http://gamingtrend.com
August 21, 2014, 08:04:18 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Calendar Login Register  
Pages: [1]   Go Down
  Print  
Author Topic: Anyone ever gotten rid of the coolwebsearch trojan?  (Read 458 times)
0 Members and 1 Guest are viewing this topic.
Mr. Fed
Gaming Trend Senior Member

Offline Offline

Posts: 985


View Profile WWW
« on: June 13, 2011, 03:55:21 AM »

Looks like I picked it up on my laptop.  Tried Spybot S&D, Malwarebytes, CWshredder.  No joy.  Anyone have any luck?
Logged

Popehat, a blog.  Now 35% less ugly!
Caine
Gaming Trend Senior Member

Offline Offline

Posts: 9953


My cocaine


View Profile
« Reply #1 on: June 13, 2011, 06:02:22 AM »

nothing specific to that pile of S, but if the main anti-malware systems haven't wiped it, you may want to consider a nuke & rebuild.  it's been a long while since that junk was on any machine i had and iirc, it was gone after i dug around in the registry and wiped out some entries.  it seems they may have hardened the installation against removal. 

how much did those utilities help?  what traces are still present afterwards?  how much control do you have now and does it prevent you from running the registry editor or other programs?

your best bet may be to boot the computer into safe mode with networking and copy all of you docs to another computer.  or if you want to be extra careful, pull the hard drive, attach it to a usb>sata/IDE device and read the files that way (after scanning on the clean one of course)

Logged

"It's like chess with big guns against aliens. Which isn't like chess at all when I think about it." - Jake Solomon
morlac
Gaming Trend Senior Member

Offline Offline

Posts: 2778



View Profile
« Reply #2 on: June 14, 2011, 12:50:28 AM »

TDSkiller worked on one I had.  though it depends on what flavor of the virus you have.  i was about a 20 mins from nuking and reinstalling but glad I did not.
« Last Edit: June 14, 2011, 12:52:47 AM by morlac » Logged

morlac00 on PSN
Tokek
Gaming Trend Senior Member

Offline Offline

Posts: 767



View Profile
« Reply #3 on: June 14, 2011, 02:48:45 AM »

Check out http://www.bleepingcomputer.com/. I helped removed them while I was actively volunteering there but I haven't done it since I've moved back to Indonesia so I'm out of practice and out of the loop on what's new.
Logged
papasmurff
Gaming Trend Senior Member

Offline Offline

Posts: 1399


View Profile
« Reply #4 on: June 18, 2011, 01:05:36 PM »

I know this may sound odd... but when removing any type of spyware it is best done in safe mode.  I have run malware bytes on a computer without being in safe mode and it doesn't do anything... when i switch over... it picks up all the pieces and clears them out...  just a suggestion before the nuke and rebuild process...
Logged

Gaming Tag: papa smurff 4
Punisher
Gaming Trend Senior Member

Offline Offline

Posts: 1729



View Profile
« Reply #5 on: June 18, 2011, 06:46:38 PM »

Quote from: papasmurff on June 18, 2011, 01:05:36 PM

I know this may sound odd... but when removing any type of spyware it is best done in safe mode.  I have run malware bytes on a computer without being in safe mode and it doesn't do anything... when i switch over... it picks up all the pieces and clears them out...  just a suggestion before the nuke and rebuild process...
This plus....

goto all the temp folders for each user and in the windows folders and delete them. Also open msconfig and see if it's in there and look at the path and nuke that as welll (usually in userdata or something and may be a weird fold like jeille or some other random letters.
Doing the above from a winpe or or other boot disc may work better.
Logged
Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines
Valid XHTML 1.0! Valid CSS!
Page created in 0.078 seconds with 34 queries. (Pretty URLs adds 0.014s, 2q)