Thread: CWS.Homesearch and Aboutblank
View Single Post
Old 08-26-2005, 12:28 PM   #4 (permalink)
skate_punk_21
1337 C0D3R
 
skate_punk_21's Avatar
 
Join Date: Mar 2005
Location: Canada
Posts: 1,457
OS: Server 2K3/XP Pro/XP MCE/Win 98/Ubuntu Linux/BackTrack 2

My System

Downloads
Download smitRem.exe and save the file to your desktop.
Double click on the file to extract it to it's own folder on the desktop.

Download CWShredder and run it. The File will ask where to install to, navgiate to your desktop and click install. Now double click the new desktop files CWShredder.exe and at the bottom click "check for updates" DO NOT RUN IT YET

I Noticed that you already have Ewido, PLease update its database definitions and close the program.

Open Notepad and copy/paste the following into it.
**Note: due to forum formatting you will have to remove the spaces between CURRE and NTVERSION IN BOTH LINES before saving the file.
Quote:
[-HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRE NTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\ARCHIVIOSEX.NET]
[-HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRE NTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\SGRUNT.BIZ]
Save the Above as Regfix.reg as file type "all types", save it to your desktop.


Boot Into Safe Mode
Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.

Double-click "regfix.reg" that we just created, and allow it to merge with the registry.

Run CWShredder and Click on 'I Agree' button if you agree with it. Click on 'Fix' (it will automatically fix anything it finds for you) and OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit.

Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

Run a Full system Scan in Ewido,
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido security suite.

File/Folder Deletions
Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.

C:\Documents and Settings\Olle\Desktop\DivX\DivX.Pro.v5.1.Incl.Keyg en-SSG.ShareReactor.exe
C:\DOCUMENTS AND SETTINGS\OLLE\START MENU\AntivirusGold 2.0.lnk

Reboot back to normal Mode

Please post the results of:
1. C:\smitfiles.txt
2. Ewido Log
__________________
Have I Helped you? Please Consider a Donation to TechSupportForums
Last edited by skate_punk_21; 08-26-2005 at 12:31 PM.
skate_punk_21 is offline