CoolWebSearch survives removal attempts

Topic

New Reply

I’ve heard it said, possibly on one of the GRC forums, that NoAdware is, itself, spyware.

Reply | Quote

Replies

This is bad: I said “NoAdware” when I meant “AdAware!
Liberty Raynes, many thanks for your response, which woke me up to what I had done.
I’ll try to edit my original post to fix this.
yerubal

Reply | Quote

Moved from this thread which was already very, very long -Jefferson

Re CoolWebShredder and AdAware, that Ken kindly gave as ideas for removing the clever and stubborn
“coolwebsearch”, tried both of them (as well as counterspy) without getting rid of coolwebsearch entirely.
An IE “search” favorite and a desktop shortcut still reappear, leading to a CWS website.
AdAware actually has special instructions for CWS extirpation. During the AdAware recipe, I encountered
two items in one of the “temp” directories that could not be deleted, though, and I wondered about them.
This means the step of deleting all contents of one of these directories could not be done definitively.
Looking at their properties, the items seemed to have been created around bootup or shortly after,
and no indication of what they were created by. Haven’t sent the log to the NoAdware people yet, though.
If anyone has any other ideas, please advise.
Thanks,
yerubal NOTE: THIS POSTING HAS BEEN EDITED, AS ORIGINALLY I WROTE “NOADWARE”
CONSISTENTLY, WHEN I MEANT ADAWARE. APOLOGIES! –yerubal
Note re the two items in a Temp folder that couldn’t be deleted:
[why doesn’t the MS OS (XP) tell more than “being used by some program” or the like. WHICH program??
Before Win Explorer (deletion was attempted in an Explorer window), what was the last program to deposit
or touch them??
Attributes were OK. I did not try any heavy duty methods for deleting them. Something like booting in DOS
wouldn’t solve this, as equivalents would be created at next win bootup. I did use MSConfig diagnostic boot
in the first place, before applying the AdAware recipe.]

Reply | Quote

Try downloading Dr. Delete and using it on those “problem files” in the Temp directory. That will remove them. If they regenerate on the reboot (required for Dr. Delete to remove the files) then we’ll have to try a different route.

Try this and post back.

Reply | Quote

Take a close look at the listing in SysInternals’ AutoRuns and see whether you have any questionable programs or services starting up that might be creating the temp files. The information might be similar to the HijackThis logs you see posted here from time to time (but I’ve never used that program).

Reply | Quote