How can I remove this virus ??
 

I have adaware running and i got some virus thing which would attempt to contaminate my computer every startup. Someone else went to use my computer and accepted the changes and now I have some messed up homepage + messed up fovorites and a whole bunch of sex sites.

This are the messages from what the changes did:

How can I remove this?

why the hell did all those HAHAHAAHHAs come uP?

all those 'hahaha's look serious.

Format C now!

that's all i need.. some more good humor..

this fucken virus is killing me.how the hell do I remove it?

i tried a bunch of sites and antivirus shit and spyware shit nothing is working

Seriously, I don't know. It looks like the coolsearch virus that's going around and there seems to be a million and one variations.

I don't know anyone that's successfully removed it, much less how they did it.

Sorry to hear you got stuck with it though.

try these:
http://www.kephyr.com/misc/promo/scc...urce=bassindex
http://www.kephyr.com/spywarescanner...rce=bottomlink

Try this

http://www.securityworm.com/software...oolsearch.html


and then check - clean your hosts file.

Ooops! Sorry I can't help yur there.

for anyone else, this virus is comes from some popups on porn sites, so that's how I got it

I wasted a day, to find the way, but this how to remove that piece of shit for anyone else:

download and run:

http://fileforum.betanews.com/detail.php3?fid=965718306

download update and run:

http://www.spywareinfo.com/downloads...CWShredder.exe

download and run:

http://www.spywareinfo.com/downloads...HijackThis.exe

and delete any of these once the scan with HijackThis is done:


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mypoiskovik.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://mypoiskovik.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mypoiskovik.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homepage-network.com/start.cgi?hklm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hispeed.rogers.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://mypoiskovik.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,hahahahahaha Title = Microsoft Internet Explorer provided by Rogers Hi-Speed Internet
R3 - URLSearchHook: (no name) - {6CC1C918-AE8B-4373-A5B4-28BA1851E39A} - (no file)
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O14 - IERESET.INF: START_PAGE_URL=http://hispeed.rogers.com

now you can surt porn again all you want !!!