Posted on 08/06/2005 3:55:42 PM PDT by anymouse
A company that develops antispyware software believes it has found a massive identity theft ring that appears to be using the evil and persistent CoolWebSearch spyware program.
Anyone who's been unfortunate enough to be infected with CoolWebSearch knows that a bear it is to remove. If Sunbelt Software is correct, while it clings to your hard drive it's sending private information to evildoers:
In some recent research into a spyware exploit, our research team has discovered a massive identity theft ring.
We also found the keylogger transcript files that are being uploaded to the servers.
This is real spyware stuff-chat sessions, user names, passwords, bank information, etc. We have confirmed that this data is valid. Highly personal information, including even one fellow who has a penchant for pedophilia -- all logged in detail and returned a webserver.
Sunbelt's Alex Eckelberry said the company has contacted the FBI to let them know that "we're sitting upon literally thousands of pages of stolen identities that are being used right now." The FBI responded and is on the case, he says.
He plans on making some of the transcripts public:
I will be providing more later as well as some (redacted) samples of what the files look like.
This was discovered by Patrick Jordan, a senior staff researcher here. Patrick is a veteran of spyware, and even he admits to never having seen something like this before. It's pretty staggering.
Spyware is a genuinely dangerous threat. If you know you've got it and you've delayed taking action because it will take time or seem intimidating, wait no longer. Use my guide for removing spyware to get started.
The best tool for whacking it, in my opinion, is Microsoft AntiSpyware.
There's a good tool just for removing CoolWebSearch called CWShredder, but there are so many variants that it's not 100 percent effective.
CWS blocked all of my secure sites. A Microsoft tech at the 800 number told me what it was and how to get rid of it. It took about a half an hour with him, and then another two hours to do a complete scan with spybot, norton, and clean disc security before it was clean. We also notified the bank and visa. All in all, a real pain in the a**..
4. CWShredder - Defeat CoolWebSearch - Download CWShredder Free ... coolwebsearch Coolwebsearch virus Coolwebsearch remover InterMute - CWShredder - remove coolwebsearch cool web search - download cwshredder free Enterprise SMB Personal SpySubtrac... www.intermute.com/spysubtract/cwshredder_download....
[Found on MSN Search, Google, Yahoo!]
5. Remove Coolwebsearch Virus
Remove coolwebsearch. As seen on CNN. Over 20 million users cant be wrong. Free scan.
Sponsored by: www.removespywareforever.com [Found on Y!SM]
Welcome to the CoolWebSearch Chronicles
I have not yet come across ANY data provided in re WHO launched/devised CWS. The CWS primarily directs "browners" to porn, and child porn.
bump
Can you jot down a paragraph on the ins and outs of limited accounts, the why's and wherefore's? Thanks.
You'd go to the administrator account and create a new user. This user would have the most restrictive permissions possible, and when you boot XP, you'd log in as that user. Surf using that one.
But it shouldn't be a problem if you always decline attempts to install. Never use their buttons.... close the window using the little red x at the upper right corner.... they can lie when labeling the button, and 'cancel' might be programmed to install something. Can't happen if you use the red x.
Limited User Accounts @ http://www.pcmag.com/article2/0,1759,1683498,00.asp
still everything has limitations & no substitution for having a well secured fence around your property. make good use of virus protection(ie F-secure), firewall protection(ie Zone Labs), & spyware cleaning protection(ie SpyBot). life & living is a risk!! BTW, you might look at this http://www.ccleaner.com/
Thanks guys!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.