• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
zachism

Just a few questions

5 posts in this topic

Well, I finally got cws hijack crap off my computer last night and I figured I would ask a few questions.

 

-Which CWS variant is the one that redirects your page to res://<random>.dll/<random>.html#<random> , has the randomly named files, and installs on reboot?

 

-Is CWS stuff one of the bigger problems now in the way of malware and such? I noticed the majority of post were from people who have it.

 

-Any idea as to how it originated?

 

-this may sound weird, but what are these programs(cws stuff) written in?

 

-Is microsoft behind it all? mwhaha?

Share this post


Link to post
Share on other sites

heey

 

The only thing I know about the varaint of Coolwebsearch is how to delete him and replace the origanal files.

 

visit this site here is discripte it to delete and replace the origale files.

 

CWS varianten

 

 

mzzl

Share this post


Link to post
Share on other sites

zachism,

Maybe these websites won't answer all your questions, but they give you good info

about CoolWebSearch and all it's variants (39 in total), especially the first one.

The second one gives you instructions to remove it manually.

http://www.spywareinfo.com/~merijn/cwschro...html#datanotary

http://www.kephyr.com/spywarescanner/libra...source=appvisit

 

The trouble with CWS is that this malware is hard to remove COMPLETELY by a program and has to be removed MANUALLY.

That's why so many people are posting here. Not everybody is a professional or clever enough to remove CWS manually and these people need also help.

 

I don't know in which language CWS is written. What I do know is that the CWS-author never grew up, like most malware-authors.

 

Why do you suspect Microsoft ? There is no reason to.

Of course MS made it easy for malware-authors to abuse the security holes in their softwares, but MS is aware of this.

I'm confident that MS will come up sooner or later with a secure Windows, Internet Explorer, etc.

To accomplish that you need money and I don't think that Microsoft is a poor company. It's just a matter of time ;)

Edited by ErikAlbert

Share this post


Link to post
Share on other sites

the ms thing was just a joke :p, as much crap as they get from everybody, they are just providing a service, that we choose to buy.

 

Anyways, I've looked on those sites. I have already removed it... with help of course. I def. learned a lot but these were questions I had left over. the merijn(sp?) site was originally very helpful. But even he says that he was having trouble keeping up with the different variants and that his updates would eventually cease.

 

That's why I was asking if this variant had a name or something?

my question remains. any ideas on the origin? and whats it is written in and the size?

 

thanks for the answers tho!!!

Share this post


Link to post
Share on other sites

zachism

Well it isn't the first time that I don't understand a joke or a pun or a funny remark in English. I'm already glad I can understand and translate the sentence in Dutch :D

 

No, I can't answer your other questions, maybe Merijn can, but he seems to be very busy and I don't think he will answer your email. You can always try of course.

 

I'm not surprised that Merlijn's program CWShredder.exe couldn't always remove CWS. I have read and studied all the manual instructions of the Kephyr website and most of these instructions are interrupted by several shutdowns and restarts in normal and/or safe mode.

So it's very hard to combine all this in one single program and this CWS-author doesn't seem to stop to create new variants and gets better and better like most programmers.

 

In fact my homepage was never hijacked. I guess I was very lucky or too carefull, I really don't know. Sooner or later it will happen, I'm quite sure about that.

 

Personally, I'm not really interested in malware because it is such a waste of time and so negative. I'm temporarily interested, because I'm FORCED to protect my pc, like I have to lock my door when I leave home.

 

Consider this :

Somebody is infected with CWS and loses alot of time to remove it.

Once the CWS is gone, his pc is working properly again.

So what is the final result after the removal : ABSOLUTELY NOTHING, all that time he couldn't do anything positive or constructive, nothing but a waste of time.

That's what bothering me and I appreciate all the good work of the people in this forum, but I'm not the right person for this.

ErikAlbert

Edited by ErikAlbert

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0