Ultimate RC - Forum Archives

I am addicted to anti spyware software, I use adaware once every 15 minutes and spybot the same. However I'm having the first real problem I've ever had with it. One called Coolwebsearch, CWS.fullsearch does not go away.

First of all, why? I want to know why someone would do something like this. Why do people make crappy search sites with adware on them, why when they load up they say its a violation of you privacy but that message comes up because of their spyware. What person creates websites called, awesearch, and cool search, or maybe funkysearch, what is their problem. EVery day this country gets more horrible every day with people stealing money and nobody does anything about it, people messing up computers just because, and people wasting my time running adware programs just because people want to advertise things that I don't want or support.


If its any use, and I have no idea how people fix adware though this information, heres the log file. Just the registry files, everything else is fine.



Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : CWS.FullSearch
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0d721150-aef3-457b-b03a-5097b623ce45}

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : CWS.FullSearch
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : CWS.FullSearch
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{444a5674-ff85-45d4-9ae2-4199d8d70c85}

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : plugin6.dnserrobj.1

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : plugin6.dnserrobj

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 6


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : S-1-5-21-2805955149-1587062477-2389627015-1009\Software\Microsoft\Internet Explorer\MainStart Page.windowws.cc

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://www.windowws.cc/hp.htm?id=632"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-2805955149-1587062477-2389627015-1009\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "http://www.windowws.cc/hp.htm?id=632"

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 7



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17

Disk Scan Result for C:\WINDOWS\System32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17

Disk Scan Result for C:\DOCUME~1\Carl\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17

MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : S-1-5-21-2805955149-1587062477-2389627015-1009\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Documents and Settings\Carl\recent
Description : list of recently opened documents



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 30

1:12:58 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:04.531
Objects scanned:59635
Objects identified:18
Objects ignored:1
New critical objects:17

I also can't veiw ebay items specifically or look at my email account, when I try the spyware crap loads up.

That one is particulry nasty, a big pain in a** to get rid of, got tiired of tracking down the hiding places of its 30 or so versions, and reformated my machine

just trash your comp and reformat it, best thing to do, or get a spyware killer which cost money, reformating just takes time..

Try CW Shredder, or maybe one of the many other programs that are on this site: http://www.spychecker.com/

What exactly does it mean to reformat the computer. Does it mean like you erase it all and then load it back up disc by disc.? Could I take it into Gateway and have them reformat it?

prolly or take it to best buy, but i think its a waste to do that, specially when i see those rich guys with their 3.2 ghz processors going into bestbuy for a "cleaning", dude just do it yourself ull learn a thing or too and if all else fails, then take it in.

A common source of adware and spyware is the holes in IE's security which are intentionally left open to allow easy updates of Windows over the internet, via Windows Update.
If Microsoft can install software on your computer via the web, there's nothing that prevents other people from doing so as well.

A good alernative to IE is Mozilla Firefox, which does not support Windows Update (I suggest that you use IE for that, and that alone).
http://www.ultimaterc.com/forums/showthread.php?s=&threadid=38597