Overview
Summary: Hijacker that runs a Java applet. Requires older or unpatched version of Microsoft Internet Explorer. Some variants (eg., CWS.Vrape) will redirect to adult sites or invoke dialers.
Alias: Blackbox Trojan, Cool Web Search, Exploit-ByteVerify, Java/Shinwow.F.Blackbox.Trojan, JS.Exception.Exploit, PopMonster, Trojan.Bootconf, Trojan.Qhosts.A, Trojan.Qhosts.B, Verify
Category: Hijacker: Any software that resets your browser's settings to point to other sites. Hijacks may reroute your info and address requests through an unseen site, capturing that info. In such hijacks, your browser may behave normally, but be slower. Homepage Hijackers will change your home page to some other site. Error Hijackers will display a new error page when a requested URL is not found.
Variants: CWS.AddClass
CWS.AFF.IEDLL
CWS.AFF.MadFinder
CWS.AFF.WinShow
CWS.AlFaSearch
CWS.Bootconf
CWS.Ctfmon32
CWS.DataNotary
CWS.DNSRelay
CWS.DReplace
CWS.Dwinf
CWS.GoogleMS
CWS.IEFeats
CWS.LoadBAT
CWS.MSConfd
CWS.MSInfo
CWS.MSOffice
CWS.Msspi
CWS.MSwsc10
CWS.MUpdate
CWS.OEMSysPNP
CWS.OSLogo
CWS.QTTasks
CWS.Svchost32
CWS.Svcinit
CWS.TapiCFG
CWS.TheRealSearch
CWS.Vrape
CWS.XPlugin
i did have this nasty bugger in my other comp "CWS.GoogleMS"
avast did not find it,i did use CWShredder and it did cut that trojan to million pieces :P
would be great if Avast would detect those browser hijackers(dont know does it detect some of those but CWS.GoogleMS did fool Avast-
check this site up
http://www.pestpatrol.com/pestinfo/c/cws.aspthere is plenty of info about those nasty buggers