How to fix about:blank problem
Posted by admin on 14 Nov 2007 at 11:01 pm | Tagged as: Anti Spyware, Antispyware, Browser, Internet, Internet Explorer, Malware, Spyware
Have you opened up Internet Explorer only to find that your browser re-directs and sends you off where you don’t want to be visiting?
If the answer is yes, the chances are high that you’ve been attacked by the notorious about:blank homepage hijacker. It’s likely that if you’ve been affected by the virus, you’ll know it as the Cool Web Search utility that appears on the desktop and in your web browser.
Make no mistake; there are many different homepage hijackers in circulation. They are used for several reasons, most notably for hackers to send traffic to websites of their choosing. Sometimes this’ll be to steal advertising revenue, other times it may be to fool a search engine. And of course, there are those occasions where the pesky hackers will attack for the sake of attacking.
You may have heard the about:blank problem described as a symptom of the HomeOldSP hacker. There is a simple reason for this, and to find it you only have to look as far as the Windows Registry where you’ll find the following key:
HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
While you might think that it’s possible to get rid of the about:blank virus by simply deleting the registry entry, it’s not quite as simple as that. Deleting the entry will temporarily disable the virus, but the infestation is designed to undo any attempt to delete it permanently. This means that within moments, you’ll be suffering from the same about:blank problems.
The good news is that the threat isn’t severe. It won’t render your system useless, although the same can’t be said for Internet Explorer which becomes extremely difficult to use with any variation of the Cool Web Search virus in place.
The DLL file at the root of the problem can be found hidden away at the key below:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
WindowsNT\CurrentVersion\Windows\\AppInit_DLLs
Once again, it’s not worth deleting the DLL because it will simply re-spawn. To remove it effectively, we need to download a copy of HijackThis and a comprehensive registry cleaner.
A good registry cleaner will scan and remove the about:blank hijacker. But it’s well known that the virus is capable of avoiding deletion across some anti-Virus platforms. Booting in safe mode is a good way of ensuring that you get to the root of the problem when you run your removal software.
It’s also possible to go in and correct the problem manually, if a little problematic to do so. You will need to use the Windows Registry Editor to locate a key named AppInit_DLLs. In its value entry, you will find the corrupt hidden DLL file that needs to be removed. The only problem is that you won’t be able to remove it unless you go through the Windows Recovery Console and rename the file first.
Before you can delete the file, you will need to lift the read-only protection that the hacker has placed on it.
Open up command prompt, find the stray DLL, and enter the following:
ATTRIB -R *file-name-here*.dll
Once the attribute has been changed, go ahead and delete the DLL file. Reboot the system and load up Internet Explorer. You should find that the about:blank problem is fixed.
We would strongly recommend that you purchase, or download, a sufficient spyware removal tool. There are many which sit in the web browser with the sole purpose of preventing intrusions such as the about:blank homepage hijacker.
Get a Free Online Diagnostic Scan with RegCure PC Optimizer (Download Takes 2 Mins)
Click Here