For all trying to get rid of CWS.smartsearch.2
Posted 21 May 2004 - 09:11 PM
I am going to give you the simplist way to remove this virus from re creating itself
on your system.
Grab your windowsXP disk or a system boot disk that will allow you to access c:\
You will want to select restore (WinXP)
and access the windows terminal
this will drop you into C:\windows
If you have a file listed in there called
You are definatly being hit by CWS.smartsearch.2 /Hackerdefender
you can type
and it will list whats inside that file
this file will have all files it hides (keywords) like cwshredder, spybot, hijackthis ect ect
It will also list the drv file it creates.
This virus makes a file called Svhost.exe not SCVhost
and completely hides the file from Windows,Adware scanners, Virus scanners and the user, you will not be able to see this file in a normal boot only this boot process I have stated, but It can be in system process.
and you will be rid of the file closing your programs.
Boot windows normally and run all adware scans and online virus scanners e.g: www.trend.com - housecall
Hope this helps you all out.
Posted 21 May 2004 - 09:16 PM
Most of the time, but not all the time, CWS shredder and Hijackthis will not show this virus or its offspring files in the log files, Expecially if it has mutated.
Booting in safemode WILL NOT HELP YOU
it will continue to load itself and stealth even in safemode.
Edited by JArnoldOK, 21 May 2004 - 09:17 PM.
Posted 21 May 2004 - 10:52 PM
Open a command prompt and type
NET STOP HACKERDEFENDER100
This will make it so you can find the winuninst.ini file, post a copy of that file (open it with notepad) to the support forums and wait for further instructions.
Do a search of your registry for HACKERDEFENDER and delete any keys it is found in, if you are denied access to a key then right click it, choose security>permissions (or just permissions) and highlight "Administrators" then checkmark "full control" in the bottom pane. Click ok and then delete the offending key.
Edited by rand1038, 22 May 2004 - 06:22 PM.
Posted 21 May 2004 - 11:04 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users