RE: Spyware becomes increasingly malicious

Sean Donelan wrote:
Spyware isn't the best term for what is happening, but it
is quickly exceeding (or contributing) to all the other
problems associated with the online (not just Internet) world.

Indeed. Lately, I have not been able to clean a very annoying piece of
crud named "CoolWebSearch". Spybot will not always detect and never
remove; Ad-aware will likely detect but not remove either. None of the
other crapware removers I have tried could clean the machine either.

I have instructed helpdesk not to waste any time with it and
systematically re-image the infected PC :frowning:
Fortunately, re-imaging a PC is now a matter of minutes.


Try Bazooka spyware detector from <>. This
detected for me a bunch of malware neither Spybot nor Adaware caught.

Jeffrey Race

You're can be a sob to remove. CWShredder has worked well for me.


Try booting into safe mode before running software to detect or remove
spyware; some of them fight to survive if they are running, dunno if it is
the case with CoolWebSearch.


Date: Mon, 12 Jul 2004 01:43:50 -0300
From: Rubens Kuhl Jr.

Try booting into safe mode before running software to detect
or remove spyware; some of them fight to survive if they are

Also use msconfig to disable non-critical extras. Some of us
have manually ripped out ActiveX controls and BHOs care of
regedit... but, alas, malware often has made enough registry and
other system changes that the system is left unstable or

CVs archives of { { system file MD5/SHA1 hashes } and { registry
dumps } }, anyone?


coolwebsearch has become more and more bad that development of cws shredder has been abandoned by its developer....Either serious lock down you ie(which with CWS is not going to help) or use something other than ie.

Edward B. Dreger wrote:

Are you honestly serious? I came up against it for the first time only about
3 days ago and I got rid of it in 10 minutes! I can see how it would be a
problem for a newbie but it shouldn't be anything more than 10 minutes work
for anyone here with Windows experience.


crud named "CoolWebSearch".

Look I am not attempting to be flippant but do yourself a favour and
download HiJackThis and check out the registry entries that show up. It is
quite obvious how to remove it the moment you do that. As I said in my last
letter, it is all of 10 minutes' work if that. I cant even remember what the
damned registry entries were, now but it all comes in via SmilyeyCentral
(possibly other progs) so anyone annoyed by CoolWebSearch has to block
installation of that program.

"Jun 28 2004 7:38AM

US CERT (the US Computer Emergency Readiness Team), is advising people to
ditch Internet Explorer and use a different browser after the latest
security vulnerability in the software was exposed",1759,1622344,00.asp
"July 12, 2004

In the wake of last week's revelation of a security hole in Mozilla that
allows the execution of arbitrary programs on the client system a
philosophical debate has emerged: Is this a bug in Mozilla or a bug in