Home | Community | Message Board


Out-Grow.com - Mushroom Growing Kits & Supplies
Please support our sponsors.

General Interest >> Science and Technology

Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Jump to first unread post. Pages: 1
Invisibleblink
eye of horus
 User Gallery

Folding@home Statistics
Registered: 03/31/02
Posts: 11,343
Loc: Geographic Location (Stat...
CoolWebSearch (CWS)
    #2852855 - 07/03/04 01:29 AM (12 years, 5 months ago)

Has anybody ever had to deal with this?

I have a varient known as about:blank because it hijacks that specific address (replaces the local copy) and redirects it to a "search engine" of it's choice.

Not only that but it takes over svchost.exe and spawns itself repeatedly.  NOTHING gets rid of it short of a reinstall (I've used all the tools readily availible like adaware and cleansweep and the like, as well as manual removal) :mad2: :mad2: :mad2: :mad2: :mad2:

:badcomputer:

Any recommendations? (no, *ix isn't an option for this box :tongue:)


Post Extras: Print Post  Remind Me! Notify Moderator
Invisiblemicro
bunbun has a gungun
Male User Gallery

Registered: 05/09/03
Posts: 7,532
Loc: Brick City Flag
Re: CoolWebSearch (CWS) [Re: blink]
    #2852937 - 07/03/04 02:16 AM (12 years, 5 months ago)

Did you try this yet:

http://www.majorgeeks.com/download4086.html

--
Micro


--------------------
Any research paper or book for free
(Avatar is Maxxy, a character by Mizzyam, RIP)


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinecb9fl
Senior ChildMolestationExpert
Registered: 06/12/03
Posts: 3,104
Loc: florida
Last seen: 7 years, 3 months
Re: CoolWebSearch (CWS) [Re: blink]
    #2853579 - 07/03/04 10:38 AM (12 years, 5 months ago)

Download CWShredder. It's designed specifically to delete cool web.

http://www.spywareinfo.com/~merijn/downloads.html

If that doesn't work get Adaware and Spybot Search and Destroy.

If that doesn't work get HiJackThis! from the CWShredder download site and manualy remove everything you know shouldn't be running.


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineCptnGarden
fuck this site
Registered: 05/13/04
Posts: 11,945
Last seen: 7 years, 7 months
Re: CoolWebSearch (CWS) [Re: blink]
    #2853721 - 07/03/04 12:38 PM (12 years, 5 months ago)

yeah shredder is great i use it. gets rid of alot more than just CWS usualy.


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleVvellum
Stranger

Registered: 05/24/04
Posts: 10,920
Re: CoolWebSearch (CWS) [Re: CptnGarden]
    #2854591 - 07/03/04 07:22 PM (12 years, 5 months ago)

everyone needs to uninstall MS Java Virtual Machine to prevent CWS: http://www.winnetmag.com/Article/ArticleID/38206/38206.html

Quote:



A. You might want to remove the Microsoft JVM, which Microsoft no longer supports, in favor of the more recent Sun Microsystems JVM. To remove the Microsoft JVM, perform the following steps:

1. From the Start menu, select Run.
2. Enter the command

RunDll32 advpack.dll,LaunchINFSection java.inf,UnInstall

to start the uninstall process
3. Click Yes to the confirmation, then select Reboot.
4. After the machine restarts, delete the following items:
* the \%systemroot%\java folder
* java.pnf from the \%systemroot%\inf folder
* jview.exe and wjview.exe from the \%systemroot%\system32 folder
* The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Java VM registry subkey
* The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\JAVA_VM registry subkey (to remove the Microsoft Internet Explorer (IE) options)

Microsoft Java is now removed. You can download Sun's newer JVM for Windows at http://java.sun.com/getjava/index.html.




Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleLe_Canard
Danger Man
 User Gallery

Registered: 05/17/03
Posts: 93,258
Loc: Earthfarm 1 Flag
Re: CoolWebSearch (CWS) [Re: Vvellum]
    #2854740 - 07/03/04 08:57 PM (12 years, 5 months ago)

It sounds like a real nasty piece of work. :eek: Thanks for making me aware of it! :laugh: And thanks, Bio, for the valuable info. I was wondering how to get rid of the POS MS java VM for a while now..


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinethe man
still tappin caps

Registered: 08/13/99
Posts: 4,530
Loc: C A N A D A
Last seen: 2 years, 9 months
Re: CoolWebSearch (CWS) [Re: Le_Canard]
    #2855587 - 07/04/04 06:13 AM (12 years, 4 months ago)

i have that bs too.


--------------------
http://www.fsrc.caand FSRE are now accepting edible/medicinal spores. please donate

And Moses Said "Let my mushrooms grow!"


Post Extras: Print Post  Remind Me! Notify Moderator
Offlineekomstop
Male User Gallery

Registered: 03/31/01
Posts: 1,880
Loc: Canada Flag
Last seen: 5 years, 10 months
Re: CoolWebSearch (CWS) [Re: blink]
    #2857099 - 07/04/04 10:55 PM (12 years, 4 months ago)

My browser was hijacked by this piece of shit too..it didnt seem to cause too much of a problem but I really hated the fact that it was just put there without my consent. probably made way too much of an effort trying to get rid of it..ended up just saying fuck it, backed up some stuff and formated..


Post Extras: Print Post  Remind Me! Notify Moderator
Offlineaje
Why not?
Male User Gallery

Folding@home Statistics
Registered: 10/11/03
Posts: 16,390
Loc: in some small dive
Last seen: 4 months, 3 days
Re: CoolWebSearch (CWS) [Re: Vvellum]
    #2859770 - 07/05/04 10:26 PM (12 years, 4 months ago)

Does/Can this affect all browsers?

For example, does this pose a threat to firefox users?


--------------------



Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleShroomismM
Space Travellin
Male User Gallery
Folding@home Statistics
Registered: 02/13/00
Posts: 64,424
Loc: 9th Dimension Flag
Re: CoolWebSearch (CWS) [Re: aje]
    #2860099 - 07/06/04 12:20 AM (12 years, 4 months ago)

I don't think it effects firefox or opera users :grin:
only seen it on IE broswers


Post Extras: Print Post  Remind Me! Notify Moderator
Offlineaje
Why not?
Male User Gallery

Folding@home Statistics
Registered: 10/11/03
Posts: 16,390
Loc: in some small dive
Last seen: 4 months, 3 days
Re: CoolWebSearch (CWS) [Re: Shroomism]
    #2860154 - 07/06/04 12:48 AM (12 years, 4 months ago)

I'm still trying to figure out if this is a browser jacker. 

:shrug:


--------------------



Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleVvellum
Stranger

Registered: 05/24/04
Posts: 10,920
Re: CoolWebSearch (CWS) [Re: aje]
    #2860913 - 07/06/04 09:50 AM (12 years, 4 months ago)

CWS exploits a vulnerability in MS Java VM - so its not necessarily a browser exploit. To be safe, uninstall MS Java VM ASAP.

http://www.theregister.co.uk/2004/06/29/cws_shredder/


Post Extras: Print Post  Remind Me! Notify Moderator
Jump to top. Pages: 1

General Interest >> Science and Technology

Similar ThreadsPosterViewsRepliesLast post
* killing a particular piece of spyware BrAiN 2,274 19 02/06/05 09:22 PM
by BrAiN
* Got spyware? popups? hidden files? annoying programs?
ShroomismM
1,982 9 04/13/04 06:39 PM
by SkorpivoMusterion
* cool web search NewfoundFreedom 1,022 18 09/21/04 01:14 AM
by ChingChong
* C++ compiler that does not require any service packs? Psy Baba 906 10 05/06/07 09:55 AM
by Jaxx
* its time to put norton to sleep yousuck 945 18 12/24/05 04:05 PM
by Mobius_Strip
* all my url links are hijacked by a search engine psilocyben 734 5 06/29/05 07:13 PM
by CptnGarden
* Annoying Windows XP pop-up thing
RandalFlagg
1,047 16 02/06/06 09:02 PM
by Vvellum
* Here's a teaser for you Internet geeks. Innvertigo 740 18 07/13/04 11:08 AM
by mntlfngrs

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: Lana, trendal, Diploid, automan
930 topic views. 0 members, 0 guests and 0 web crawlers are browsing this forum.
[ Toggle Favorite | Print Topic | Stats ]
Search this thread:
Crestline Sales - MycoPath
Please support our sponsors.

Copyright 1997-2016 Mind Media. Some rights reserved.

Generated in 0.16 seconds spending 0.038 seconds on 14 queries.