I am trying to fix a friends computer that had a lot of malware. I was able to remove most of it and was suggested to try Ewido to remove the rest. I downloaded it, installed it, and got the updates. Then I booted in Safe Mode and tried to run the complete scan. I froze during the memory scan. I tried just a memory scan and it froze at the same place. If it helps the memory location it freezes on is [580] VM_7FFE0000
Any suggestions to get this running so I can remove the 628 infected objects it found????

Is there a scan log that you can post, or just tell us what infected objects if found? Also, for certain trojans like Vundo you have to run the special removal tools from Atribune before you run Ewido. Plus, if you are dealing with a rootkit, it is best to run F-Secures Blacklight in regular mode and then run Ewido in safe mode.
http://www.atribune.org/
http://www.f-secure.com/blacklight/help/
I hope these suggestion help. Please post whatever information you have about what objects Ewido is detecting. Good Luck.

The the objects it finds are CoolWebSearch. It finds them in the registry. I have run CWS Shredder and it doesn't detect anything. I tell Ewido to remove them but when I run Ewido again, the same ones are there, maybe because the scan doesn't complete? What kind of log do you want HJT, or a log from Ewido? Ewido never completes the scan so it doesn't create a log.

Dusteater

We no longer analyze hijack logs here. I would suggest this site. http://www.bfccomputerhelp.com/index.php?act=idx

Will Ewido generate a scan log if you have to stop the scan before it is finished? I have never had that happen, but I thought it might create a log for what the scan had found up to the point it was stopped. Does anyone have experience with this situation?

No Ewido does not create a log. It freezes and does nothing. I could try a scan and leave out the memory. But if it is freezing on a memory location, isn't that a bad thing????

Yes, it is a bad thing. You should try using customs scans and complete as much of the complete scan as possible, unless you have already solved the problem by now. There are instructions for that here:
http://castlecops.com/t137442-CCSP_Ewido_Install_and_Scan_Instructions.html
-{ Quote: "Note: DO NOT USE the computer while Ewido is scanning. If Explorer or the Control Panel are opened some malware types will reinfect your system or will not be cleaned properly.

Note: If Ewido "crashes" or "hangs" during the scan, try scanning again by doing this:
1. Scan one sector of the system at a time by using the "Custom Scan" feature. To do this select Scanner > Custom Scan and click on Add drive/directory/file. Browse to C:\Windows > System, add this folder to the list and click on "Start Scan". When the scan is complete, repeat the Custom Scan but this time, browse to and add the System32 folder. Then keep repeating this procedure until all your folders have been scanned. Make sure you include the Documents & Settings folder.

2. If this still does not help, then turn the ADS scanner off while making a Custom Scan. To do this select Scanner > Scan Settings and untick "Scan in NTFS Alternate Data Streams". Then repeat the steps above for performing a Custom Scan." }-Also, if you have not done so already, you really should install the program HijackThis and have a scan log analyzed here:
http://castlecops.com/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html

http://wiki.castlecops.com/Malware_Removal:_Getting_Expert_Help_With_Your_HijackThis_Log