEN THE NEXT DAY DETECTS IT AGAIN & DELETES IT AGAIN. WHY DOES IT FIND & DELETE IT SO MUCH? SHOULDNT IT BE GONE. I HAVE LIKE 4 SPYWARE PROGRAMS??
0
caza13Commented:
Thanks.  The file jjmca.exe seems to be a spyware service.  They often use random filenames.  To reduce the chance of reinfection use Windows Update ( v4.windowsupdate.microsoft.com ) to make sure that all of the latest security patches are installed.
0
steph62898Author Commented:
ok i was able to remove the jjmca.exe but i cannot find the se.dll....my homepage still says about blank & when i run my hijack this, it doesnt remove the R1's or RO's that say about blank?????
0
caza13Commented:
Find the C:\Documents and Settings\Administrator.ws-\Local Settings\Temp folder, and delete everything that is there.  Is it possible that one of the spyware scanners has the start page locked?  You should also be able to change the start page in the Internet Options window.  Access it from the Tools menu in IE or from the Control Panel.
0
steph62898Author Commented:
the se.dll file is not in the temp folder. only the jjmca was in there. also, i am able to change the home page in the internet options, however, it just keeps rechanging it self to about blank?????????????????? im sooooooooooooo tireddddddddddddddddddd  lol
0
steph62898Author Commented:
i would like to know how to get rid of about blank....i have tried many different things now to do this & it is not going away...i would like to have an answer soon if possible. thank you
0
caza13Commented:
Maybe the following link will help.

About:Blank Homepage Hijacker Removal Instructions and Help
http://www.pchell.com/support/aboutblank.shtml
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Vulnerabilities

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.