Re: http://images.only-virgins.com/cgi-bin/warning.cgi
From: Mike Burgess (winhelp2002_at_spamthis.com)
Date: 12/26/03
- Previous message: Mike Burgess: "Re: Getting rid of popups"
- In reply to: George Hester: "Re: http://images.only-virgins.com/cgi-bin/warning.cgi"
- Next in thread: George Hester: "Re: http://images.only-virgins.com/cgi-bin/warning.cgi"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Dec 2003 04:41:08 -0500
George,
If you are going to use a HOSTS file, you need to include at
least the whole section that includes the (coolwebsearch) major affiliates.
http://www.mvps.org/winhelp2002/hosts.htm
You could use the reg file I have for the Restricted Zone.
http://www.mvps.org/winhelp2002/restricted.htm
Did you try the Qwik-Fix?
http://www.qwik-fix.net/
>"I cannot even find the jar in TIF that is causing it when it happens
anymore."
They use that and a modified ".class" file ...
____________________________________________________________
Mike Burgess [MVP Windows Shell\User] http://www.mvps.org/winhelp2002/
Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file
http://www.mvps.org/winhelp2002/hosts.htm [updated 12-19-03]
Please post replies to this Newsgroup, email address is invalid
-- "George Hester" <hesterloli@hotmail.com> wrote in message news:eJoLGobyDHA.2148@TK2MSFTNGP12.phx.gbl... Hello Mike: The issue of coolweb taking my homepage and adding crap to favorites. Same story as before. It doesn't matter what I do to stop it except for one thing. And that is don't browse the Net. I keep running into it. Scripting off, Java disabled, all ActiveX disabled, Sun JVM enabled, 127.0.0.1 coolwebsearch.biz 127.0.0.1 coolwebsearch.com 127.0.0.1 coolwebsearch.info 127.0.0.1 www.coolwebsearch.com in hosts, 4 spyware catchers; HijackThis, Ad-Aware, BHODemon and SpyBot Search and Destroy. Each of these can clean it out but it does return upon browsing the Net. PestPatrol will even find coolweb stuff after these four have done their duty. But I don't like PestPatrol. My last option right now is to surf with Ad-watch 3 enabled. That I do not know whether it will work or not. I'm hoping. This issue did not occur with IE 6 but it is occurring without bound in IE 5.5 SP2. I cannot even find the jar in TIF that is causing it when it happens anymore. -- George Hester __________________________________ "Mike Burgess" <winhelp2002@spamthis.com> wrote in message news:#HqJE3ayDHA.2360@TK2MSFTNGP10.phx.gbl... > George, > >" I am as patched as I can be and the issue still occurs." > What still occurs? Coolwebsearch uses several exploits to > install themselves, these exploits have since been patched. > [more info] > http://www.merijn.org/cwschronicles.html#byteverify > > Also most major AV apps are now aware of this trojan and > the exploits used, so your AV should alert you to this. > > Until MS comes out with another patch (their working on it) > I would recommend using Qwik-Fix which provides another > layer of essential security by closing off the pathways that > worms and viruses use to penetrate your PC. > http://www.qwik-fix.net/ > ____________________________________________________________ > Mike Burgess [MVP Windows Shell\User] http://www.mvps.org/winhelp2002/ > Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file > http://www.mvps.org/winhelp2002/hosts.htm [updated 12-19-03] > Please post replies to this Newsgroup, email address is invalid > -- > > "George Hester" <hesterloli@hotmail.com> wrote in message > news:OagFhdYyDHA.1524@TK2MSFTNGP10.phx.gbl... > I don't think so Mike. I am as patched as I can be and the issue still > occurs. If I had any more patches I could be mistaken for an Egyptian > mummy. There is NOTHING more available at the Windows update site. > > -- > George Hester > __________________________________ > "Mike Burgess" <winhelp2002@spamthis.com> wrote in message > news:O2M#pr7xDHA.1764@TK2MSFTNGP10.phx.gbl... > > Dom, > > How to remove Coolwebsearch and affiliates > > http://mvps.org/winhelp2002/unwanted.htm#Coolwebsearch > > > > Note: this type hijack indicates an unpatched machine, that is lacking > > in "Defense". Please visit Windows Update to avoid these exploits. > > ____________________________________________________________ > > Mike Burgess [MVP Windows Shell\User] http://www.mvps.org/winhelp2002/ > > Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file > > http://www.mvps.org/winhelp2002/hosts.htm [updated 12-19-03] > > Please post replies to this Newsgroup, email address is invalid > > -- > > > > "Dom" <anonymous@discussions.microsoft.com> wrote in message > > news:10ea01c3c70e$32834880$a301280a@phx.gbl... > > > Help. The subject item ( CoolWeb Search) is driving me > > > crazy. I have tried everything to remove it from IE > > > BRowser set up : All the more popular Spyware removers, > > > manually deleting, going to the Microsoft website and > > > down loading the particular patch for this. STILL it comes > > > back . How do I really get rid of this monster. > > > Thanks. > > > > > >
- Previous message: Mike Burgess: "Re: Getting rid of popups"
- In reply to: George Hester: "Re: http://images.only-virgins.com/cgi-bin/warning.cgi"
- Next in thread: George Hester: "Re: http://images.only-virgins.com/cgi-bin/warning.cgi"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
