"CoolWebSearch" is Evil...

melon

melon

MS-DOS 2.0
Political Access
Joined
13 Feb 2002
Messages
854
Yes, I would say that this adware/spyware is certifiably evil. It mutates faster than the spyware removal programs can keep up with, and, even then, it does a hell of a job of thwarting them.

In case any of you happen to run into this, here's a good removal guide:

http://www.msd2d.com/newsletter_tip.aspx?id=f05ca724-a6d1-4725-ada5-04667ae8d5fe&section=Server

Even then, this guide isn't perfect. My CWS variant had mutated into something else, mimicking "winlogon.exe" in a different "inet*" folder. The manual removal process, though, works, if you can figure it out.

This is what I get for using my brother's computer for a few days. I end up spending a day installing all the Windows Updates (including SP2), updating all the antivirus software, and installing anti-spyware programs. I wish I had a laptop!

Melon
 
Well, it was my brother's computer, not mine. He left his system completely unpatched for months, and who knows what kind of sites he visited!

My own PC, thankfully, has been spyware/virus free for a very long time.

Melon
 
That's too bad. :ermm:
Thanks for posting the link to the removal guide. Might come in handy for anyone else who faces a similar problem.

(I agree with your comment about the death penalty for malware creators, by the way :p)
 
CWShredder will kill most CWS infections, but some need to be done manually like the infection here: http://castlecops.com/postp418784.html

The main thing to do to avoid CWS infections is to use Sun's Java which doesn't have the JAva Byte Verify exploit that CWS uses to infect. It has been known to infect a fully updated MSJVM.

Of course not using IE is the best defense against spyware.
 
Yeah, I've had to clean a few machines for some 'n00b' friends of this thing. I ended up just hosing the drives since all 3 people had their PCs so full of virii and spyware that I figure'd it'd be easier in the long run.
[rant]people just don't learn, 2/3 are repeat 'customers' and refuse to listen to anything I advise them, ie: simple as keeping their AV up-to-date). Ah well, more money for me! The first cleaning I'll do as a favor/free but after that it's $ time.[/rant]
 
all i do is clean comp sometimes. **** i come over to a friends house to watch a movie and somehow i end up fixing crap lol. i needto figure out how to charge money.
 
Hmm, those smileys in the ad at the time of writing this sure are tempting... ugh, must resist.... oh wait, mywebsearch stuff, isn't that spyware? even though in it's TOS it claims it isn't? or is this just some technical bs...
 
You must log in or register to reply here.

Members online

No members online now.
Total: 415 (members: 0, guests: 415)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back