RE: [Full-Disclosure] Cool Web Search

From: Richard Golodner (RGolodner_at_Aetea.com)
Date: 07/30/04

  • Next message: Ali Campbell: "Re: [Full-Disclosure] Automated SSH login attempts?" 
    To: "'Gregh'" <chows@ozemail.com.au>, Disclosure Full <full-disclosure@lists.netsys.com>
Date: Thu, 29 Jul 2004 18:51:13 -0400

    Try CWShredder too!

    -----Original Message-----
    From: Gregh [mailto:chows@ozemail.com.au]
    Sent: Thursday, July 29, 2004 5:46 PM
    To: Disclosure Full
    Subject: [Full-Disclosure] Cool Web Search

    JFYI of anyone interested:

    On Nanog a short time back, most of the list there decided that CWS couldn't
    easily be removed. I first stumbled across it maybe around the start of July
    and have had many instances of it, since, in many places.

    Adaware does bugger-all to remove it. Spybot recognised it, got rid of it
    and upon reboot it was back. It was never quite clear from a simple
    inspection, what was putting it back.

    When I first found it, I had also found "HiJackThis" and ran it. That prog
    brought up the proper registry entries to enable me to correctly identify
    CWS, remove the entries and delete files. It took some time the first time I
    saw it but it takes about 10 mins (if that) to get rid of it, now. Nanog
    disagreed and said it wasn't that easy. It simply WAS that easy. I just
    happened to experience "dumb luck" and be one of the first (if not the
    first) to easily get rid of it through HiJackThis.

    So, for those of you who don't think Nanog is full of "Gods of Correctness",
    if you are having probs with removal of CWS, get HiJackThis, let it scan and
    then you will see, sticking out like a wart on your......nose :)........ the
    entries you need to delete in order to properly rid that machine of CWS. It
    wasn't hard using that prog.

    Greg.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Ali Campbell: "Re: [Full-Disclosure] Automated SSH login attempts?"

    Relevant Pages

    • [Full-Disclosure] Cool Web Search
      ... On Nanog a short time back, most of the list there decided that CWS couldn't ... CWS, remove the entries and delete files. ... saw it but it takes about 10 mins to get rid of it, ...
      (Full-Disclosure)
    • Re: [Full-Disclosure] Cool Web Search
      ... >CWShredder isn't the best for the newest. ... >CWS, remove the entries and delete files. ... >first) to easily get rid of it through HiJackThis. ...
      (Full-Disclosure)
    • about:blank
      ... >Adware and Spyware got rid of everything except for Cool ... >Web Search, which keeps coming back onto my ... >The only web page that shows up is the stupid CWS page, ... >cannot be displayed error" or CWS will change the ...
      (microsoft.public.windows.inetexplorer.ie6.browser)
    • about:blank
      ... but the pages on IE6 still will not display. ... Adware and Spyware got rid of everything except for Cool ... Web Search, which keeps coming back onto my ... The only web page that shows up is the stupid CWS page, ...
      (microsoft.public.windows.inetexplorer.ie6.browser)