• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

"CoolWebSearch" is Evil...

melon

MS-DOS 2.0
Political User
#1
Yes, I would say that this adware/spyware is certifiably evil. It mutates faster than the spyware removal programs can keep up with, and, even then, it does a hell of a job of thwarting them.

In case any of you happen to run into this, here's a good removal guide:

http://www.msd2d.com/newsletter_tip.aspx?id=f05ca724-a6d1-4725-ada5-04667ae8d5fe&section=Server

Even then, this guide isn't perfect. My CWS variant had mutated into something else, mimicking "winlogon.exe" in a different "inet*" folder. The manual removal process, though, works, if you can figure it out.

This is what I get for using my brother's computer for a few days. I end up spending a day installing all the Windows Updates (including SP2), updating all the antivirus software, and installing anti-spyware programs. I wish I had a laptop!

Melon
 

melon

MS-DOS 2.0
Political User
#3
Well, it was my brother's computer, not mine. He left his system completely unpatched for months, and who knows what kind of sites he visited!

My own PC, thankfully, has been spyware/virus free for a very long time.

Melon
 
#4
That's too bad. :ermm:
Thanks for posting the link to the removal guide. Might come in handy for anyone else who faces a similar problem.

(I agree with your comment about the death penalty for malware creators, by the way :p)
 

j79zlr

Glaanies script monkey
Political User
#5
CWShredder will kill most CWS infections, but some need to be done manually like the infection here: http://castlecops.com/postp418784.html

The main thing to do to avoid CWS infections is to use Sun's Java which doesn't have the JAva Byte Verify exploit that CWS uses to infect. It has been known to infect a fully updated MSJVM.

Of course not using IE is the best defense against spyware.
 

Kr0m

Moderator
#6
Yeah, I've had to clean a few machines for some 'n00b' friends of this thing. I ended up just hosing the drives since all 3 people had their PCs so full of virii and spyware that I figure'd it'd be easier in the long run.
[rant]people just don't learn, 2/3 are repeat 'customers' and refuse to listen to anything I advise them, ie: simple as keeping their AV up-to-date). Ah well, more money for me! The first cleaning I'll do as a favor/free but after that it's $ time.[/rant]
 

VenomXt

Blame me for the RAZR's
#7
all i do is clean comp sometimes. **** i come over to a friends house to watch a movie and somehow i end up fixing crap lol. i needto figure out how to charge money.
 

Kr0m

Moderator
#8
Hmm, those smileys in the ad at the time of writing this sure are tempting... ugh, must resist.... oh wait, mywebsearch stuff, isn't that spyware? even though in it's TOS it claims it isn't? or is this just some technical bs...
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,014
Latest member
sanoravies