Re: CoolWebSearch Virus
From: Shenan Stanley (news_helper_at_hushmail.com)
Date: 05/02/04
- Next message: Shenan Stanley: "Re: system shutsdown when internet is activated"
- Previous message: hunter: "blank folder covers screen"
- In reply to: SeaWolf: "CoolWebSearch Virus"
- Next in thread: SeaWolf: "Re: CoolWebSearch Virus"
- Reply: SeaWolf: "Re: CoolWebSearch Virus"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 2 May 2004 16:55:15 -0500
SeaWolf wrote:
> I've been hearing a lot about the CoolWebSearch Virus on the Net. So
> far I've not managed to catch this thing but from the sounds of
> things this virus is extremely dangerous to our machines.
>
> First I'm wondering how you catch this virus?
> Second I've been hearing that we should remove MicroSoft JVM and
> replace it with Sun Microsystems JVM. Is this a reasonable thing to
> do and has anyone done this on WinXP Pro yet?
> http://www.winnetmag.com/Article/ArticleID/38206/38206.html
>
>
http://www.wired.com/news/infostructure/0,1377,63280,00.html?tw=wn_tophead_2
>
> Currently I will not open ANY attachments even if its from someone I
> know at this point. From what I'm hearing most Anti-Virus programs
> are not catching this thing currently.
>
> I'm also wondering if I should simply turn off all Java VM
> permissions on my system?
> I don't know how much of a problem this really is at this point. I
> have ensured that all my WinXP updates are inplace, so I'm up to date
> at this point. I don't see where any of the updates address this
> problem.
>
> Thanks for any info you can give me!
It's not a virus.. It is Spy/Ad/Malware and a web page hijacker.
CWShredder kills it in most cases.
The JVM, you have to download the SUN version. I don't think, with all the
legal problems in the past, Microsoft will be including it for you. Go for
it - the MSJVM is getting older now - probably out of date.
Follow this advice:
Note that Microsoft is not sending you patches in emails nor should you EVER
open attachments you did not expect in emails. You simply posted your
un-munged email address to the thousands of newsgroups that this is spread
to around the world and it has been "harvested".
My other suggestions to you include:
Please Notice that if you use AOL, you should at least upgrade to 9.0 or
greater before doing any of the fixes. I know you can get AOL 9.0 at almost
any convenience store, gas station, super market or other retail outlet in
the world, so this should not be a problem.
Turn on that firewall...
http://www.microsoft.com/WindowsXP/home/using/howto/homenet/icf.asp
(It has been reported that it now works with AOL 9.0+)
Make sure you have all the updates (critical) installed from:
http://windowsupdate.microsoft.com/
(Scan for updates, Review and Install)
Get rid of the spy/ad/mal-ware..
(Yes - using MORE than one of these..
I recommend at least the first three. Also..
UPDATE the definitions for them before using.)
Spybot Search and Destroy
http://www.safer-networking.net/
Lavasoft AdAware
http://www.lavasoft.de
CWSShredder
http://www.spywareinfo.com/~merijn/downloads.html
Hijack This!
http://mjc1.com/mirror/hjt/
I also like "The Cleaner" and "SpywareBlaster" and "SpywareGuard".
- http://www.moosoft.com/
- http://www.javacoolsoftware.com/
The first is a PAY product, but useable for 30 days - it has found and
eliminated problems in the past the others did not. The latter two are
prevention mechanisms. I like SpywareGuard for those with enough processor
to have something running like antivirus software - and it prevents browser
hijacking quite well. SpywareBlaster is a FANTASTIC free product, I suggest
getting this after you cleanup and keeping it updated as well....
And Assortment of Others:
http://spywareinfo.com/
ALSO - Be sure to IMMUNIZE after you clean up. SpywareBlaster and Spybot
Search and destroy both have these features - use both!
After you cleanup your PC somewhat of spy/ad/mal-ware, verify your antivirus
software is updated and run a full scan of your computer. If you have no
antivirus software - get one NOW! Grisoft AntiVirus:
http://www.grisoft.com/us/us_dwnl_free.php
Empty your Temporary Internet Files and shrink the size it stores to about
80 to 120MB (seems to be an optimal size for the normal user)
- Open ONE copy of Internet Explorer.
- Select TOOLS -> Internet Options.
- Under the General tab in the "Temporary Internet Files" section,
do the following:
- Click on "Delete Cookies" (click OK)
- Click on "Settings" and change the
"Amount of disk space to use:" to something between 80MB
and 120MB. (Betting it is MUCH larger right now.)
- Click OK.
- Click on "Delete Files" and select to
"Delete all offline contents" (the checkbox) and click
OK. (If you had a LOT, this could take 2-10 minutes or
more.)
- Once it is done, click OK, close Internet Explorer
- Re-open Internet Explorer.
Uninstall any software you do not use often/ever. (If you have something
installed but never use it, uninstall it.) If you go through Control
Panel -> Add/Remove Programs and see things you seldom if ever use, it is to
your advantage to remove it.
Also, if you are tired of Web Page Pop-Ups/Unders.. You could try the
Google Toolbar.
http://toolbar.google.com/
Stop loading applications at logon.. run MSCONFIG and look under the startup
tab for things you DON'T want to startup! Search the Internet with Google
to discover what things are safe to remove and what things may even be
malware infecting your computer.
Better control your email and lessen the amount of time you spend dealing
with SPAM:
SpamBayes
http://sourceforge.net/projects/spambayes/
or
Spamihilator.
http://www.spamihilator.com
-- <- Shenan -> --
- Next message: Shenan Stanley: "Re: system shutsdown when internet is activated"
- Previous message: hunter: "blank folder covers screen"
- In reply to: SeaWolf: "CoolWebSearch Virus"
- Next in thread: SeaWolf: "Re: CoolWebSearch Virus"
- Reply: SeaWolf: "Re: CoolWebSearch Virus"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
