I need something to get rid of this spyware that seems to have integrated itself into IE. It's changed the homepage, made my PC want to connect at startup and every now and them pops up random IE windows telling me "Warning! Your ISP is watching you. Buy our cleanup software now!". It won't let me change the homepage (it changes it straight back) and it's right pissing me off. Neither Adaware or Spybot could find or get rid of it.

 

I think it's the CoolWebSearch spyware, and it's a nightmare. Help!

I had something similar, and had similar removal problems; I ended up guddling about in the registry and file system to remove a couple of keys & dlls. RegMon and FileMon from sysinternals are your friends if you get to that stage, but only if you know what you're doing. I found good advice on the interweb somewhere as well.

You need CWS Shredder.

 

See attachment.

 

Its worth using the update function too, mine is a few weeks old :0)

Cheers, I'll give it a go. I'm on the spywareinfo site at the moment, following all of their steps to remove this shit. It's annoying as sometimes I'll click to post a message on here and the spyware will decide to randomly reroute it to one of its pages instead. Even though I've got them on the restricted sites list, it still tries.

Nice one Mike. A couple of passes with that thing and it seems to have got rid of it.

I see Quig has something that's dealt with it, but the attached will look at every change that's ever been made to IE, by you and by crapware - then you get to fix it.

Cheers. I got that off of the web site mentioned earlier, just in case I had to save the log file to put on their forum. It had a few entries that it fixed, but then they came straight back again. That proggie Mike put up here fixed it all though (at least I hope it did).

 

Does the built-in XP firewall protect you from spyway/adware attacks like this, or not?

That's a damn good proggie too, I think the same guy made both actually.

Now that you've got rid, you can set Spybot so it won't permit owt to do it again. Works for me.

But Spybot never found it, so Spybot can't immunise against it. I've got something called Spy Guard and another called Spyware Blaster to hopefully stop any further problems.

You have to watch out for some of these rogue spyware removal applications, that claim to remove but actually install spyware!

I will do, thanks. Although, I think all of the ones on spywareinfo.com would be safe.

And some of them do a bad job of it. A good example being Ad-aware trying to remove the sponsor that is optionally installed with Messenger Plus! 2.

 

Ad-aware doesn't actually get rid of it all, and so some shit is still left over and popups still occur. However, it removes enough to fuck-over the uninstall program, so even if you uninstall Messenger Plus! 2 (which genuinely removes the sponsor when you uninstall) the nasty stuff will still be there.

Yeah, Ad-Aware screwed up the removal of new.net scum, forcing a OS reinstall.
I find Spybot to be a lot safer in removal, but I find that I need to run run both so that nothing is missed.

 

 

That's weird, I swear by Spybot. I've got everyone at work using it now, too. Can't believe it missed something so obvious.

 

You got the *real* Spybot, right? The one with the thumbprint icon? There's a faker commercial-y venture out there that manages to make itself come up first on Google when you search "spybot"

 

 

 

Edit: If I was ALLOWED to go to work, which I'm not...

The icon on my version is two windows with a spyglass, the thumbprint is used on the internal logo though. Its the genuine one though as its from a coverdisk ;)

Anyway it lists coolwwwsearch but not coolwebsearch. Perhaps they are the same...

It found coolwebsearch and coolwwwsearch. It just didn't get rid of them properly. And yes, it is the version with the thumbprint, but like Mike's it's on the program rather than the icon itself.

AARRGGHH!!!!!

 

on leaving the house last night I said to the babysitter 'fell free to use the internet'

 

today I have had to run adaware, spybot, hijack, system mechanic & delete 3 folders manually - it's taken over 30 mins to remove all the crap (including a 'helpfull' toolbar).

 

babysitter will NOT be invited to 'use the internet' next time.

Welcome to my world.

PC Licence.

 

I say no more.

 

(And no, the European Computer Driving Licence is NOT what I'm talking about)