Re: Dodgy Desktop!

From: Marko (
Date: 12/31/04

Date: Fri, 31 Dec 2004 13:23:17 -0500

you seem to know them all, my nephew is stuck with the "coolbar
toolbar". I found references that made me think it was a variant of
CoolWebSearch but CWShredder didn't work (nor adaware or spybot). Any ideas?

Malke wrote:

> ineptitude wrote:
>>AAARGH! Me too!
>>Right-clicking does nothing for me, and double-clicking them opens
>>links to either online casinos or "" which is a rather dodgy
>>search engine, apparently.
>>I suspect some foul play from a naive fellow user, but one can never
>>be too sure.
>>Connected with this "" -thing is also a toolbar i can't
>>seem to shake.
>>Indeed, if ANYONE has answers i'd be much obliged.
> For both you and David - yes, you have malware on your computers. Spybot
> is great, but you need more. Here are malware removal steps. Do all
> scans with updated tools in Safe Mode.
> 1) Scan in Safe Mode with current version (not earlier than 2003)
> antivirus using updated definitions.
> 2) Remove spyware with Spybot Search & Destroy and Ad-aware. These
> programs are free, so use them both since they complement each other.
> There is a new version of CWShredder from Intermute. I would not
> install the other Intermute programs, however. Alternately, there are
> CoolWebSearch malware removal steps at SilentRunners.
> Be sure to update these programs before running, and it is a good idea
> to do virus/spyware scans in Safe Mode. Make sure you are able to see
> all hidden files and extensions (View tab in Folder Options).
> HijackThis is an excellent tool to discover and disable hijackers, but
> it requires expert skill. See below for HijackThis links. A combination
> of HijackThis and About:Buster works well in removing the About:Blank
> homepage hijacker. Again, this is an expert tool and novices should get
> help with it.
> 3) If you are running Windows ME or XP, you should disable/enable System
> Restore because malware will be in the Restore Points. With ME, you
> must disable System Restore completely. With XP, you can delete all but
> the most recent (presumably clean) System Restore point from the More
> Options section of Disk Cleanup (Run>cleanmgr).
> 4) Make sure you've visited Windows Update and applied all security
> patches. Do not install driver updates from Windows Update.
> 5) Run a firewall.
> Links to help with malware:
> Software/Methods:
> - Spybot Search & Destroy
> - Ad-aware
> - good download site
> - SilentRunners
> HijackThis:
> - HijackThis tutorial by Jim
> Eshelman
> - Spyware Warrior HijackThis
> forum
> General:
> - look under "Security" for various forums
> - The Parasite Fight
> Malke

Marko Jotic
"Common sense is anything but common".
 From the notebooks of Lazarus Long. Robert A. Heinlein.
Handmade knives, antique designs, exotic materials at