!!Infected with cool.exe Help!!

!!Infected with cool.exe Help!!
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Antivirus Discussions    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
!!Infected with cool.exe Help!! mismis29 08-09-2006
Posted by =?Utf-8?B?bWlzbWlzMjk=?= on August 9, 2006, 10:03 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I apologize if this is was double-posted.

I seem to have picked up a nasty called cool.exe. No matter how many times I
kill it in task manager and remove it from the system32 folder, it always
comes back. I have Avira antivirus, which I find is quite crappy, and it
doesnt pick it up. Ive run spybot, highjackthis to no avail. Whats worse is
that everytime I try to run Adaware, my whole computer shuts down. I have
Ewido, but its only a trial version and it doesnt seem to help anyway. I had
Norton antivirus but I hated it, it ate up too much resources and it caused
problems.

I REALLY need help getting rid of this cool.exe and I have no idea how.
Anyone who can help me get rid of this thing I would be eternally indebted to.

Posted by siljaline on August 10, 2006, 1:15 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Run a fresh HijackThis log and post it one of the below Forums for
expert analysis;

*Note, registration is required prior to posting a log.
- Not listed in any particular order -
(http://aumha.net/viewforum.php?f=30)
(http://www.spywarewarrior.com/viewforum.php?f=5)
(http://www.bleepingcomputer.com/forums/forum22.html)
(http://www.dslreports.com/forum/cleanup)
(http://www.cybertechhelp.com/forums/forumdisplay.php?f=25)
(http://www.atribune.org/forums/index.php?showforum=9)
(http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html)
(http://forums.spywareinfo.com/index.php?showforum=18)
(http://forum.networktechs.com/forumdisplay.php?f=130)
(http://forums.maddoktor2.com/index.php?showforum=17)
(http://forums.techguy.org/f54-s.html)
(http://forums.tomcoyote.org/index.php?showforum=27)
(http://forums.subratam.org/index.php?showforum=7)
(http://www.5starsupport.com/ipboard/index.php?showforum=18)
(http://www.malwarebytes.org/forums/index.php?showforum=7)
(http://www.wilderssecurity.com/forumdisplay.php?f=26)
(http://makephpbb.com/phpbb/viewforum.php?f=2)
(http://forums.techguy.org/54-security/)
(http://forums.security-central.us/forumdisplay.php?f=13)
(http://castlecops.com/forum67.html)
(http://gladiator-antivirus.com/forum/index.php?showforum=170)

Post back the URL where you posted your log, *not* the entire log.

Silj

--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address is invalid that we may all benefit.



Posted by =?Utf-8?B?bWlzbWlzMjk=?= on August 10, 2006, 1:29 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Ok thank you so much,Ill do that. Just onr thing tho, this thing doesnt
appear unless I'm connected to the internet,so should I run hikackthis wheile
im connected to the internet or when im not connected? oh, and should I do it
in safe mode?

Thanx.

"siljaline" wrote:

> Run a fresh HijackThis log and post it one of the below Forums for
> expert analysis;
>
> *Note, registration is required prior to posting a log.
> - Not listed in any particular order -
> (http://aumha.net/viewforum.php?f=30)
> (http://www.spywarewarrior.com/viewforum.php?f=5)
> (http://www.bleepingcomputer.com/forums/forum22.html)
> (http://www.dslreports.com/forum/cleanup)
> (http://www.cybertechhelp.com/forums/forumdisplay.php?f=25)
> (http://www.atribune.org/forums/index.php?showforum=9)
>
(http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html)
> (http://forums.spywareinfo.com/index.php?showforum=18)
> (http://forum.networktechs.com/forumdisplay.php?f=130)
> (http://forums.maddoktor2.com/index.php?showforum=17)
> (http://forums.techguy.org/f54-s.html)
> (http://forums.tomcoyote.org/index.php?showforum=27)
> (http://forums.subratam.org/index.php?showforum=7)
> (http://www.5starsupport.com/ipboard/index.php?showforum=18)
> (http://www.malwarebytes.org/forums/index.php?showforum=7)
> (http://www.wilderssecurity.com/forumdisplay.php?f=26)
> (http://makephpbb.com/phpbb/viewforum.php?f=2)
> (http://forums.techguy.org/54-security/)
> (http://forums.security-central.us/forumdisplay.php?f=13)
> (http://castlecops.com/forum67.html)
> (http://gladiator-antivirus.com/forum/index.php?showforum=170)
>
> Post back the URL where you posted your log, *not* the entire log.
>
> Silj
>
> --
> siljaline
>
> MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP
>
> Security Tools Updates
> http://aumha.net/viewforum.php?f=31
>
> Reply to group, as return address is invalid that we may all benefit.
>
>
>

Posted by =?Utf-8?B?bWlzbWlzMjk=?= on August 10, 2006, 1:30 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Ok thank you so much,Ill do that. Just onr thing tho, this thing doesnt
appear unless I'm connected to the internet,so should I run hikackthis while
im connected to the internet or when im not connected? oh, and should I do it
in safe mode?

Thanx.

"siljaline" wrote:

> Run a fresh HijackThis log and post it one of the below Forums for
> expert analysis;
>
> *Note, registration is required prior to posting a log.
> - Not listed in any particular order -
> (http://aumha.net/viewforum.php?f=30)
> (http://www.spywarewarrior.com/viewforum.php?f=5)
> (http://www.bleepingcomputer.com/forums/forum22.html)
> (http://www.dslreports.com/forum/cleanup)
> (http://www.cybertechhelp.com/forums/forumdisplay.php?f=25)
> (http://www.atribune.org/forums/index.php?showforum=9)
>
(http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html)
> (http://forums.spywareinfo.com/index.php?showforum=18)
> (http://forum.networktechs.com/forumdisplay.php?f=130)
> (http://forums.maddoktor2.com/index.php?showforum=17)
> (http://forums.techguy.org/f54-s.html)
> (http://forums.tomcoyote.org/index.php?showforum=27)
> (http://forums.subratam.org/index.php?showforum=7)
> (http://www.5starsupport.com/ipboard/index.php?showforum=18)
> (http://www.malwarebytes.org/forums/index.php?showforum=7)
> (http://www.wilderssecurity.com/forumdisplay.php?f=26)
> (http://makephpbb.com/phpbb/viewforum.php?f=2)
> (http://forums.techguy.org/54-security/)
> (http://forums.security-central.us/forumdisplay.php?f=13)
> (http://castlecops.com/forum67.html)
> (http://gladiator-antivirus.com/forum/index.php?showforum=170)
>
> Post back the URL where you posted your log, *not* the entire log.
>
> Silj
>
> --
> siljaline
>
> MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP
>
> Security Tools Updates
> http://aumha.net/viewforum.php?f=31
>
> Reply to group, as return address is invalid that we may all benefit.
>
>
>

Posted by siljaline on August 10, 2006, 1:06 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
"mismis29" wrote:
> Ok thank you so much,Ill do that. Just onr thing tho, this thing doesnt
> appear unless I'm connected to the internet,so should I run hikackthis while
> im connected to the internet or when im not connected? oh, and should I do it
> in safe mode?

This "thing" meaning HijackThis? Does _not_ have to connected to the Net
for use. Nor does it have to be run in Safe Mode unless instructed by an
Expert Handler at a Security Forum Board.

From your follow-up posts, it would appear you have a serious virus/Spyware
infestation! - please deal with it as soon as possible before your operating
system
is rendered useless.

Read this Tutorial *before* first use of HijackThis -
(http://www.bleepingcomputer.com/forums/index.php?showtutorial=42)

Run a (fresh) log and post it to one of the expert forums already posted in this
thread - post back the URL where you posted your log /not/ the entire log.

Silj

--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address is invalid that we may all benefit.



Similar ThreadsPosted
!!Infected with cool.exe Help!! August 9, 2006, 10:01 pm
Help I have been Infected October 1, 2006, 9:26 pm
HotPOP.com infected July 1, 2005, 4:33 pm
spyware infected July 24, 2005, 9:23 pm
Web Server infected? September 16, 2005, 2:58 pm
wininet.dll is infected October 1, 2005, 12:17 am
Can't handle infected PC. Please Help! April 15, 2006, 6:17 am
RE: Can't handle infected PC. Please Help! April 15, 2006, 1:10 pm
"Your computer is infected" July 1, 2006, 10:59 am
Help to identify what my PC is infected with August 30, 2006, 8:08 pm

The site map in XML format XML site map

Contact Us | Privacy Policy