| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 45595 | 2004-05-27 06:35:00 | Browser Hijacker | sarel (2490) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 239703 | 2004-05-27 09:16:00 | Hi Sarel I noticed from your hijackthis log that you are running two Antivirus programs. This is not recommended as it can cause performance issues and clashes with each other. Try just running the one AV. :) |
Jen C (20) | ||
| 239704 | 2004-05-27 09:22:00 | sarel, try looking at this: www.spywareinfo.com More to follow from me, perhaps. Rob |
zqwerty (97) | ||
| 239705 | 2004-05-27 09:35:00 | I run AVG realtime only and only run the second one "on command" as a backup - eTrust Antivirus. That OK? Sarel |
sarel (2490) | ||
| 239706 | 2004-05-27 09:41:00 | Hello Sarel, To eliminate cws.msconfig, you will need to run cws shredder in safe mode, it will not remove this variant in normal mode. Also turn off system restore (turn it back on after you have removed the trojan) and check that the attributes of your temporary internet files have not been changed to read only (easiest way is to right click on the folder and change everything to archive, change it back to default after you have succesfully got rid of the trojan) It may pay to also make sure that system files and protected operating files are able to be viewed while doing this (set up in folder options control panel) This should allow you to get rid of it. Alan |
Alan Cottrell (624) | ||
| 239707 | 2004-05-27 09:45:00 | Murray I haven't got sny of these two files as suggested in the fix so ???? Sarel O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto |
sarel (2490) | ||
| 239708 | 2004-05-27 09:51:00 | Look at this: www.scumware.com I have some tools to remove Super Web Search, Godfather gave me the url but I can no longer find it. I could email them to you if you give me your addy, later on this thread. Rob. |
zqwerty (97) | ||
| 239709 | 2004-05-27 09:51:00 | Alan That was one of the first things I've tried - safe mode, because most of the post on a lot of boards mentioned to run CWShredder in safe mode - even in safe mode it said no problemo. Done the restore/attrib thingie as well - also one of the first things I've done Sarel |
sarel (2490) | ||
| 239710 | 2004-05-27 09:55:00 | Damn, I'll try that again. Read here: www.scumware.com Rob. |
zqwerty (97) | ||
| 239711 | 2004-05-27 09:56:00 | Hi zqwerty My email is veeeeeeeeery difficult to remember (LOL) sarel@clear.net.nz Thanks Sarel |
sarel (2490) | ||
| 239712 | 2004-05-27 10:05:00 | sarel, Hmmmmm, I have tried those specialist tools on my system right now after successfully using them about a week ago to un-instal SuperWebSearch put onto my system by Index.dat Viewer, and Spybot is telling me that one of the BHO's is being changed to yahoo.com. I might hold off sending them to you unless all else fails. I don't want to compound the problem. Rob. |
zqwerty (97) | ||
| 1 2 3 4 | |||||