[Webinar] Streamline your web hosting managementRegister Today


Web hijacker about:blank

Posted on 2004-10-24
Medium Priority
Last Modified: 2010-04-11

My broser has been hijacked.  It keeps coming up about:blank.  I have tried several spyware solutions and none have worked.  I have tried, ad-aware, spybot seach and destroy, CWS shredder.  I cannot find a solution.

If anyone has advice, I would appreciate it.  I am not a computer expert, so please give step by step instructions if I need to remove manually.

Question by:BScottMac
LVL 65

Accepted Solution

SheharyaarSaahil earned 750 total points
ID: 12394550
Hello BScottMac =)

Read our EE Official Link on How to Troubleshoot Spywares\Adwares and Browser Hijacking Issues,
LVL 65

Expert Comment

ID: 12394576
Dont forget to Disable ur system restore if u are running WinME\XP !!
and always run the removal tools in Safemode except Hijackthis !!
Delete the Temp and History Files of IE also !!
Run Disk Cleanup to delete all the extra and temp files from ur hard drive !!
Check if u can get rid of it or not ?? :)

LVL 49

Expert Comment

ID: 12395028
Hi BScottMac,

about:blank is a very tricky web hijacker..

You may want to try this about:buster
http://www.bleepingcomputer.com/files/aboutbuster.php  ( I donot think this one is given in the link that has been given in the previous suggestion, i just did a page search )

I would also do this

a) Start --> run --> Type in "msconfig" and press "Enter"
goto Startup tab
Disable all the applications there except anti-virus.Reboot the machine and check if the webpage is still hijacked.
If not, then enable one at a time in the same startup tab and find the application or process that might cause this
at startup

b) lock the homepage using Spybot

First go to IE --> tools --> Internet options and setup a homepage of your choice

Then what you can do is this.. Install spybot 1.3 : www.softpedia.com/public/cat/10/17/10-17-21.shtml 
open it and update it
go to mode --> advanced mode
now on the bottom left navigation pane , you should see tools
click on it and go to "IE tweaks"
and check " lock IE startup page setting against user changes"
Close spybot

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!


Expert Comment

ID: 12395130

Expert Comment

ID: 12396484
I used avast home edition to remove the about:blank hijack

Expert Comment

ID: 12407345
I have been using Firefox for awhile now, every now and then I have to use IE and its dogie even with SP2.
FireFox has never been  hijacked in the 6months Ive had it, its quality software and
is far more secure than IE.

Expert Comment

ID: 12431444
I switched to the Fox because of problems like this, but you can get rid of this hijack.  You would need the software HijackThis and a registry analyzer like Registrar Lite(both free).
Update your windows operating system with all microsoft updates.  If you want a shortcut to windows update,go to control panel and look in upper left hand corner, you will see it there.  Select and download all of the critical updates for XP.

Disable the System Restore feature in Windows XP (you can re-enable it again once your system is clean). Here  is a link on how to disable it.

Next, make sure all browser and all Windows Explorer windows are closed, then run "Hijack This!" and have it fix these entries:
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\Updreg.exe
O4 - HKLM\..\Run: [AutoLoader2sre1POVNYXP] "C:\WINNT\System32\mlluery.exe"
O4 - HKLM\..\Run: [2F8U35T] mlluery.exe
O4 - Global Startup: APC UPS Status.lnk = ?

You want to make sure that the items that contain 'start page' or 'main' in it have your correct Home Page
When done, reboot your system and bring it up in "Safe Mode" (F5 or F8 when starting Windows). At this point make sure Windows is configured to see hidden files and folders.

While in "Safe Mode", find this file and delete it from your system:

C:\WINNT\System32\mlluery.exe     It may be a different file name, but something close to it.  (if not sure skip over and we will get back to it later)

When finished, reboot your system again and bring it back up in normal mode. Run MSCONFIG and enable everything in the startup area. To get to MSCONFIG, click on Start -> Run -> type in MSCONFIG -> click OK.

From here use the reg tool and go to this key in the program ---> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main    Go to 'start page' in the folder and double-click on it.  If the value is different from your home page, delete it and then save.  After all of that reboot you system just to make sure and change your start page to whichever one you'd like.  That should be it, let me know if you have any trouble.

Expert Comment

ID: 12431527

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
There's never been a better time to become a computer scientist. Employment growth in the field is expected to reach 22% overall by 2020, and if you want to get in on the action, it’s a good idea to think about at least minoring in computer science …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question