Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


CoolWWWSearch infection

  • Please log in to reply
2 replies to this topic

#1 kevguth


  • Members
  • 4 posts
  • Local time:01:04 AM

Posted 18 September 2005 - 11:39 AM

You guys probably cringe when you see this topic title. The reason I am posting is because I came across the following on this website and decided to do it:

Home Search Assistant / CWS_NS3 Removal / BackDoor-BDD Guide. (It was written in Oct 2004).

The entire process took a very long time. I really appreciate that somebody went throught the trouble of writing all of this down, but there are just a couple of kinks in it. Furthermore, when I was done and re-ran ad-aware personal SE and spybot at the very end (updated versions of both), both programs picked up multiple threats, and in particular spybot picked up multiple instances of CoolWWWSearch. I said "great"...

Here are the threats that still come up:
Trek Blue Error Nuker
Windows Security Center.AntiVirusOverride
Windows Security Center.FirewallDisableNotify

So here were the problems with the guide:
1. It doesn't mention that when you reboot your computer in safe mode, that you need networking ability to download a couple of additional files later in the process. During the process, I was forced to reboot my computer in safe mode with the networking ability in order to download said file(s).
Could this explain why I am still infected?

2. Not really a problem with the guide, but when I ran AboutBuster5:
- I was unable to update it (it wouldnt let me)
- It froze on both attempts on the same file which was "C:\WINDOWS\_default.pif:acvlm", and I could not continue the program.
Could this explain why I am still infected?

Thanks for the help.


BC AdBot (Login to Remove)


#2 tg1911


    Lord Spam Magnet

  • Members
  • 19,274 posts
  • Gender:Male
  • Location:SW Louisiana
  • Local time:12:04 AM

Posted 18 September 2005 - 11:56 AM

If you're infected with CoolWWWSearch, I suggest you post a HijackThis log for examination.
A member of the HijackThis Team will show you, step by step, how to disinfect your computer.

Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HJT forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 kevguth

  • Topic Starter

  • Members
  • 4 posts
  • Local time:01:04 AM

Posted 18 September 2005 - 12:18 PM

I appreciate the info, and I will post a HijackThis log.

On an unrelated issue, now I am unable to use my CD-rom drive....not sure if this is the appropriate forum for this question, but perhaps there is an easy fix:

syzygy.exe - Unable to Locate Component
This application has failed to start because wnaspi32.dll was not found. Re-installing the application may fix this problem.

If I download the wnaspi32.dll file, where would I extract it to? Thanks.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users