Home | Community | Message Board


Mycohaus
Please support our sponsors.

General Interest >> Science and Technology

Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Jump to first unread post. Pages: 1
Invisibleblink
eye of horus
 User Gallery

Folding@home Statistics
Registered: 03/31/02
Posts: 11,345
Loc: Geographic Location (Stat...
CoolWebSearch (CWS)
    #2852855 - 07/03/04 01:29 AM (13 years, 9 months ago)

Has anybody ever had to deal with this?

I have a varient known as about:blank because it hijacks that specific address (replaces the local copy) and redirects it to a "search engine" of it's choice.

Not only that but it takes over svchost.exe and spawns itself repeatedly.  NOTHING gets rid of it short of a reinstall (I've used all the tools readily availible like adaware and cleansweep and the like, as well as manual removal) :mad2: :mad2: :mad2: :mad2: :mad2:

:badcomputer:

Any recommendations? (no, *ix isn't an option for this box :tongue:)


Post Extras: Print Post  Remind Me! Notify Moderator
Invisiblemicro
bunbun has a gungun
Male User Gallery

Registered: 05/09/03
Posts: 7,532
Loc: Brick City Flag
Re: CoolWebSearch (CWS) [Re: blink]
    #2852937 - 07/03/04 02:16 AM (13 years, 9 months ago)

Did you try this yet:

http://www.majorgeeks.com/download4086.html

--
Micro


--------------------
Any research paper or book for free
(Avatar is Maxxy, a character by Mizzyam, RIP)


Post Extras: Print Post  Remind Me! Notify Moderator
Invisiblenewuser1492
Registered: 06/12/03
Posts: 3,104
Re: CoolWebSearch (CWS) [Re: blink]
    #2853579 - 07/03/04 10:38 AM (13 years, 9 months ago)

Download CWShredder. It's designed specifically to delete cool web.

http://www.spywareinfo.com/~merijn/downloads.html

If that doesn't work get Adaware and Spybot Search and Destroy.

If that doesn't work get HiJackThis! from the CWShredder download site and manualy remove everything you know shouldn't be running.


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineCptnGarden
fuck this site
Registered: 05/13/04
Posts: 11,945
Last seen: 9 years, 1 day
Re: CoolWebSearch (CWS) [Re: blink]
    #2853721 - 07/03/04 12:38 PM (13 years, 9 months ago)

yeah shredder is great i use it. gets rid of alot more than just CWS usualy.


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleVvellum
Stranger

Registered: 05/24/04
Posts: 10,920
Re: CoolWebSearch (CWS) [Re: CptnGarden]
    #2854591 - 07/03/04 07:22 PM (13 years, 9 months ago)

everyone needs to uninstall MS Java Virtual Machine to prevent CWS: http://www.winnetmag.com/Article/ArticleID/38206/38206.html

Quote:



A. You might want to remove the Microsoft JVM, which Microsoft no longer supports, in favor of the more recent Sun Microsystems JVM. To remove the Microsoft JVM, perform the following steps:

1. From the Start menu, select Run.
2. Enter the command

RunDll32 advpack.dll,LaunchINFSection java.inf,UnInstall

to start the uninstall process
3. Click Yes to the confirmation, then select Reboot.
4. After the machine restarts, delete the following items:
* the \%systemroot%\java folder
* java.pnf from the \%systemroot%\inf folder
* jview.exe and wjview.exe from the \%systemroot%\system32 folder
* The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Java VM registry subkey
* The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\JAVA_VM registry subkey (to remove the Microsoft Internet Explorer (IE) options)

Microsoft Java is now removed. You can download Sun's newer JVM for Windows at http://java.sun.com/getjava/index.html.




Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleLe_Canard
The Duk Abides

Registered: 05/17/03
Posts: 94,392
Loc: Earthfarm 1 Flag
Re: CoolWebSearch (CWS) [Re: Vvellum]
    #2854740 - 07/03/04 08:57 PM (13 years, 9 months ago)

It sounds like a real nasty piece of work. :eek: Thanks for making me aware of it! :laugh: And thanks, Bio, for the valuable info. I was wondering how to get rid of the POS MS java VM for a while now..


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinethe man
still tappin caps

Registered: 08/13/99
Posts: 4,533
Loc: C A N A D A
Last seen: 9 days, 6 hours
Re: CoolWebSearch (CWS) [Re: Le_Canard]
    #2855587 - 07/04/04 06:13 AM (13 years, 9 months ago)

i have that bs too.


--------------------
http://www.fsrc.caand FSRE are now accepting edible/medicinal spores. please donate

And Moses Said "Let my mushrooms grow!"


Post Extras: Print Post  Remind Me! Notify Moderator
Offlineekomstop
Male User Gallery

Registered: 03/31/01
Posts: 1,880
Loc: Canada Flag
Last seen: 7 years, 3 months
Re: CoolWebSearch (CWS) [Re: blink]
    #2857099 - 07/04/04 10:55 PM (13 years, 9 months ago)

My browser was hijacked by this piece of shit too..it didnt seem to cause too much of a problem but I really hated the fact that it was just put there without my consent. probably made way too much of an effort trying to get rid of it..ended up just saying fuck it, backed up some stuff and formated..


Post Extras: Print Post  Remind Me! Notify Moderator
Offlineaje
Why not?
Male User Gallery

Folding@home Statistics
Registered: 10/11/03
Posts: 16,392
Loc: in some small dive
Last seen: 17 days, 8 hours
Re: CoolWebSearch (CWS) [Re: Vvellum]
    #2859770 - 07/05/04 10:26 PM (13 years, 9 months ago)

Does/Can this affect all browsers?

For example, does this pose a threat to firefox users?


--------------------



Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleShroomismM
Space Travellin
Male User Gallery
Folding@home Statistics
Registered: 02/13/00
Posts: 65,636
Loc: 9th Dimension Flag
Re: CoolWebSearch (CWS) [Re: aje]
    #2860099 - 07/06/04 12:20 AM (13 years, 9 months ago)

I don't think it effects firefox or opera users :grin:
only seen it on IE broswers


--------------------


Post Extras: Print Post  Remind Me! Notify Moderator
Offlineaje
Why not?
Male User Gallery

Folding@home Statistics
Registered: 10/11/03
Posts: 16,392
Loc: in some small dive
Last seen: 17 days, 8 hours
Re: CoolWebSearch (CWS) [Re: Shroomism]
    #2860154 - 07/06/04 12:48 AM (13 years, 9 months ago)

I'm still trying to figure out if this is a browser jacker. 

:shrug:


--------------------



Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleVvellum
Stranger

Registered: 05/24/04
Posts: 10,920
Re: CoolWebSearch (CWS) [Re: aje]
    #2860913 - 07/06/04 09:50 AM (13 years, 9 months ago)

CWS exploits a vulnerability in MS Java VM - so its not necessarily a browser exploit. To be safe, uninstall MS Java VM ASAP.

http://www.theregister.co.uk/2004/06/29/cws_shredder/


Post Extras: Print Post  Remind Me! Notify Moderator
Jump to top. Pages: 1

General Interest >> Science and Technology

Similar ThreadsPosterViewsRepliesLast post
* Microsoft's Really Hidden Files. LanaM 7,294 18 07/11/02 04:14 PM
by Lana
* Microsoft - your opinions please?
( 1 2 3 all )
AsanteA 3,215 56 01/03/09 05:22 PM
by magicbastard
* Does Microsoft have a case here? (Open Source "patent" violations) Boom 1,392 10 05/16/07 05:57 AM
by Seuss
* Microsoft May Sue Red Hat Linux DiploidM 1,915 8 11/20/06 09:26 PM
by Catalysis
* Microsoft and Linux - SCO all over again Vvellum 1,056 3 11/20/06 03:37 PM
by Diploid
* "When Microsoft lovers bash Microsoft..." Vvellum 706 2 04/26/06 06:12 AM
by Seuss
* Microsoft Encourages Spyware Officially Huehuecoyotl 715 5 07/09/05 09:17 PM
by moog
* New Windows Virus Run Rampant - 8 Million Infections In Four Days
( 1 2 all )
DiploidM 3,164 25 02/16/09 10:53 AM
by makaveli8x8

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: Lana, trendal, automan
949 topic views. 0 members, 0 guests and 2 web crawlers are browsing this forum.
[ Toggle Favorite | Print Topic | Stats ]
Search this thread:
Myco Supply
Please support our sponsors.

Copyright 1997-2018 Mind Media. Some rights reserved.

Generated in 0.038 seconds spending 0.009 seconds on 19 queries.