IE's about:blank Hijack continued

I did a little more digging and discovered I hadn't run Ad-Aware 1.05 with the latest updates. After doing so (it found close to 100 "critical" entries) it seemed to do the trick and about:blank was truly that. I also discovered that it was probable CoolWebSearch was the culprit in this.

I also learned that for SBC's DSL (in CA) and XP, you don't need their DSL Connection Manager. Instead, I simply used XP's DSL connection, created a shortcut from My Network Connections to the Desktop and it connects faster and gives the user better control to connect and disconnect as needed. Also, the icon changes when the computer is online versus offline.

Finally, I ran into a program called systray.exe in the Process tab, located in Task Manager. Check this out: when I closed the process, it created four more processes! I found it's location in the Windows\System32 folder. After renaming and rebooting I did another search and found my renamed version and a new copy of systray.exe. That's when I pulled out HijackThis 1.99. This was my first experience using it and quickly was able to determine what's supposed to be in the list and what isn't. We removed the suspicious items, rebooted, and systray.exe was no longer a process. It's my suspicion that a corrupt dll was the issue here.

It looks like my final challenge will be to figure out after doing a Google search for something, why a svchost.exe is utilizing 95+% of the CPU for up to 30 seconds before relinquishing control back to me.

New Browser Hijack

I work for a company who consults to homes and small businesses for computer and network repair. Last night I was visiting a client who had a new type of Home Page hijack: This one took the about: blank and actually attached a website to it. The website is not listed in the Address Bar and Viewing Source does not provide too many clues either. No virus present and Spybot couldn't detect it either. This will take a little digging.