I know there are no flames here, and that's good .... it's good to have a discussion about something and bounce it around without attacking each other! Flames, IMHO, are pointless ad hominem remarks made by those who cannot think of anything useful and constructive to say at the time .... clearly something that's NOT going on here.
Some browser hijackers, especially CoolWebSearch (CWS) are especially difficult to remove. Tricks it uses to get onto peoples systems include the following:Most people also consider browser hijackers to not be malware...some boobies popped up in front of your four year old when they type a search into the address bar, that's easily dealt with.
- Hijacking the accessibility user stylesheet (the oldest one)
- Multiple running processes that 'watch each others backs' - kill one off, and the other one restarts it
- An addedd service. Take a look here to see what this one does and how it's removed.
- A super-hidden DLL file. It is possible to load a file onto an XP system with strange permissions that cause it to go invisible, even when Show All Files is enabled and you use the Windows Find facility. Specialist tools have been written to find it and fix it, and zapping the Registry key cannot be done using the standard Windows Registry Editor.