Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice

Bootconf.exe << What the hell is this

766 Views 2 Replies 3 Participants Last post by  Davey7549
Ive got this file on my C drive (not in System32 folder) and nortons antivirus tells me its a trojan. How can I get rid of it...
Please Help
Not open for further replies.
1 - 3 of 3 Posts
Just for information since TB is on top of the situation......

----------- Bootconf -------------
CoolWebSearch/BootConf: drops a user CSS file in the same way as DataNotary, but pointing at Also hijacks the home page and all search settings to point to coolwebsearch, and hacks the DNS Hosts file to redirect access of MSN address-bar search to The site names are obfuscated using URL-encoding (%XX) to make them difficult to read. A program bootconf.exe is set up to run on every startup, resetting the hijack. Finally is added to the Trusted Sites list, along with, whom coolwebsearch are also impersonating.

Quote from


PS: Coolweb is a nasty nasty so follow Top Banana's suggestions to the tee getting all bits off your system.
1 - 3 of 3 Posts
Not open for further replies.