Avast WEBforum
Other => General Topics => Topic started by: Noak on September 26, 2004, 09:45:00 PM
-
I got this thing come up on my pc called coolwebsearch,
i know it it a well know spyware virus thingy and i managed to find something to delete it. But now my internet is really slow and i think it's cause i deleted a file called y by accident because i thought it would fix my problem as the file was created the same time i got the problem. Please help me
-
Hi, have you tried running any of the following?:
Avast!
Spybot Search and Destroy (www.safer-networking.org)
AdAware (www.lavasoftusa.com)
Also, what was the file name? Just "y"? What extension?
-
What did you find "to delete it"?
The entire filename is important if we are to try to help you.
Never heard of "Y" before. Usually a system runs slow after malware has been introduced.
Staind gave you the links for some very good anti-spyware programs. Install them and run scans with BOTH. Let the program remove any detected spyware.
Then reboot your system and see how it runs.
Good luck
-
I got this thing come up on my pc called coolwebsearch,
i know it it a well know spyware virus thingy and i managed to find something to delete it. But now my internet is really slow and i think it's cause i deleted a file called y by accident because i thought it would fix my problem as the file was created the same time i got the problem. Please help me
Hi Noak, welcome to the forums.
What did you delete it with? because this is/can be a pig to get rid of fully/properly.
There is a free tool called CWShredder that is designed to rid systems of CoolWebSearch. The y file could be a totally different and unrelated issue. This one I believe eluds adaware and spybot S&D and CWShreder is specific to this and some other persistent hijackers.
Since this is a browser hijack you should run the program hijackthis to ensure you are free of other trojans, etc.
A visit to Eddy's HiJackThis Info and Analysis page, HijackThis log file analyzer (http://members.home.nl/edeijl/acred/cleaning.htm) and follow the directions there and get back to us if you need more help....
-
Hey,
It just came to me. The "Y" was part of a trojan/worm probably Dumaru.Y or similar variant.
This type of worm attempts to spread through the file-sharing networks. It also has backdoor Trojan capabilities, which allows an attacker to gain control of a compromised computer
There is nothing wrong with using CWShredder. It is a nice little utility.
My concern is that you probably ARE infected. (or were ::))
The only thing you can do is run the full scan to see if the worm is picked up again. If not, it's gone...and not to worry.
-
Hi noak and welcome to forums... have you ever tried Bazooka Scanner ? If not, go here:
http://www.kephyr.com/spywarescanner/ (http://www.kephyr.com/spywarescanner/)
Download it, install it on your system, update it and run SCAN. You'll be surprised what can it find... some very nasty things that Spybot nor Ad-Aware couldn't even smell... I use all of them, and that's best advice I can give you right now. But, again... run Bazooka and you'll see right away if you have those ugly spyware and adware files installed on your system.
Bazooka doesn't repair or clean anything, but it gives you great advices on how to manually remove those things from your PC. Some of them requires your PC to be booted in Safe Mode, because sometimes, that's the only possible way to clean them... after that, you have to run regedit and manually remove some keys left. Removing some of those spyware and adware thingies, sometimes could be very painful process, 'cause they can keep coming back... but you have to follow those advices carefully, and soon, everything will be under your control.
Cheers !
-
Noak
Take a look HERE (http://www.siena.edu/antivirus/spyware/cws.asp) and see if this helps.
-
That's why I recommended Bazooka... CoolWebsearch is one of those ugly things it finds without any problems... read about it on splash page I gave link for in one of my previous posts...
Cheers !
-
Its ok i fixed it. Although to get my net properly working i first have to do ctrl+alt+del and shut down a file called sais.
See if i have Avast does it stop me from getting spyware?
-
sais.exe is part of the 180Solutions spy-/adware. Seems that your system is not clean. Did you already visited my page and followed ALL steps there?
-
nope
-
Then you better do that...
-
See if i have Avast does it stop me from getting spyware?
avast is an antivirus.
You need a spyware removal tool: try SpywareBlaster or Ad-aware from Lavasoft. Both are free ;)
-
Where do i find this magnificent contraptoin? :o
-
On my page, you will find everything you need ;)
And guess what? It is all FREEWARE ;D
You would have know that if you did what we suggested you 3 times already.