Re: Recommendation to eliminate this...
From: Malke (malke_at_nospoonnotreally.com)
Date: Wed, 29 Sep 2004 10:09:33 -0700
> Hi all. Well, I got zapped by something undesirable. I was doing some
> research yesterday and apparently I must have visited a "bad" website.
> I will try to describe this as best as possible.
> Now everytime I open my ie, I get this tab at the top of the page. It
> starts with a Search text area, then a button, then the following
> tabs: Dell, Online, Coupons, Search and Stores. These change depending
> on which web site I am currently in.
> Also, I now have a new task bar at the botton of the screen. This
> taskbar is not part of ie, rather it looks like it is an independent
> window. This task tab has two rows of icons on the left hand side. The
> first row reads: Make Money, Music, Casino and the second row reads:
> Investing, Travel, Mortgage. The mid section of the task bar contains
> two rows of combo lists an they are labeled (the caption is inside the
> list): Dating, Travel and Careers on the first row and on the second
> row it reads: Credit, Computers and Insurance. Finally, the right hand
> side of the task bar contains yet another search mechanism, with its
> usual text area and button.
> I also noticed that my desktop had new icons. There were Internet
> Connect, Ink Cartridges, Casino, Poker and perhap another one that I
> can't remember.
> I am aware that there are various software applications to deal with
> this, but which one would be recommended for this particular kind of
> pest? Also, is there any way of knowing where I could have caught this
> "virus". I would like to avoid getting it again.
Here are removal steps:
Remove spyware with Spybot Search & Destroy from
www.safer-networking.org and Ad-aware from www.lavasoftusa.com. Be sure
to update these programs before running them. These programs are free,
so run them both since they complement each other. It is best to run
antivirus and spyware removal tools in Safe Mode. You may also want to
run CWShredder and HijackThis from http://aumha.org/freeware.htm.
Although CWShredder is no longer being updated, it will still clean
older variants of the CoolWebSearch malware. A combination of
HijackThis and About:Buster (http://www.majorgeeks.com) works well in
removing homepage hijackers. Please read the instructions carefully.
Make sure you are able to see all hidden files and extensions (View tab
in Folder Options). Also, make sure you've visited Windows Update and
applied all security patches. Do not install driver updates from
Windows Update. Make sure you are running a firewall and have a current
version (not earlier than 2003) antivirus installed using updated
Here are some links to sites with great information about spyware:
http://forum.aumha.org/ - look under "Security" for various forums
-- MS MVP - Windows Shell/User Elephant Boy Computers www.elephantboycomputers.com "Don't Panic!"