idgsearch.com - CWS.Googlems - New variant ??

Discussion in 'SpywareBlaster & Other Forum' started by Azee, Nov 24, 2003.

Thread Status:
Not open for further replies.
  1. Azee

    Azee Guest

    I downloaded SpywareBlaster and SpywareGuard a
    week ago and I have the latest updates 11/23/03, but somehow yesterday I got my broser hijacked by http://www.idgsearch.com and CWS.Googlems and strange things started to happen like going to different search pages and files associations were
    changed.

    o_OI had run SpywareBlaster and I have SpywareGuard
    enabled on the system tray.

    SpywareGuard alrted me about the attempted page
    hijacking and the action taken was always "Restore
    the Old Value" and is indicated on the program reports, but the spyware got through anyway,
    and SpywareBlaster did not pick it up.

    Is this a new variant of spyware o_O

    PS: I finally was able to identify it and remove with
    another program that recognized CWS.Googlems.

    Anyway I like your programs and I'll check back for
    your answer.

    Thanks ............Azee
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Hi Azee,

    Yes it is a new variant of a wellknown family of hijackers.
    As you can see here: http://www.spywareinfoforum.com/~merijn/cwschronicles.html they come up with a new pest every few days.
    I have a feeling the tool you used can be found on that page as well.

    Regards,

    Pieter
     
  3. Azee

    Azee Guest

    Hi Pieter

    Thanks for your answer.

    Yes this is the same tool that I downloaded from a
    different link.
    I found this page extremely interesting.

    Isn't what this company idgsearch.com is doing
    illegal or something ??. This people do not give anybody a chance to accept or decline installing this
    garbage nor they include a way to uninstall it, forcing
    folks to have to spend thousands of hours trying to
    repair their systems and sometimes having to start
    from scratch if it can't be removed in any other way.

    I'm a business person and I truly believe on the value
    of advertising, but who is ever gonna buy anything
    from this company after they do this garbage.

    At least with most SPAM, I do not see this kind of
    damage and I have the chance to delete it altogether

    There should be a way to report and stop this.

    Anyway, this are my two cents on the matter and
    again Thank you for your help.
     
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Hi Azee,

    I agree completely. Most of the variants of this family are actually targeted by Antivirus and AntiTrojan programs as well, because they went way over the limits of "normal" spyware.

    Even some of the porn-portals and casinos they link to complained about them.
    Unfortunately all (maybe fake) traces lead to Russia, so it's a bit difficult to go out and arrest them. :)

    Regards,

    Pieter
     
Thread Status:
Not open for further replies.