ZeroPaid.com

GATORIAN · **CoolWebSearch is winning Trojan war -** June 29th, 2004, 10:38 AM

CoolWebSearch is winning Trojan war

By Jan Libbenga
Published Tuesday 29th June 2004 09:05 GMT

Merijn Bellekom has abandoned developing software that removes one of the nastiest browser hijackers on the planet: CoolWebSearch, a trojan that converts your PC into a source of revenue for fly-by-night porn sites not capable of generating legitimate Web traffic.

The trojan installs dozens of bookmarks to foul porn sites on your desktop; it also adds a toolbar to Internet Explorer and changes your home page without asking. And it significantly slows down the performance of your PC, and introduces some modifications which cause Windows to freeze, crash or randomly reboot.

It takes a brave Dutch student, Merijn Bellekom, to remove the hijacker effectively; but CWS seems to be winning, leaving users at risk.

Bellekom has just released the latest version of his CWShredder (1.59), the only antidote to the trojan, but warns that his app won't be updated again: "I have a few bugs to fix, but after that there's not much left to do. I simply do not have the tools to remove the latest variants. They are too aggressive or too complicated to allow for automated removal."

READ FULL ARTICLE

dubstylee · June 29th, 2004, 10:51 AM

that sucks, I just recommended his tool to someone who had the trojan... sad to see the good guys losing.

.:sp00ky:. · June 29th, 2004, 11:04 AM

i use this tool all the time its a shame hes giving up on it :melllow it picked up spyware that both spybot and ad-aware missed

mcovey · June 29th, 2004, 11:16 AM

the good guys arent losing.

using internet explorer is plain stupid these days, even CERN said not to use it and gates says set all security to high and disable javascript, active scripting and activex.

windows just isnt a good computing environment anymore, it's limiting and downright dangerous if you have any unencrypted important data.

DainBramaged · June 29th, 2004, 11:35 AM

Windows is fine. It's "Joe Consumer" who isn't interested in getting educated about security that is part of the problem.

phalkon30 · June 29th, 2004, 11:53 AM

This really sucks, my dad has CWS, I've been trying for weeks to remove it with CWS shredder, Ad-Aware, and Spybot combined. I even use tea timer to stop this from setting settings, but it still manages to get by even when I set to block all changes. I really don't want to reinstall his stuff, but he can barely use his computer.

The Hunter · June 29th, 2004, 02:15 PM

How true Phalk, and I guess its time for me to finally dump IE for Firefox, unless you could reccommend a better option.

Unsueable Davey Brown · 03:07 PM

I wonder if that's the whole story...

Merijn seems to have given up shortly after the barrage of Ddos attacks that were hitting spyware cleaning sites - his included.

I don't blame him, especially when you read some of the snarly, snarky comments those volunteer spyware cleaners get from the people who's system they're trying to help clean. Most of the people they help don't even bother to say thank you. You have to wonder why they even bother trying to help people.

Oh well... Another soldier down. There's still the Spywareinfo.com message boards along with Tom Coyote's and Net-integration. They'll patiently plug through people's Hijackthis logs and try to clean the new variants of CWS and other scumware, as best they can.

BTW didn't Merijn also create the amazing HijackThis program.

napho · June 29th, 2004, 03:04 PM

These guys are also taking advantage of a weakness in chm help files. Since I almost never use them I've changed the default to notepad. If I want to use a chm it's easy enough to right click and open with the proper thing.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

dubstylee Offline chick repellant Posts: 599 Join Date: Apr 2002 Location: SD CA Age: 29 Reputation Power: 154	June 29th, 2004, 10:51 AM that sucks, I just recommended his tool to someone who had the trojan... sad to see the good guys losing. "Those who make peaceful revolution impossible will make violent revolution inevitable." - John F. Kennedy knofun \| Cheap Used Cars

.:sp00ky:. Offline Poptart Tramp Posts: 2,394 Join Date: Apr 2004 Location: In your pants. Age: 4 Reputation Power: 196	June 29th, 2004, 11:04 AM i use this tool all the time its a shame hes giving up on it :melllow it picked up spyware that both spybot and ad-aware missed

mcovey Offline Zeropaid Regular Posts: 1,646 Join Date: Feb 2004 Reputation Power: 159	June 29th, 2004, 11:16 AM the good guys arent losing. using internet explorer is plain stupid these days, even CERN said not to use it and gates says set all security to high and disable javascript, active scripting and activex. windows just isnt a good computing environment anymore, it's limiting and downright dangerous if you have any unencrypted important data.

DainBramaged Offline I have a twitch Posts: 646 Join Date: Jan 2003 Reputation Power: 116	June 29th, 2004, 11:35 AM Windows is fine. It's "Joe Consumer" who isn't interested in getting educated about security that is part of the problem.

The Hunter Offline Janitor Posts: 11,735 Join Date: Apr 2002 Location: Copperhead Road Age: 56 Reputation Power: 752	June 29th, 2004, 02:15 PM How true Phalk, and I guess its time for me to finally dump IE for Firefox, unless you could reccommend a better option. Grow old along with me, the best is yet to be.

napho Offline Antisocial Bastard Posts: 1,083 Join Date: Dec 2002 Location: The Great White North Reputation Power: 259	June 29th, 2004, 03:04 PM These guys are also taking advantage of a weakness in chm help files. Since I almost never use them I've changed the default to notepad. If I want to use a chm it's easy enough to right click and open with the proper thing.