Hi Siljaline - An FYI - CWSShredder also detects and removes re-direction of
lavasoft and spywareinfo, etc. from HOSTS files. That's fine as long as the
HOSTS file is only being used for blocking, but it also deletes them if you
use it (or also use it) for URL translation of your Favorites, for example.
In this case, you'll need to restore them after running CWSShredder.

--
Please respond in the same thread.
Regards, Jim Byrd, MS-MVP



In news:lrbbnv4r15p47l0po10522q72n04cq5k53@4ax.com,
siljaline <siljaline@invalid.com> typed:
>> <snip>
> Another update:
> * CWShredder 1.2 *
> * Updated for possible new 'info32.exe' variant
> * Updated for new SlawSearch variant (CTFMON32.EXE)
> * Updated to remove some more policy restrictions removing tabs in IE
> options
> * Now has instructions on patching the hole in MS Java VM!
> * 437 affiliate domains on the blacklist (we're still going strong)
>
> There is a new variant just surfacing that uses info32.exe, but I
> haven't received a
> complete sample of this. CWShredder may not completely remove this
> variant, and I'd
> appreciate it if anyone infected with it contacted me.
>> </snip>
>
> http://www.spywareinfo.com/~merijn/files/cwshredder.zip
>
> http://www.spywareinfo.com/~merijn/