RE: How I got rid of CoolWeb virus thingy that is going around
From: zippy (zippy_at_discussions.microsoft.com)
Date: 06/25/04
- Next message: lvee: "RE: internet connection"
- Previous message: martin: "Re: new trojan driving me nuts!!!"
- In reply to: lvee: "RE: How I got rid of CoolWeb virus thingy that is going around"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 25 Jun 2004 08:50:21 -0700
Yes, that gets rid of two of the variants, but the variants that are going around now are very resistant, these suggestions only work till you get back on the net. But good reading though
"lvee" wrote:
> read this fro additional info.
> http://www.doxdesk.com/parasite/CoolWebSearch.html
>
> "zippy" wrote:
>
> > I have found that this is a very irritating thing to get rid of, you can use adaware 6.0 and as soon as you get back on the net it comes right back. I've seen alot of discussion about it here and thought I would add some pointers. This has worked for me, but what works for one may not work for another. Proceed with caution.
> >
> > First, download a program called CoolWebShredder, but don't run yet.
> > 2nd, download a program (you can do a search on the net, I don't know the exact address) called win98.fix (win 98 only). Don't run yet.
> > 3rd, download Adaware at lavasoft.com don't run yet.
> > 4th, Download HijackThis, not sure of exact address. Don't run yet.
> >
> > Disconnect from Web
> >
> > First step, run Adaware, making sure it is set up for scan within archives, scan active processes, scan registry, scan IE favorites for banned URL and scan Host files. Then go into Settings (the little gear on top) and make sure (it usually is) that unload regonized processes during scanning is checked. Then on cleaning engine, make sure "let windows remove filesin use at next reboot. Click proceed to save settings then scan and remove any thing that comes up.
> >
> > Next, Open the Win98.fix Double click on runfix.reg file and click yes and reboot. Next click Start/find/files and folders. do a search for resapfj.dll or resafpj.dll, it should be in the system folder. Delete. This is the file that causes this virmi to keep coming back.
> >
> > Next, Run coolwebshredder. Then run Adaware again. Then run HijackThis. I strongly urge with the Hijack this that you show the log file to someone who knows about spyware because if you delete the wrong thing, your computer will be messed up severly.
> >
> > I have had great success doing it this way.
- Next message: lvee: "RE: internet connection"
- Previous message: martin: "Re: new trojan driving me nuts!!!"
- In reply to: lvee: "RE: How I got rid of CoolWeb virus thingy that is going around"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
