RE: [Full-Disclosure] Cool Web Search
From: Todd Towles (toddtowles_at_brookshires.com)
Date: 07/30/04
- Previous message: dmargoli_at_stwing.org: "Re: [Full-Disclosure] Re: Automated SSH login attempts?"
- In reply to: Richard Golodner: "RE: [Full-Disclosure] Cool Web Search"
- Next in thread: KF (lists): "Re: [Full-Disclosure] Cool Web Search"
- Reply: KF (lists): "Re: [Full-Disclosure] Cool Web Search"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Richard Golodner'" <RGolodner@Aetea.com>, "'Gregh'" <chows@ozemail.com.au>, "'Disclosure Full'" <full-disclosure@lists.netsys.com> Date: Thu, 29 Jul 2004 19:39:02 -0500
The creator of CWShredder claims the newest versions of CWS are very
stealthy and I believe he as stopped updating the program. Therefore
CWShredder isn't the best for the newest. But as far as I understood things
(from other mailing list and forum post), HiJackThis wasn't removing them
100% either.
Todd
-----Original Message-----
From: full-disclosure-admin@lists.netsys.com
[mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Richard
Golodner
Sent: Thursday, July 29, 2004 5:51 PM
To: 'Gregh'; Disclosure Full
Subject: RE: [Full-Disclosure] Cool Web Search
Try CWShredder too!
-----Original Message-----
From: Gregh [mailto:chows@ozemail.com.au]
Sent: Thursday, July 29, 2004 5:46 PM
To: Disclosure Full
Subject: [Full-Disclosure] Cool Web Search
JFYI of anyone interested:
On Nanog a short time back, most of the list there decided that CWS couldn't
easily be removed. I first stumbled across it maybe around the start of July
and have had many instances of it, since, in many places.
Adaware does bugger-all to remove it. Spybot recognised it, got rid of it
and upon reboot it was back. It was never quite clear from a simple
inspection, what was putting it back.
When I first found it, I had also found "HiJackThis" and ran it. That prog
brought up the proper registry entries to enable me to correctly identify
CWS, remove the entries and delete files. It took some time the first time I
saw it but it takes about 10 mins (if that) to get rid of it, now. Nanog
disagreed and said it wasn't that easy. It simply WAS that easy. I just
happened to experience "dumb luck" and be one of the first (if not the
first) to easily get rid of it through HiJackThis.
So, for those of you who don't think Nanog is full of "Gods of Correctness",
if you are having probs with removal of CWS, get HiJackThis, let it scan and
then you will see, sticking out like a wart on your......nose :)........ the
entries you need to delete in order to properly rid that machine of CWS. It
wasn't hard using that prog.
Greg.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: dmargoli_at_stwing.org: "Re: [Full-Disclosure] Re: Automated SSH login attempts?"
- In reply to: Richard Golodner: "RE: [Full-Disclosure] Cool Web Search"
- Next in thread: KF (lists): "Re: [Full-Disclosure] Cool Web Search"
- Reply: KF (lists): "Re: [Full-Disclosure] Cool Web Search"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
