> I have work to do..and to tell you the true, CWS isn't a problem
> for me? Why because we have real network security. Desktop security is the
> last line of defense. Multi-tier security will stop most spyware at the gate
> and it will never get to you.
to DO THIS you still need to know the a
y out of the spyware game?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Aditya, ALD
[Aditya Lalit Deshmukh]
Sent: Sunday, August 01, 2004 2:41 AM
To: Todd Towles; 'JacK'; [EMAIL PROTECTED]
Subject: RE: Re: [Full-Disclosure] Cool Web Search
&g
BHO Demon 2.0
http://www.definitivesolutions.com/bhodemon.htm
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Todd Towles
Sent: Friday, July 30, 2004 18:00
To: 'Rmuge NineFive '; 'Disclosure Full'
Subject: RE: Re: [Full-Disclosure] Co
>
> Where there are not short-cut workarounds this means removing the
> software manually is simply impossible. Currently a trip into Safe Mode
> can do the trick, by stopping any of the software running, but I'm sure
> that'll be worked around too eventually. (Rootkit-like spyware?)
complete
>
> There is a free piece of software somewhere that will grab all the BHOs
> (Browser Helper Objects) out of the registry and display them all. Anyone
> remember where this software can be found?
Probably you want regenhancer from the same co that create ad-aware this does exactly
what you wan
> >Absolute and utter rot! I understand YOU may not be able to do
> it but it CAN
> >be done. It is simple logic if you want to look at it another
> way - whatever
> >can be DONE can be UNdone.
> >
>
> Did you really mean "whatever can be done can be UNdone"?
> How about a format C:? (I haven't
> We are all computer people - fixing one computer is easy but could take 4
> hours - not very helpful on a mass scale. We pay for point and click, why
> shouldn't we get it? ;)
the sweet word over here is automation even if one computer takes 4 hours to clean but
if can find a way to do that an
> I did. Regardless of what it says, CWShredder doesn't get rid of all
> variants of CoolWebSearch.
this i found to be true in many cases, but however could the original poster please
post some more info about removing the CWS ...
-aditya
__
> Try a deltree /y c:\that usually does the trick.
and maybe format c:
and reboot to install freebsd / solaris / linux or whatever version of unix
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.c
Dean Porter wrote:
Has any one dealt with a similar thing called "searchweb2.com"?
Nope, but as a general fallback on windows systems that have and ebd
that gives a dos console:
1) identify the elements you need to remove on the live system.
2) boot the ebd and use the ebd tools to remove the un
Has any one dealt with a similar thing called "searchweb2.com"?
This installed itself into two folders: "C:\Program Files\htm acid soap",
and "C:\Documents and Settings\All Users\Application Data\spam wipe that
audio" and then integrated itself into Internet Explorer as a "Search Bar",
that you c
t: Re: [Full-Disclosure] Cool Web Search
Gregh wrote:
>Absolute and utter rot! I understand YOU may not be able to do it but it
CAN
>be done. It is simple logic if you want to look at it another way -
whatever
>can be DONE can be UNdone.
>
Did you really mean "whatever can be do
On Fri, Jul 30, 2004 at 05:35:46PM -0400, Raj Varada wrote:
> Did you really mean "whatever can be done can be UNdone"?
> How about a format C:? (I haven't seen "unformat" in a very long time.)
Data can be read off a hard drive until it's been written over like
what...8 times IIRC? So, in theory,
Gregh wrote:
Absolute and utter rot! I understand YOU may not be able to do it but it CAN
be done. It is simple logic if you want to look at it another way - whatever
can be DONE can be UNdone.
Did you really mean "whatever can be done can be UNdone"?
How about a format C:? (I haven't seen "unfor
4:29 PM
To: Disclosure Full
Subject: Re: [Full-Disclosure] Cool Web Search
- Original Message -
From: "Andrew Clover" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, July 31, 2004 4:26 AM
Subject: Re: [Full-Disclosure] Cool Web Search
> Gregh
ted" - wow, 30 variants. That is truly ugly.
Thanks
Michael R. Schmidt
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Andrew Clover
Sent: Friday, July 30, 2004 11:27 AM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Cool Web Search
Gregh &l
- Original Message -
From: "Andrew Clover" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, July 31, 2004 4:26 AM
Subject: Re: [Full-Disclosure] Cool Web Search
> Gregh <[EMAIL PROTECTED]> wrote:
>
> > the truth is that this way DOES
. We pay for point and click, why shouldn't we get it? ;)
>
!!! you do, you get it and then pay, and pay and pay again, each and
every new win sploit that is released. And then pay again to have them
MSCE's stare blankly at the root cause
Thanks,
Ron DuFresne
riginal Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of JacK
Sent: Friday, July 30, 2004 11:56 AM
To: [EMAIL PROTECTED]
Subject: Re: Re: [Full-Disclosure] Cool Web Search
> I don't know if you fully understand HiJackThis or maybe I was just
> unclear.
> HiJack
; To: Disclosure Full
> Subject: Re: Re: [Full-Disclosure] Cool Web Search
>
> Regarding removal of newer versions of Cool Web Search.
>
> See this web page.
>
> http://www.pchell.com/support/onlythebest.shtml
>
> I have encountered the problem described on the
Gregh <[EMAIL PROTECTED]> wrote:
> the truth is that this way DOES get rid of it. There are
> at LEAST 5 variants of CWS.
Oh, there are *many* more than that.
> I have met them all and beat them all.
Obviously you have not met the CWS/About variant. This cannot be removed
with only HijackThis and t
On Fri, 30 Jul 2004 09:59:54 CDT, Todd Towles <[EMAIL PROTECTED]> said:
> There is a free piece of software somewhere that will grab all the BHOs
> (Browser Helper Objects) out of the registry and display them all. Anyone
> remember where this software can be found?
I've always suspected that Bro
Todd Towles wrote:
There is a free piece of software somewhere that will grab all the BHOs
(Browser Helper Objects) out of the registry and display them all. Anyone
remember where this software can be found?
hijackthis shows the bho's
http://www.spywareinfo.com/%7Emerijn/index.html
and some utils f
Message: 30
From: "Gregh" <[EMAIL PROTECTED]>
Sorry but totally and utterly incorrect. You just do NOT understand what I
have typed. I said that I used HiJackThis to list the entries in a group
then ticked them manually and then removed them. Along with that, it
allowed
you to identify the exe file
lf Of Todd Towles
Sent: Friday, July 30, 2004 5:00 PM
To: 'Rmuge NineFive '; 'Disclosure Full'
Subject: RE: Re: [Full-Disclosure] Cool Web Search
There is a free piece of software somewhere that will grab all the BHOs
(Browser Helper Objects) out of the registry and display them a
http://www.definitivesolutions.com/bhodemon.htm
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Todd Towles
Sent: Friday, July 30, 2004 9:00 AM
To: 'Rmuge NineFive '; 'Disclosure Full'
Subject: RE: Re: [Full-Disclosure] Cool Web Sea
I don't know if you fully understand HiJackThis or maybe I was just
unclear.
HiJackThis wasn't used by me to get rid of CWS as, for example, running
Adaware gets rid of tracking cookies and some installed spyware progs. It
was used by me to list various entries in registry which, when lumped
toge
uot;Todd Towles" <[EMAIL PROTECTED]>
To: "'Rmuge NineFive '" <[EMAIL PROTECTED]>; "'Disclosure Full'"
<[EMAIL PROTECTED]>
Sent: Friday, July 30, 2004 10:59 AM
Subject: RE: Re: [Full-Disclosure] Cool Web Search
> There is a free piece
On Fri, 30 Jul 2004 09:59:54 -0500, Todd Towles
<[EMAIL PROTECTED]> wrote:
> There is a free piece of software somewhere that will grab all the BHOs
> (Browser Helper Objects) out of the registry and display them all. Anyone
> remember where this software can be found?
It should be at
http://www.s
PROTECTED] On Behalf Of Rmuge NineFive
Sent: Friday, July 30, 2004 8:47 AM
To: Disclosure Full
Subject: Re: Re: [Full-Disclosure] Cool Web Search
Regarding removal of newer versions of Cool Web Search.
See this web page.
http://www.pchell.com/support/onlythebest.shtml
I have encountered the
On Fri, 30 Jul 2004 23:36:49 +1000, Gregh <[EMAIL PROTECTED]> said:
> If you dont understand that then I can understand that you dont know how to
> get rid of it but the truth is that this way DOES get rid of it. There are
> at LEAST 5 variants of CWS. I have met them all and beat them all.
Bewa
, July 30, 2004 9:00 AM
To: 'Rmuge NineFive '; 'Disclosure Full'
Subject: RE: Re: [Full-Disclosure] Cool Web Search
There is a free piece of software somewhere that will grab all the BHOs
(Browser Helper Objects) out of the registry and display them all. Anyone
remember where this s
Sent: Friday, July 30, 2004 8:47 AM
To: Disclosure Full
Subject: Re: Re: [Full-Disclosure] Cool Web Search
Regarding removal of newer versions of Cool Web Search.
See this web page.
http://www.pchell.com/support/onlythebest.shtml
I have encountered the problem described on the page and
Dave Horsfall <[EMAIL PROTECTED]> wrote:
Not really "new", in the scheme of things. Over 30 years ago, some bored
prgrammer wrote something for one of the mainframes of the day (ICL?
IBM? Burroughs?) called "Robin Hood and Friar Tuck".
Yeah, I was aware of this story; the Jargon File attributes it
- Original Message -
From: "Andrew Clover" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 30, 2004 9:44 PM
Subject: Re: [Full-Disclosure] Cool Web Search
> Gregh <[EMAIL PROTECTED]> wrote:
>
> > It was used by me to list variou
Regarding removal of newer versions of Cool Web Search.
See this web page.
http://www.pchell.com/support/onlythebest.shtml
I have encountered the problem described on the page and successfully removed the
Hijack using Hijackthis
and AboutBuster.
Spybot and AdAware did not detect the BHO el
On Fri, 30 Jul 2004, Andrew Clover wrote:
> This is not the case for all variants of CWS. The newer, sneakier
> variants can rebuild themselves if they detect a program like HijackThis
> removing their registry entries.
Not really "new", in the scheme of things. Over 30 years ago, some bored
prg
Gregh <[EMAIL PROTECTED]> wrote:
It was used by me to list various entries in registry which, when lumped
together like that, show off CWS quite easily. Once they are there, removing
them and the progs started by some of them is easy.
This is not the case for all variants of CWS. The newer, sneakie
(from other mailing list and forum post), HiJackThis wasn't removing them
100% either.
Todd
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Richard
Golodner
Sent: Thursday, July 29, 2004 5:51 PM
To: 'Gregh'; Disclosure Full
Subject: RE: [Full-
- Original Message -
From: "JacK" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 30, 2004 10:20 AM
Subject: Re: [Full-Disclosure] Cool Web Search
> On Friday, July 30, 2004 1:03 AM [GMT+1=CET],
> [EMAIL PROTECTED]
> <[EMAIL PROTECTED]&g
On Friday, July 30, 2004 1:03 AM [GMT+1=CET],
[EMAIL PROTECTED]
<[EMAIL PROTECTED]> écrivait:
So, for those of you who don't think Nanog is full of "Gods of
Correctness",
if you are having probs with removal of CWS, get HiJackThis, let it scan
and
then you will see, sticking out like a wart on
g them
100% either.
Todd
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Richard
Golodner
Sent: Thursday, July 29, 2004 5:51 PM
To: 'Gregh'; Disclosure Full
Subject: RE: [Full-Disclosure] Cool Web Search
Try CWShredder too!
-Original Message-
- Original Message -
From: "Richard Golodner" <[EMAIL PROTECTED]>
To: "'Gregh'" <[EMAIL PROTECTED]>; "Disclosure Full"
<[EMAIL PROTECTED]>
Sent: Friday, July 30, 2004 8:51 AM
Subject: RE: [Full-Disclosure] Cool Web Search
Try CWShredder too!
-Original Message-
From: Gregh [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 29, 2004 5:46 PM
To: Disclosure Full
Subject: [Full-Disclosure] Cool Web Search
JFYI of anyone interested:
On Nanog a short time back, most of the list there decided that CWS couldn't
easil
44 matches
Mail list logo
