Ask me anything I just beat the CoolWeb Spyware

and damn it was a fearsome battle. It slipped past Spyware Blaster and resisted Spybot, Adware and CoolWeb Shredders attempts to remove it. It had buried itself in my registry and was sending me to a Yahoo lookalike web page every time I attempted to do a search. I finally went over to CNet and got a spyware removal tool that took it out. I don't know if anyone else has ever faced this problem but these guys who create this spy ware are the lowest forms of life on the planet. It pisses me of that these jerk offs create this crap that screws around with people's property, namely their computers. Why can't hackers do something useful for once and attack the computers of the major creators of spyware?

spyware but I have cleaned some computers than had some real nasty spyware that replaced operating system .dll files with corrupt ones.

But I figured it CoolWeb Shredder had failed so would it. It was one of those that if you removed it, it would recreat itself the next time you turned on your computer. Spyware Doctor by PC Tools was the one that finally ripped it out by the roots and took care of it. You are right Adaware 9 times out of 10 takes care of everything that get on your computer. Those guys are true lifesavers.

by ignoring it...it's tied to my internet explore which i blocked..now i just surf using mozilla

wish i had time to get rid of it all together...along with ie...but every solution ive seen takes too much time...and im too busy blogging...

its a bad habit I have by using IE and I just can't seem to break it.

I desperately need to get rid of it. I've used Ad-Aware, Spybot Search and Destroy, Webroot SpySweeper and Norton AntiVirus, but still haven't gotten rid of it.

And I agree, I wish I could torture and kill those fuckers who made that fucking CoolWebSearch. I went to Best Buy, and the guy at Geek Squad said that CWS was very notorious.

I'm DESPERATE!!!

new program...free. Get it at download.com

Or you can visit this site and download every recommended program...update them all and run in safe mode.

SPYWARE KILLERS

http://groups-beta.google.com/group/SPYWARE-Killers

why should you run in safe mode?

Safe mode keeps the operating system from loading certain files as dictated by registry entrys. The really nasty ones I clean out using HiJack This. It is a tool best used my someone with a fairly high skill level with reguards to PCs to make sure you do not delete something you need.

safe mode only loads the minimums XP needs to run. All other programs (including spyware) will not be loaded into memory as they are on a normal reboot. Spyware is easier to kill/delete when it isn't already running on your system.

and you enter and leave safe mode by using which keys?

usually

I used Spyware Doctor to finally kill it off. I got the free version from CNet Downloads

Oh well...

I will be back in a moment with a link.

If you beat CWS, you deserve kudos. Those rat bastards destroyed one computer of mine. Even the guys at Webroot told me that CWS is absolutely the most insidious spyware they have ever encountered, as it reinvents itself all the time. They're constantly working on getting rid of it.

I got so frustrated that I just rebooted the entire system and used my disks to reload the various things like papers, links etc that were imported. Then I learned about Spyware Blaster which is a decent shield against most of them including the older CW variants and they usually update once a week. Though it seems that its a tough battle to keep ahead of these scumbags.

Took me two freakin' days to get rid of CWS, but Spyware Blaster does seem to keep it from coming back. Also, I will never willingly use IE again. Mozilla is the KILLA!

:thumbsup:
dbt

I've never understood their fascination with wrecking havoc on innocent peons & their computers. It's not as if anyone would be caught dead buying something from a pop-up that came from spyware that hijacks their computer.

My system has done fine since I bought the new Webroot software, and I'm religious about downloading the updates.

The local PC repair shop has more business than they can handle, with desperate people hauling their PC's in to be cleaned. Even though it's their business, they are so sick of it and can't hire enough people to keep up with the volume.

Which means kill all the designers, burn down their offices, salt the land and poison the water. So they could never rise up again.

LOL

I wouldn't put their heads on pikes or turn their skulls into beer mugs.;)

...that neither adaware, spybot, or Norton could fix. I've tried about everything I can think of to get rid of it.

Maybe we can help. How does it manifest itself? What symptoms do you have? Do you have HijackThis and can you post a log?

....that then is replaced by one of those stupid boxes wanting me to accept a download of a .exe file of one kind or another. I don't have hijack this.

Do you happen to know the name of the .exe it wants you to accept? That might help track it down.

...the box comes up. Really annoying. I'll start writing them down.

It killed off the CW which seem unkillable.


http://downloads-zdnet.com.com/Spyware-Doctor/3000-8022

error 404

No worries. Go up to my post in this thread called "Here it is" it has the same link to get Spyware Doctor and I just checked it out and it works.

...spywarenuker.exe?

That's the latest in the attempts to get me to accept a download. spywarenukerinstaller.exe

==================
GROVELBOT.EXE v3.0
==================



This week is our first quarter 2005 fund drive. Democratic
Underground is a completely independent website. We depend almost entirely
on donations from our members to cover our costs. Thank you so much for
your support.

These sons of Bitches can put exe's known as CTFMON and CSRSSU (which exist on your System32 Folder), which slip past the adaware and spybot searches and work with a dll called sehlp. Hijackthis is the only one I have that was able to detect these annoyances. Just part of the continuous reinvention of the CWS that pisses the user off to no end.

Spyware assholes are getting smarter and smarter. The first time I had to deal wtih them, they were able to install a dialer that loaded so fast, it disconnected me and activated so fast that I wasn't able to stop it. After getting rid of the program and all of the CWS bullshit that came with it, the next month, I received a 40 dollar charge on my phone bill from some Integretel (an outsourced billing service for 900 numbers) company. This is currently in dispute as I'm withholding payment.

I also have a small batch that I run from time to time that looks like this:

del c:\*.tmp
del %temp%\*.tmp /f
del %windir%\prefetch\*.*
del %windir%\temp\*.* /f
del C:\documents and settings\*\local settings\temp\*.* /f

Cleans the temp directories and possible exe's that exist in them.

....the adaware identifies things it can't delete. Two of those problems are IBIS and People on Page. Another is something it says might be "possible CWS"

So if adaware can't delete, what is to be done? Something is installing icons on the desktop, too.