Jump to content

Recommended Posts

Posted

CoolWebSearch is one of the worst Spyware infections. The latest variants use a Hidden DLL that is installed by taking over the file system's data stream and stealthing the DLL file. Some AntiVirus programs will detect and clean it from memory but as soon as your system is rebooted and another Internet connection made, it will reinstall itself.

I am trying to help someone remove this, we have tried CWShredder and a few things but nothing seems to work. Some help would be great! If this is some other place, sorry I looked and could not see. Thanks.


Posted

I am the Firefox Troll, you need Firefox! :yes:

An ounce of prevention is worth more than a pound of cure.

In other words use Firefox and you will never see spyware -including CWS- again!

Posted

I am a Maxthon troll and do not bother with something that I consider inferior, but really, that does not solve the problem. Some constructive help here please!!!

Sorry, forgot to say that I do not have a problem, it is a friend on another forum!

Posted

Hi Farstridder, CWS is really ugly guy :) Did U try CWShredder (new one!!!)?

I know version U R talking about - U must access infected computer from network - it is based on rootkit named Hacker Defender (by some strange accident it is originally from my country).

In winnt U will find two files with same name and different extension - one of them is sys, sorry, I cant remember details...

This rootkit hide some registre key, processes and one running service.

More information can be found here: http://www.megasecurity.org/trojans/h/hack...fender1.00.html

BTW common antispyware products wont help as U might notice - instead use antivirus (CWS is not problem, problem is rootkit). eTrust got this in database, I am sure about it...

P.S.: 2DigeratiPrime: This is not true. Firefox is not resistent against this threat... it is combination of virus/spyware

Posted

Thanks soulin, have tried CWShredder 2.12 December 2004 but does not work. As I said this bloke lives in the States and I live in South Africa and I am trying to help him but I am sure he is a bit of a rookie and will not manage anything that looks remotely complicated. ;)

Posted

Get the latest Ad-aware and Spybot Search and destroy.

Make sure to get the lastest updates within the programs.

Run both those apps and CWS should be gone.

|Drew|

Posted

He has tried all of these as soon as he reboots everything comes back!!

"The latest variants use a Hidden DLL that is installed by taking over the file system's data stream and stealthing the DLL file. Some AntiVirus programs will detect and clean it from memory but as soon as your system is rebooted and another Internet connection made, it will reinstall itself."

This seems to be the problem :}

Posted

Actually I know its not completely true what I said, since spyware can be installed through other means such as P2P and some 'sponsor-ware'. But MOST people get Spyware through some 'weak' browser namely IE, the SIMPLE answer is Firefox.

Good luck with CWS I had to help someone with that once, i cannot remember how that went it was 2 years ago, ugh...

Want the Best of both worlds here is my advice:

1) Get Firefox (you knew that was coming). ;)

2) If user 'resists' try changing the Firefox Theme to Luna so it looks almost identical to IE. :angel

3) Install "IEview" extension in Firefox, so you can use IE when you need to. Set Internet Security to HIGH in Control Panel>Internet Options.

4) Enjoy the Internet as usual, but notice how free you feel since no longer get spyware on your machine and have to run adaware everyday. :thumbup

Posted
But MOST people get Spyware through some 'weak' browser namely IE, the SIMPLE answer is Firefox.

I think the problem that he has is that he already has CWS on his computer and is trying to get rid of it. Simply installing Firefox won't get rid of CWS on his system since it's just a browser and not a cleaner.

Once he's cleaned the computer he might go over to Firefox.

I agree that Maxthon with SpywareBlaster and Spybot S&D's Immunize is good enough to block almost all spyware and is completely compatible with all websites right out of the box, no hassle to get working properly.

Posted
But MOST people get Spyware through some 'weak' browser namely IE, the SIMPLE answer is Firefox.

I think the problem that he has is that he already has CWS on his computer and is trying to get rid of it. Simply installing Firefox won't get rid of CWS on his system since it's just a browser and not a cleaner.

Once he's cleaned the computer he might go over to Firefox.

I agree that Maxthon with SpywareBlaster and Spybot S&D's Immunize is good enough to block almost all spyware and is completely compatible with all websites right out of the box, no hassle to get working properly.

I am glad to see that there are people out there who DO see a different perspective in terms of other folks preferences. I use Maxthon and Webroot Spysweeper and go where I like on the internet and never get infected with not much more than a few cookies!

Posted
I am the Firefox Troll, you need Firefox!  :yes:

An ounce of prevention is worth more than a pound of cure. 

In other words use Firefox and you will never see spyware -including CWS- again!

Firefox phishing vulnerability discovered:

A vulnerability in Firefox could make users of the open source browser more likely to fall for phishing scams. Secunia Research has discovered a vulnerability in Mozilla / Mozilla Firefox, which can be exploited to spoof the source displayed in the Download Dialog box. The problem is that long sub-domains and paths aren't displayed correctly, which therefore can be exploited to obfuscate what is being displayed in the source field of the Download Dialog box.

The vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. Other versions may also be affected. Currently, no solution is available. However, the vendor reports that this vulnerability will be fixed in upcoming versions of the affected products.

Oh dear what a pity.................................... :whistle:

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...