Jump to content


Photo

CWShredder 1.59.1 update button


  • Please log in to reply
5 replies to this topic

#1 happydog

happydog

    Member

  • New Member
  • Pip
  • 2 posts

Posted 04 July 2004 - 06:15 PM

I recently downloaded and installed CWShredder 1.59 from Major Geeks, and used it with no problems. Friday. I noticed the spywareinfo.com sites were unavailable, and I suspected a DOS attack from the bad guys. Yesterday I clicked the "Check for updates" button on the initial CWShredder.exe screen, and after the first notice that the site was unavailable, I got this notice:

Posted Image

Then this popped up when I clicked the OK button:

Posted Image

I clicked the Fix button, and it was supposedly clean. I then ran Spybot S&D 1.3 and it discovered a CoolWebSearch variant, which it neutralized. I also reinstalled CWShedder from Major Geeks. I use Firefox, do not download any file sharing software, games, or music, and have been meticulous about scanning with Adaware, Spybot, and Spywareblaster, as well as CWShredder and Hijack This. Could this have been some sort of redirect from the bad guys with downloaded the trojan, or did I just screw something up? I still get the same pop ups when I click on the update button, but haven't clicked the link button and have thus far remained uninfected. I have the latest patches, and did a deep scan with Adaware and found nothing new.

#2 kilt01

kilt01

    Member

  • Full Member
  • Pip
  • 13 posts

Posted 04 July 2004 - 07:41 PM

Just thought Id let you know I went throught the sam thing yesterday. I was infected and believe i have ditched this @#%%.

Kilt01

#3 sfollett

sfollett

    Member

  • New Member
  • Pip
  • 2 posts

Posted 05 July 2004 - 02:24 PM

Just thought Id let you know I went throught the sam thing yesterday. I was infected and believe i have ditched this @#%%.

Kilt01


I also had this happen to me yesterday. I was unable to run cwshredder and computer froze up. How did you get rid of this problem? Did I download something that wasn't the real cwshredder. I deleted it once and redownloaded it with the same results.

sfollett

#4 ravenwarrior

ravenwarrior

    Member

  • Full Member
  • Pip
  • 35 posts

Posted 05 July 2004 - 02:37 PM

Did you ever have to "End Task" CWShredder in the Task Manager? This has happened to me. If CwShredder froze up and you had to End Task, CW acts as if it's been terminated.

#5 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 05 July 2004 - 02:45 PM

According Merijn's website the symptoms are :
CWS.Smartsearch.2:
A mutation of this variant exists that attempts to close
CWShredder, HijackThis, Ad-Aware, Spybot S&D and the SpywareInfo forums when
they are opened.
It uses the filename IEXPLORER.EXE (note the extra 'R') and a different Registry value.
It drops a hosts file that blocks over two dozen anti-spyware sites.
CWShredder has been updated to circumvent this.
ErikAlbert
Simplicity is always brilliant.

#6 sfollett

sfollett

    Member

  • New Member
  • Pip
  • 2 posts

Posted 05 July 2004 - 07:47 PM

Did you ever have to "End Task" CWShredder in the Task Manager? This has happened to me. If CwShredder froze up and you had to End Task, CW acts as if it's been terminated.

I was unable to use the End Task. Nothing shut CWShredder down except turning the power off to the computer. I had none of the symptoms listed in the last post. Ad-Aware and Spybot ran just fine as well as Trojan Remover.
I think possibly SpywareBlaster kept it from infecting my computer. I have deleted CWShredder because I cannot make it run.

Sfollett




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button