If your one of hundreds of thousands who's IE browser has been hijacked by about:blank here's some help. I've even seen about:blank mentioned in FCC Senate hearing as being a huge privacy problem. You probably have been jacked by CoolWebSearch or some such Spy application. www. spywareinfo.com has an application that will remove several CWS. villains but this is just the tip of the problem. about:blank will persist until you remove the root/cause of the problem. Enter the need for Spy killer applications (not the same as AdWare remedies). I have a ZoneAlarm fire wall and Norton anti-virus active when I'm on the internet and SpyJackers get by and into my PCs no problem. To gain control of my PCs I purchased SpyCop(www.spycop.com). A usual $69 product at 20% discounted seemed like a good buy but shortly after this purchase i discover an equal if not better product, SpyBot www.spybot.info , for donations. SpyBot will immunize a PC where as SpyCop seems not to have this option. Both use a data base as part of their analysis procedures so are updateable and very flexible. One of the PC I applied these applications to is almost brand new and it had 120 Spy entries (directories, files, register entries). A second PC, well internet worn, had 304 such entries.

SpyBot enables you to use, correct, and evaluate your need for a SpyKiller while SpyCop offers little assistance until purchased.

Cool info thanks!

Also I use Spybot Search & Destroy to keep things from being hijacked. So far the only thing that it hasn't removed is a DSO exploit, which they are working on - so I've read.

=)
Jade

it is actually a file in the windows/system or winnt/system32 folder. I can't remember right off hand what the file's name is, something like msxmlpp.dll or msxml.dll. it will not have a microsoft name. the bad guys changed it.

I also have use CWShredder to delete all of the variants of CoolWebSearch, more than 20 of them.

Having noted the CWS/CoolWebSearch villains above, I set out to prevent them from entering my PC by, as recommended by the CWShredder authors, removing the Microsoft Virtual Machine from my IE environment (what ever I mean by that I know not). CWS villains are not detected by my SpyBot or SpyCop, Norton anti-virus, or ZoneAlarm software. So I began the removal of Java/VM from one of my PCs. Microsoft has one tool to remove VM and another tool to verify VM is not resident on your PC. Initially, this seemed to be a good thing, M/S will not support/improve this product/Java VM in the future and will not support it after 2007, but my personal web site uses Java to provide menu navigation and so there I was needing Java but had none. :rolleyes:

But that's OK I found Suns Java download site: http://www.java.com/en/index.jsp So, now I have an IE6 browser with Sun Java and no security vulnerable to CWS! ;)

A smarter way, no need to remove M/S Java VM. Just download/autoinstall Sun Java, then select Sun Java and deselect M/S VM using IE6 browser Tools/InterNet Options/Advanced. :D

or you could just disable the activeX component in IE
Tools-> internet options -> securty -> custom level

but this will shutdown the ability to update the OS and IE from microsoft. add that url to the trusted sites list and it should work.

also Spybot does see the CoolWebSearch as I just did one this morning using spybot 1.3.