swinny1710
Technical User
Hi;
I was reading another forum and a question was asked about CWS Scan Only, and a reader provided a very concise answer about the information contained in the log. I decided to try it myself, and based on that readers observations, and what I find in my log, I'm a little concerned about the CWS entries. The odd thing is, I show up as being clean when doing CWS Fix.
So, if someone can provide me with the following:
1) Am I infected? and
2) If so, what do I do?
Thanks
Pat
Found Hosts file: C:\WINDOWS\hosts (116 bytes, A)
Found CWS.Control (if filesize is over 50k) file: C:\WINDOWS\control.exe (2112 bytes, A)
CWS.Oslogo (if value is 2) Registry value: Domains: *.coolwebsearch.com [*] dword:4
CWS.Oslogo (if value is 2) Registry value: Domains: *.cool [*] dword:4
CWS.Googlems.2 (if value is 2) Registry value: Domains: *.xxxtoolbar.com [*] dword:4
CWS.Googlems.4 (if value is 2) Registry value: Domains: *.teensguru.com [*] dword:4
Registry value: DefaultPrefix (should be [] http://
Registry value: (should be [www] http://
Registry value: Mosaic Prefix (should be [mosaic] http://
Registry value: Home Prefix (should be [home] http://
Found Win.ini file: C:\WINDOWS\win.ini (8762 bytes, A)
Found line in Win.ini: load=
Found line in Win.ini: run=
Found System.ini file: C:\WINDOWS\system.ini (2417 bytes, A)
Found line in System.ini: shell=Explorer.exe
I was reading another forum and a question was asked about CWS Scan Only, and a reader provided a very concise answer about the information contained in the log. I decided to try it myself, and based on that readers observations, and what I find in my log, I'm a little concerned about the CWS entries. The odd thing is, I show up as being clean when doing CWS Fix.
So, if someone can provide me with the following:
1) Am I infected? and
2) If so, what do I do?
Thanks
Pat
Found Hosts file: C:\WINDOWS\hosts (116 bytes, A)
Found CWS.Control (if filesize is over 50k) file: C:\WINDOWS\control.exe (2112 bytes, A)
CWS.Oslogo (if value is 2) Registry value: Domains: *.coolwebsearch.com [*] dword:4
CWS.Oslogo (if value is 2) Registry value: Domains: *.cool [*] dword:4
CWS.Googlems.2 (if value is 2) Registry value: Domains: *.xxxtoolbar.com [*] dword:4
CWS.Googlems.4 (if value is 2) Registry value: Domains: *.teensguru.com [*] dword:4
Registry value: DefaultPrefix (should be [] http://
Registry value: (should be [www] http://
Registry value: Mosaic Prefix (should be [mosaic] http://
Registry value: Home Prefix (should be [home] http://
Found Win.ini file: C:\WINDOWS\win.ini (8762 bytes, A)
Found line in Win.ini: load=
Found line in Win.ini: run=
Found System.ini file: C:\WINDOWS\system.ini (2417 bytes, A)
Found line in System.ini: shell=Explorer.exe