Thread: Possible virus or hacker
View Single Post
  #2  
Old June 21st 04, 06:04 AM
glee
external usenet poster
  
Posts: n/a
Default Possible virus or hacker
It is a CoolWebSearch parasite variant:
http://www.spywareinfo.com/~merijn/c...tml#aboutblank

http://www.wilderssecurity.com/showp...40&postcount=4

You will need to follow these directions and wait for expert help in one of the
forums below, in order to correctly remove this.

Download, unzip, and run Hijack This from one of these locations:
http://computercops.biz/downloads-cat-14.html
http://www.majorgeeks.com/downloads31.html
http://www.spywareinfo.com/downloads...HijackThis.exe
Unzip to a folder other than your Desktop or the Temp folder, doubleclick
HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log"
button.
Press that, save the log somewhere you can find it (Desktop, My Documents, or
similar).
Most of what it lists will be harmless or even required, so do NOT fix anything yet.

Copy the log files and paste them into a new post at one of these forums:
http://forum.aumha.org/
http://forums.net-integration.net/
http://computercops.biz/forums.html
http://forums.spywareinfo.com/index.php?showforum=30
http://tomcoyote.org/forums/
http://www.lavasoftsupport.com
http://boards.cexx.org/

The folks there will tell you what to remove.

A tutorial for using Hijack This is located he
http://tomcoyote.com/hjt/
and an in-depth tutorial is he
http://aumha.org/a/hjttutor.htm

You will probably also need to download CWShredder, the CoolWeb removal tool,
available he
http://computercops.biz/downloads-cat-14.html
http://www.majorgeeks.com/downloads31.html
http://www.spywareinfo.com/downloads...CWShredder.exe
http://aumha.org/downloads/cwshredder.zip

Do not run it until instructed by an expert in one of the forums above.
--
Glen Ventura, MS MVP W95/98 Systems
http://dts-l.org/goodpost.htm


"T H" wrote in message
...
IE repeatedly sets it's homepage at something
called "about:blank" and pops up with an ad for spyware
detecters. Also, certain system files are missing or
corrupt. I've run virus scanners, spyware detecters,
scandisk, sfc and dr Watson. Neither detected anything,
however dr watson gave me this message:

--------------------
unknown has altered Windows system files.

Module Name: unknown


I also tried online v-scans from mcafee. I'm out of
options at this point. Is there anything else I can try?