Dr. Watson's postmortem debugger - DodgeIntrepid.Net Forums - Dodge Intrepid, Concorde, 300m and Eagle Vision chat
 
LinkBack Thread Tools Rate Thread Display Modes
post #1 of 13 (permalink) Old 06-26-2006, 10:04 PM Thread Starter
Intrepid Pro
 
LOUD02Special's Avatar
 
Join Date: Mar 2003
Location: Smithfield, RI
Posts: 6,100
Feedback: 2 / 100%
                     
Dr. Watson's postmortem debugger

I caught it. Anybody know how to get rid of it?
LOUD02Special is offline  
Sponsored Links
Advertisement
 
post #2 of 13 (permalink) Old 06-26-2006, 10:41 PM
 
Join Date: Mar 2004
Posts: 1,186
Feedback: 0 / 0%
                     
I think Dr Watson is part of Windows XP and does something like log what the heck happened when programs crash.

It's not spyware or anything, just a part of WinXP that creates a useful log that can be used by others to troubleshoot what happened to your computer when it did what it did.
post #3 of 13 (permalink) Old 06-26-2006, 11:18 PM Thread Starter
Intrepid Pro
 
LOUD02Special's Avatar
 
Join Date: Mar 2003
Location: Smithfield, RI
Posts: 6,100
Feedback: 2 / 100%
                     
Dr. Watson itself is a legitimate program, there's a virus or some kind of tracker program from something called "CoolWebSearch" that's fucking with it. So far, still can't find a fix for it.

Most of what I'm finding has to do with installing a program called HiJack This, and fuckin around with lines in the programming.

Last edited by LOUD98ES; 06-27-2006 at 01:05 AM.
LOUD02Special is offline  
Sponsored Links
Advertisement
 
post #4 of 13 (permalink) Old 06-27-2006, 01:06 AM
Intrepid Modder
 
Join Date: May 2006
Location: Central IL
Posts: 338
Feedback: 0 / 0%
 
download spybot search and destroy

update it.

reboot the computer in safemode with no network support (hit F8 as soon as you get off the POST screen)

run spybot, click check for problems

then do the "immunize internet explorer for bad products"

Hope this helps

AJ
IntrepidHero is offline  
post #5 of 13 (permalink) Old 06-27-2006, 02:23 AM
Intrepid Pro
 
Join Date: Apr 2003
Location: SC
Posts: 3,552
Feedback: 3 / 100%
                     
Quote:
Originally Posted by IntrepidHero
download spybot search and destroy

update it.

reboot the computer in safemode with no network support (hit F8 as soon as you get off the POST screen)

run spybot, click check for problems

then do the "immunize internet explorer for bad products"

Hope this helps

AJ
That program is AWESOME! It along with Nortons and regularly scheduled updates, You just CANNOT go wrong. Everytime I see a computer with McAfee, I delete it and install those 2... I have YET to find less that 30 viruses, and over 50 spyware programs that McAfee misses... Anyways... You can do a google search for the Spybot Search and Destroy.. its on download.com. DO NOT download any imitations, or pay for it! Its free!
r0meo021 is offline  
post #6 of 13 (permalink) Old 06-27-2006, 02:43 AM
 
Join Date: Mar 2002
Posts: 3,025
Feedback: 0 / 0%
                     
I'm gonna venture a guess and say that this Cool Web Search is smarter than Spy Bot, at least it was about a year ago when I tried to get rid of it on someone else's computer. Neither Spy Bot nor Ad Aware could get rid of it at the time. Maybe they've come up with a way to get rid of it since? But yeah Loud, I know what you're talking about. I couldn't get the bitch to go away back about a year ago.

The computer was so freakin slow anyways, we just did a complete restore on it.
smc1377 is offline  
post #7 of 13 (permalink) Old 06-27-2006, 02:45 AM
Intrepid Pro
 
Join Date: Apr 2003
Location: SC
Posts: 3,552
Feedback: 3 / 100%
                     
Its on its list... and has removed it from the last 2 I did. Just be sure to update it, and run it in safe mode.
r0meo021 is offline  
post #8 of 13 (permalink) Old 06-27-2006, 02:58 AM
Intrepid Pro
 
wb6vpm's Avatar
 
Join Date: Jul 2004
Location: Riverside, CA
Posts: 2,546
Feedback: 1 / 100%
                     
cws can be very hard to get rid of, depending on which version u caught/how engrained it is in your OS
wb6vpm is offline  
post #9 of 13 (permalink) Old 06-27-2006, 02:58 AM
Intrepid Modder
 
Join Date: May 2006
Location: Central IL
Posts: 338
Feedback: 0 / 0%
 
yeah, the key to getting rid of this bastard is to run spybot in safemode w/out network support.

Safemode loads only the bare essentials to run the computer, nothing else. so when you manually start spybot it will be able to remove it because it will not be running in the background. if it is running in the background it will only get part of it, and the next time the computer is rebooted, coolweb will restore itself from the web. So you will be essentially chasing the little bastard all over the place and not getting rid of it.


AJ
IntrepidHero is offline  
post #10 of 13 (permalink) Old 06-27-2006, 06:04 AM
Intrepid Pro
 
Join Date: Aug 2005
Location: Arlington Texas
Posts: 2,823
Feedback: 1 / 100%
                     
The OFFICIAL Andrew's Electronics PC Cleanup Guide!

This is the "manual" I send to customers and family members that get SLAMMED!

Ok, so your PC got trashed, here's what to do before you resort to my to favorite commands, FORMAT C: and SETUP!

Step 1: Cut off the invaders!

Install a Firewall!!!!! --> www.zonelabs.com

ZoneAlarm is a nice firewall and their free version is just fine for the task at hand.

Download a HOSTS file and install according to the directions --> http://www.mvps.org/winhelp2002/hosts.htm

This particular HOSTS file tells Windows to look for sites listed in it at a certain address, in this case, 127.0.0.1, which is the local host IP address, in other words, a dead end! Needless to say, the sites that are redirected to loacalhost are not accessible. The sites in the HOSTS file you are downloading are the sites of advertising and spyware companies, they need to be stopped or the spyware apps may attempt to repair themselves or bring along some "friends".

Download IESPYAD and install according to the directions--> http://www.spywarewarrior.com/uiuc/resource.htm

IESPYAD contains a registry file that adds a LOT of spyware and ad sites to your Internet Explorer restricted sites list. Sites in the restricted zone are NOT allowed to download or run ANYTHING on your PC by default. This adds a LOT of protection, even if you do not use IE as your main web browser as IE is always running in some form or another, for example, Windows Media Player uses IE to display web content.

Step 2: Death To ALL!


Download, install, update and then do a FULL scan with the following programs:
Spybot Search & Destroy --> www.safer-networking.org
AdAware SE Personal --> www.lavasoftusa.com
Windows Defender --> www.microsoft.com

If you suspect Cool Web Search (CWS), get Cool Web Shredder --> http://www.trendmicro.com/cwshredder/

If the above fails to catch it all, get HijackThis! --> http://www.spywareinfo.com/~merijn/

If you do not know what to do with the results HijackThis! gives, just save the log file and let a computer expert help. You may post your hijackthis log on a spyware forum and they will help you.

If you cannot download the above tools because the infection is blocking access to security sites, download the files from a clean PC and burn them to CD. If the infection prevents you from installing, boot your PC in safe mode by pressing F8 at the first of the boot process.

If the system takes forever to boot or is so bogged down with junk that scans take forever, restart in safe mode as well.

NOTICE: Spybot also contains a immunization function, use it! The fastest update server for it is usually Safer Networking #1.

Delete EVERYTHING these progs find, none of it's good.

Step 2.5: Get some antivirus.

There are many good antivirus programs to choose from. Symantec's Norton Antivirus is my favorite, you can download a trial from www.symantec.com Use it to scan your PC and then head on down to Walmart and get the full copy.

If FREE antivirus is all you want, get AVG Free or Avast!

Step 3: Lock the backdoors!

Update your software FREQUENTLY! Turn ON automatic updates for Windows and Office if you have it. Go to Windows Update by opening Internet Explorer and selecting "Windows Update" in the Tools menu and follow the on screen instructions.

Don't forget to update your antispyware and antivirus tools too.

Step 4: Improve Perfomance


Ok, this is the easy part. Download a program called CCleaner at www.ccleaner.com. Run it with the default settings first, then customize what temporary files you want it to save later, right now we need it all gone to remove every last trace of the spyware.

After you run CCleaner's Windows, Application and Issues cleaners, restart your PC. After it restarts, defragment your hard disk. Defragmentation puts files in order on your PC's hard drive so the PC can find them faster, this speeds up your PC a LOT! To do this, go in the start menu to "Accessories" and select "System Tools" under Accessories. Under System Tools, you will find a program called Disk Defragmenter. Run it and defrag your hard drive. Don't bother analyzing, just do it. If you have not done this in a while, it may take a few hours.

Step 5: Help prevent this from happening again, use secure computing practices!

Here is a list of things you can do to prevent this from happening again:

DON'T use Internet Explorer!! Get Firefox at www.mozilla.com Firefox is considerably more secure than IE right now.

DON'T use Outlook! There's a reason we call it "Outbreak Express"! Use Mozilla Thunderbird instead, get it at www.mozilla.com

Keep your Antispyware and Antivirus tools current. Update them often and if the subscription to your antivirus lapses, renew it ASAP!

READ the license agreements BEFORE you install! Read the End User License Agreement (EULA) to ALL software you install, software that contains spyware or adware usually contains language like "Ad Supported" or "Special Offers"

Don't use spyware laden P2P clients! If you use P2P, get a P2P client that contains NO ads, get KC Easy at http://www.kceasy.com/ NOTE: Download songs illegally at your own risk, you could get a virus from an infected file or possibly a lawsuit and besides, a CD sounds much better. Use P2P responsibly.

Don't click on those ads that say you'll win something, there is ALWAYS a catch and these days the catch is usually giving up all your personal info and possibly installing spyware. That "Free" iPod is NEVER free!

Beware of ads that look like system error messages!! These are almost always an ad for spyware!

Beware of fake spyware removal tools! NEVER click on ads that say "Your PC is infected!" or something along those lines. If you do click, that ad will be telling the truth!

Beware of free smileys for your email or IM programs, free screensavers or other "cute" things. These are often LOADED with spyware. Check out the company first before you install.

Change your password often, and make it secure. Make your password at least 8 characters and make sure it contains both letters and numbers. The longer, the better! Long alphanumeric passwords are harder for automatic "brute force" password cracking utilities to decipher. Make sure the password you use is not a dictionary word and is not related to you in any way that is easy to guess.

An example of a BAD password: 123456 or johndoe. Never use simple passwords or worse, your name!

GOOD passwords are like this: goodpw001

Truly STRONG passwords contain letters, numbers and at least one special character: strongpw_001 or strongpw_001#

Oh yeah, I almost forgot this one: Keep stupid users OFF your machine!

Last edited by hardwareguy; 06-27-2006 at 06:10 AM.
hardwareguy is offline  
post #11 of 13 (permalink) Old 06-27-2006, 10:51 AM Thread Starter
Intrepid Pro
 
LOUD02Special's Avatar
 
Join Date: Mar 2003
Location: Smithfield, RI
Posts: 6,100
Feedback: 2 / 100%
                     
CoolWebShredder missed it, as well as spybot. I joined a spyware forum and posted my logfile, hopefully some time today I can kill this fucker.
LOUD02Special is offline  
post #12 of 13 (permalink) Old 06-29-2006, 01:18 AM
Intrepid Pro
 
Join Date: Apr 2003
Location: SC
Posts: 3,552
Feedback: 3 / 100%
                     
update?
r0meo021 is offline  
post #13 of 13 (permalink) Old 06-29-2006, 02:19 AM
 
Join Date: Aug 2003
Posts: 2,536
Feedback: 3 / 100%
                     
try crapcleaner and ad-aware. Once the cleaning is done, DO NOT SHUT DOWN YOUR PC. Lots of nasty spybots, etc, go memory resident and write themselves back to disk when the user does a convertional Windows Shutdown.

The only way to get rid of something like this is to run an appropo cleaner, and then PULL THE PLUG. Now leave the plug out for about 30 seconds, plug the machine back in and power up normally. Run your scanners/cleaners again.

Pulling the pulg in this way (of course) shuts the PC off is a rather hard and drastic fashon, but it bypasses the usual windows shutdown routine. This method (the Big Effin Hammer) has been known to work, I've used it myself.
'98-ESer is offline  
Sponsored Links
Advertisement
 
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the DodgeIntrepid.Net Forums - Dodge Intrepid, Concorde, 300m and Eagle Vision chat forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

Member names may only be composed of alpha-numeric characters. (A-Z and 0-9)

!!ATTENTION ADVERTISERS!! If you intend on advertising anything on this forum, whatsoever, you are required to first contact us here . Additionaly, we do NOT allow BUSINESS NAMES unless you are an Authorized Vendor. If you own a business, and want to do sales on this site via posting or private message, you will need to follow the rules. Shops, Stores, Distributors, Group Buys without being authorized will see your account terminated.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes Rate This Thread
Linear Mode Linear Mode
Rate This Thread:



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome