Tech Support Forum - View Single Post

**POADB** · 05-25-2005, 03:12 AM

Reboot to Safe mode and use killbox to kill these:

C:\WINNT\system32\porn1234.ico
C:\WINNT\system32\girl12.ico
C:\WINNT\system32\kill evidence 21.ico
C:\WINNT\system32\kill internet popups1.ico
C:\WINNT\system32\moviesgreen.ico

Navigate into the registry as you did before and delete the item in Bold:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\Ext\CLSID\

A question - what 'host thing' are you referring to? If it was HOSTERs - it should not have opened up in notepad, it should have been an EXE.

Run the scans again in Normal Mode. No need for an mwave this time.. just a Findit and an HJT scan please.

PS - as long as you have virus protection, you may uninstall ewido.

05-25-2005, 03:12 AM	#22 (permalink)
POADB Moderator, Microsoft Support Join Date: Jul 2004 Location: United Kingdom Posts: 6,482 OS: XP SP2	Reboot to Safe mode and use killbox to kill these: C:\WINNT\system32\porn1234.ico C:\WINNT\system32\girl12.ico C:\WINNT\system32\kill evidence 21.ico C:\WINNT\system32\kill internet popups1.ico C:\WINNT\system32\moviesgreen.ico Navigate into the registry as you did before and delete the item in Bold: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\Ext\CLSID\ A question - what 'host thing' are you referring to? If it was HOSTERs - it should not have opened up in notepad, it should have been an EXE. Run the scans again in Normal Mode. No need for an mwave this time.. just a Findit and an HJT scan please. PS - as long as you have virus protection, you may uninstall ewido. __________________ Last edited by POADB; 05-25-2005 at 03:29 AM.