CWS Small?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by parad0x, Sep 30, 2004.

  1. parad0x

    parad0x Private E-2

    Today when i looged on to the internet pop-ups kept appearing for no reason, i searched for spyware etc using Ad-Aware and Spybot which i just updated, Spybot said user abort which i had nt done myself and it said it had detected CoolWWWSearch.small im not sure of the specific name (I lost it) but apart from the pop ups there is a search bar, a shortcut to a program called poker and Internet Explorer Home Page has been changed to a website called mysearchnow, i ran CWShredder and it did not pick up anything and now Spybot isnt finding it, when i open task manager and go to processes there is two iexplore.exe processes. I am running Windows XP. Any help will be appreciated
     
  2. DaRkKn1qHt

    DaRkKn1qHt Private First Class

  3. Kodo

    Kodo SNATCHSQUATCH

  4. parad0x

    parad0x Private E-2

    Ok thanks i have noticed a file in Program Files called SafeUpDash when i open the foler it has a file called roam mode.exe, i tried deletig it but a error message saying it is already in use appears is this anything to do with HSA?
     
  5. Kodo

    Kodo SNATCHSQUATCH

  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    It has nothing to do with HSA! Lines like that are typically related to a trojan of some form. There many malware screen blanker applications that have file names like this with spaces in between words. Do as Kodo said and post you HJT log as an attachment. But please make sure you have run all the steps in http://forums.majorgeeks.com/showthread.php?t=35407 that he gave you first. You never indicated that you ran any of these steps.
     
  7. parad0x

    parad0x Private E-2

    I am trying to install sunjava by the following steps

    On step 5 the link takes me to the homepage and then when i go to download on the top of the page it says i already have Java installed but I have gone through all of the steps
     
  8. Kodo

    Kodo SNATCHSQUATCH

    those steps remove MICROSOFTS JVM ..not SUN's.
     
  9. parad0x

    parad0x Private E-2

    So did Firefox change it then to sun?
     
  10. Kodo

    Kodo SNATCHSQUATCH

    shoudl use SUN's by default . make sure the java check box is checked under the web options.
     
  11. parad0x

    parad0x Private E-2

    Ok thanks i was trying to download from firefox not internet explorer
     
  12. Kodo

    Kodo SNATCHSQUATCH

    if you download the package from sun it detects what browsers you have and installs accordingly.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds