I've got the "CoolWebSearch, about:blank" virus again. I've tried CWShredder, About:Buster, About:Blaster, and panda's directions to put the registry back to OEM. After any of the above, it's gone...for about 5 minutes and then it's back. Any suggestions? I'm geting ready to reformat and rebuild if I can't get rid of this sucker.

I had that sucker that keeps hijacking your hompage to that search page. I tried all kinds of programs to remove it but. i find the easiest way to fix it is to. do a "System Restore". On windows Xp go to "control panel" then "performance and maintenance" then on the left column is "System Restore" select restore to an earlier time then on the calender just go back to a day before you had the problem. Just save anything you put on the computer between now and the date you go back to cause it will be gone. you can also go back and undo this if it dont work but it did for me

Thanks, Helmut. I do have XP on that machine, problem is I had it(the virus), didn't have it, had it etc. I have no Idea what date I might choose. From what I understand this is a new version and it will even prevent you from reaching the sites that might have a cure. You have to find a link to sites like CWShredder, 'cause it won't let you go there direct.

try going to www.symantec.com they probably have a free removal tool for it

Rat, tried that. They (symantec/Norton) have some info on coolwebsearch, but not the about:blank version. My weekly updated virus scan doesn't catch it either.

Edit: Spybot S&D doesn't see it either.
Shoot.

isn't it more of a spyware problem rather then a virus.
just curious!

warren

From what I read at Panda, the biggest threat is if you respond to the pop-ups it generates. At that point it installs more malware.

It generates pop-ups that say your system has been infected, do you want to do a scan and similar. Some of the pop ups are designed to look like official window messaging.

in that case, go get adaware from www.cnet.com, then go get the free demo from www.pestpatrol.com, between those 2, you should be ok. Let me know:)

Rat, thanks it's worth a try.

thats what I thought it was, I got a few programs from here that seem to work

http://www.coffeecup.com/

just look on the left hand side for syware removal and other programs


hope this helps

warren

I'm willing to try about anything. I just did a google search on about:blank, and there's quite a bit there. It looks like there's some with a money back guarantyfor $29.95USD. Might give one of them a try if the freebies don't work.

As a side bar, I was in Future shop last weekend and was talking to one of their techs. She said they would give removing this horror a try, but would offer no guaranty.

reg key values (http://securityresponse.symantec.com/avcenter/venc/data/adware.coolwebsearch.html)

go there and then delete all the registry keys that it creates or modifys. You guys have no idea how ****ING MAD i get at this type of crap. websites that put this SH!T on peoples computers should have massive amount of malicious viruses sent to them! :mad: :mad: :mad: Kontraband is one of the worst offenders, and they specifically make it so you need to go to their site to look at videos. you cant just download from a link :rolleyes: COOLWEBSEARCH=A$$HOLES!

I have norton internet security on my machine, and it keeps everything out, unless i turn it off and forget to turn it back on :rolleyes:

Im telling you the restore works. it will undo any changes to your computer back to the date you choose. just pick a date you know your computer was ok. if your not sure go back a couple months.

Originally posted by stvhelm
Im telling you the restore works. it will undo any changes to your computer back to the date you choose. just pick a date you know your computer was ok. if your not sure go back a couple months.

yeah, system restore is the BEST way to do it... thats what i ended up doing on mine. hopefully he has a restore point before he got the BS web search.

I'm still fighting this.
I don't have an early enough restore date with out this POS.
I haven't found a free program yet that will deal with this horror.
Last night I did a google on about:blank. AdwareSpy claimed to work on this for only $39.95USD, so I paid my money and guess what? Didn't even touch it. I emailed them this morning from work, and they (AdwareSpy) that they have a patch that does work, and they gave me the download key for it.
I'll report back on if it works tomorrow.
If I catch my wife opening forwards again I'll kill her! (Not really, but I'll be angry).
I have Norton Security to install once I get this fixed.

That sucks Chris. I had it a few months ago, and followed the directions that someone else posted on here. I think it was the panda site that I went to. Worked fine, and haven't seen anything since.

Let us know how you make out....will be really good info for many others I'm sure.

What if you get a different browser? When I have time I want to get rid of my IE anyway, because it reloads the entire same page when I go back no matter how I set it...and wastes time. Now I got a security patch for something MS a while back, and now if I get an email notify it takes away my IE window to another one every time. As I load pages while viewing another, this sucks. Also will go to an open email message when I click on the main email window, not the message window. What a screwed up pos.

I have completely reloaded this machine 5 times or so trying to fix various stuff and network things that don't work, put on the service packs/updates, now I just let it work like the junk it is. My win98 is much faster on the identical machine as the 2K is on, runs everything minus a couple features...why did I bother paying extra for 2K(so I didn't have to get xp)? Sure don't want xp until it is forced upon me. Ones I have used so far are very slow...2.0 cpu and I have to wait for a program to start/window to open??? That sure is a lot of wheel spinning and that is with all the smooth window junk turned off.

I use pest patrol and spybot, plus an antivirus. Also check my processes often for anything strange. When it is right, back up your registry/make start up disks/whatever, if you can't do what Helmut did and backdate. Most of all don't go to those sites, or make a junk computer to surf junk sites that you can easily reload. Can also make sure your java stuff is turned off and all those tweaks to help not load malicious things, text only email, etc. If email, many providers screen your mail for viruses now also.

Maybe some day in our lifetime someone will go after these dirtbags and make malicious software a crime.

dood, somebodys bsing you.. XP is da chit- i'll never go back to worthless buggy blue screenin 98.

I know it has some great features, but I've heard of plenty of problems also plus the phone home stuff. My 2K works good as long as I don't use the stuff that don't work, though the stacked interupts suck so it games poorly...not ambitious enough to do it all again and set them myself. I agree, 98 likes the blue screen. I dual boot it for games yet.

Okay, well that didn't work. I tried the AdwareSpy software and it didn't touch the about:blank. I emailed their support and was told that I needed a "special patch" to get rid of about:blank. They gave me the unlock key for the patch, so i tried it last night.
It worked, however, now my computer keeps saying that this application, or that application won't start because it is missing alt.dll. These are not programs I'm trying to run, these are just spontanious messages. It also sems to be installing something. The first time one of these file missing messages came up, the windows installer came up and asked for my CD creator software disc to be inserted in to the drive. Since this was the first time, I hadn't wised up and put it in, but the install wouldn't go forward because it says another installation is in progress.
I got fed up and restored back to yesterday. Of course, about:blank is back.
I think I'm just going to rebuild it next week.

when did the hompage get hijacked? more than 2 months ago? my system restore lets me go back about 2 months. the button next to the month lets you change the months when you pick a restore date. another thing ive learned about pop ups. never hit the No or close button. right click on the message and select close. half those buttons they want you to press are fake. they really mean " hey your about to get hijacked"

Hey Helmut, I only had about 1 month of restorable dates. The first time I got this thing , one of the steps to get rid of it was to turn off the restore monitor, and I had forgotten to turn it back on. My bad.
Anyway, Microsoft isn't going to give me an OEM disc 'cause this thing was an Office Depot demo, so I have to buy a full install disc, or a cheaper way, if you can believe this, is to buy a new hard drive, load my full version of 98 and then buy an XP upgrade disc.
Prices in $CDN at Future Shop

FullXP=$299

80G Drive=$79
Upgrade XP=$179
Saves about $40 and I get a 40-80G upgrade.

And regarding pop-up buttons: yes, you have to be really careful. I've even had them so when I right clicked, "close" wasn't an option.

Here you can buy a whole computer with XP for not much more than that, that sucks. When I bought this one 3yr ago in parts I had to pay about $40 more to get 2K and not XP. A friend of mine tossed a box of about 20 2K disks in the trash one day, I was hurt though I might never need another one.

I tend to right click on the tray icon and close stuff that way on mine.

Yeah, Staples this week had a Celeron @1.2, 40G, 256M RAM, with CD Rom (no burner), 4 USB's for $499CDN (about $350USD?). Comes with XP Home installed. Basic , but cheap.
Maybe that what I should do. Buy that, put my burner, RAM etc in it.
I have discs for all my other software.