I got this About:blank thing going on on my friends computer here.

1st here is the HJT log:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\documents and settings\nancy song\local settings\temp\MHJOVc6.exe
C:\documents and settings\nancy song\local settings\temp\p3C.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Lime_Shop\Limeshop0.exe
C:\Program Files\Lime_Shop\Limeshop1.exe
C:\Program Files\Browser Hijack Blaster\bhblaster.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Nancy Song\Local Settings\Temp\Temporary Directory 16 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\NANCYS~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\NANCYS~1\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\NANCYS~1\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\NANCYS~1\LOCALS~1\Temp\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\NANCYS~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Limeshop0] "C:\Program Files\Lime_Shop\Limeshop0.exe"
O4 - HKLM\..\Run: [MHJOVc6] C:\documents and settings\nancy song\local settings\temp\MHJOVc6.exe
O4 - HKLM\..\Run: [p3C] C:\documents and settings\nancy song\local settings\temp\p3C.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\THEWEA~1.EXE
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: LimeShop Preferences - file://C:\Program Files\Lime_Shop\Sy700\Tp700\scri700a.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {11311111-1111-1111-1111-1157} - file://C:\Recycled\Q330995.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38152.5962268518
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F0ADF21F-3400-43AE-B644-366830738FF3}: NameServer = 128.223.32.35 128.223.60.22

I have fixed the obviouse R1 and R0's a number of times. CW Keeps removing searchx, but after a period of time, it all goes back to the way it was.

AboutBuster removed a file C:\WINDOWS\System32\nthst32.dll

and everything seemed to be working, but now Browser Hijack Blaster is under attack with changing pages and BHOs. Thats me out of ideas. Can you help?

Endless grattitude if you can.

--Robert S.