Tech Support Forum - View Single Post

**Deckard** · 12-11-2006, 08:48 PM

We're almost done. Panda found a few more infections that I want to check on.

Download CWShredder
Download CWShredder and run it. Click Check for Update. Click on 'I Agree' button if you agree. Click on 'Fix' (it will automatically fix anything it finds for you) and then click OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit.

Download SmitfraudFix
Please delete any copy of SmitfraudFix you have (in C:\Documents and Settings\Dean\Desktop\Repair tools) and then download SmitfraudFix (by S!Ri) and save it to your Desktop.

Double-click the SmitfraudFix.exe file.
Select option #1 - Search by typing 1 and pressing "Enter".
A text file will appear which lists infected files (if present). This file will be saved as C:\rapport.txt.

Please copy/paste the content of that report into your next reply.

IMPORTANT: Do NOT run option #2 OR any other option until you are directed to do so!

Deletions
Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.

C:\WINDOWS\system32\cscbv.exe
C:\WINDOWS\uniq
C:\Online Pharmacy.url

Online Scan
Please perform an BitDefender Online Scan using Internet Explorer. Once finished, click on the Details button to view the results. To the upper right of the results you will see an option saying "Click here to export the scan results". Please do so and save it to your desktop. Copy and paste the results of the scan with your next post.

With Your Next Post...
Please paste the following with your next reply (in this order please):

The contents of C:\rapport.txt,
BitDefender scan report,
a new HiJackThis log taken after BitDefender finishes.

12-11-2006, 08:48 PM	#8 (permalink)
Deckard Mentor, Analyst - Security Team Join Date: May 2006 Location: Oregon Posts: 2,503 OS: MacOS X, Debian, OpenBSD, Windows	We're almost done. Panda found a few more infections that I want to check on. Download CWShredder Download CWShredder and run it. Click Check for Update. Click on 'I Agree' button if you agree. Click on 'Fix' (it will automatically fix anything it finds for you) and then click OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit. Download SmitfraudFix Please delete any copy of SmitfraudFix you have (in C:\Documents and Settings\Dean\Desktop\Repair tools) and then download SmitfraudFix (by S!Ri) and save it to your Desktop. Double-click the SmitfraudFix.exe file. Select option #1 - Search by typing 1 and pressing "Enter". A text file will appear which lists infected files (if present). This file will be saved as C:\rapport.txt. Please copy/paste the content of that report into your next reply. IMPORTANT: Do NOT run option #2 OR any other option until you are directed to do so! Deletions Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist. C:\WINDOWS\system32\cscbv.exe C:\WINDOWS\uniq C:\Online Pharmacy.url Online Scan Please perform an BitDefender Online Scan using Internet Explorer. Once finished, click on the Details button to view the results. To the upper right of the results you will see an option saying "Click here to export the scan results". Please do so and save it to your desktop. Copy and paste the results of the scan with your next post. With Your Next Post... Please paste the following with your next reply (in this order please): The contents of C:\rapport.txt, BitDefender scan report, a new HiJackThis log taken after BitDefender finishes. __________________ The chance to begin again in a golden land of opportunity and adventure. Need HijackThis help? Please read MicroBell's Five Step Process before posting. Please donate and help keep this site free to all. UNITE/ASAP: Proud member since 2006