Overview
You my notice that your Home Page Setting in Internet Explorer is
kept being reset to about:blank and there was a search page that would startup.
Even if you reset it to something else it will be reset back to about:blank after a
while. We run Norton Antivirus - without success!
There are two malicious .dll files on you computer. One is visible
and can be easily deleted. The other is HIDDEN. The hidden .dll regenerates the viewable
.dll if it is deleted or changed. The hidden file is the problem.
To rid your self of the hidden .dll, which is the core of the
problem, do the following.
Solution
The first and easy step is to remove the visible
DLL. Sort the C:\Windows\System32 Folder on the Column "Modified" an you will see the
visible DLL on top of Windows Explorer:
C:\Windows\System32\"Visible".dll
Note that "Visible" is a name which changes each time, so your
visible name is not the same as ours.
You cannot remove it using Windows Explorer, because
the visible DLL is in use. But you can rename it to something like: remove_me_after_reboot. Rename the visible
DLL in the CMD-shell or any other tool (e.g. Cygwin).
After rebooting your PC, delete this renamed
file.
The key is to find the hidden DLL, since there are two, one will be
modifying your internet explorer pages and resetting them to about:blank, the other is
hidden and loaded at all times, first you need this program:
http://www.resplendence.com/download/reglite.exe
Download it - and install it - No harm!
Open reglite and paste this value in the address bar:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\
CurrentVersion\Windows\\AppInit_DLLs
Then double click:
AppInit_DLLs
You should be able to see a file with this address:
C:\Windows\System32\"Hidden".dll
For example on my W2K box, the hidden file is called
wdm.dll
Install the Windows Recovery Console Option if not already
done:
The Windows Recovery Console is not the plain DOS prompt you can
find in your START menu, here's how you can access this console:
(X = your CD Drive)
1. Pop in the Win2000/WinXP CD.
2. Run X:\i386\winnt32.exe /cmdcons
3. A dialog comes up saying it takes 10mb, etc., etc. - Click yes to install.
If you already see the boot menu you're done. If you don't then
lets make it appear:
- Right Click My Computer
- Click Properties
- Click advanced tab
- Click startup and Recovery Settings
- Check Time to Display List of Operating Systems
- Set the timeout to something reasonable like 10
seconds
- Apply the settings, reboot, and you should see the new option to
go into the recovery console. You'll need the Administrator password for your computer
to access the console.
Then in to the Windows Recovery Console go to C:\Windows\System32, there modify the file by using the Attrib
command, otherwise you won't be able to erase it, another way you could, is to change the
name of the file.
C:\Winnt\System32: rename wdm.dll
about_blank C:\Winnt\System32: attrib -R about_blank
Reboot your system and open reglite again, go back to the same
key:
AppInit_DLLs and delete the
value.
Now you can reset your Home Page Setting for
Internet Expolrerer to your desired Page - why not Akadia ?
|