|
WE HAVE MOVED. Please see our NEW Computer Forums |
11-26-2009: Sorry for the inconvenience. We finally upgraded to vBulletin 3 !! See you there, Larry Warez Monsters 4 Step Spyware Removal GuideGo to the Tech-Forums Discussion Home PagePosted by: Warez Monster [B]Warez Monsters 4 Step Spyware Removal Guide[/B] [b][color=#FF0000]Updated: 18 September 2006[/color][/b] Follow these instructions carefully and do what is said. If you can・t perform a step, then skip it, an example would be if you can・t get into safemode to scan your system, skip it and move on to the next. Please be precise in what your problem is. The more information I have the better I can help. Please name the Trojan, virus, Spyware you have and the affects it is having on your computer. An example would be your desktop has changed and you can・t change it or a program is asking you to scan your system and then once you let it scan it asks you to buy it so it can remove the problems. If you happen to view this guide before posting, please tell us that you already performed these steps so I don・t waste time in posting this guide up for you. If you have dial-up, I suggest you download these programs on another computer and then transfer them to the infected computer. Please be active with your posts meaning don't come here and state your issues, then have someone help you out but then you come back 2 weeks later. These issues need to be addressed ASAP. When posting your log, don't attach your log as a text document, copy and paste it to the forum. If you don・t know what you are doing, (I know you are just try to help) then please refrain from telling someone what to delete using Hijackthis as it can cause a system crash or other irreversible affects. Thanks for your cooperation. 1.) [B] Download ALL 13 programs and update ASAP if needed. [URL=http://www.majorgeeks.com/downloadget.php?id=3155&file=11&evp=3304750663b552982a8baee6434cfc13]HijackThis [/URL] Make sure you put Hijackthis! In the root of your drive (C:\HJT) IMPORTANT!! [/B][URL=http://www.majorgeeks.com/downloadget.php?id=506&file=11&evp=8dbaff7daca8f4b55bf695220993fc0f]Ad Aware SE Personal Free [/URL] [URL=http://www.majorgeeks.com/downloadget.php?id=4025&file=10&evp=6ac65226642ee253cc5268f7c31f3660]Ad-aware Messenger Service Plug-in [/URL] [URL=http://www.majorgeeks.com/downloadget.php?id=4283&file=10&evp=34312f31f5a8511bfb7cf839b1eaff0b]Ad-Aware VX2 Cleaner Plug-in [/URL] [URL=http://www.majorgeeks.com/downloadget.php?id=2471&file=11&evp=2470f9bfb0cc682334ff8c4459556118]Spybot Search and Destroy Free [/URL] [URL=http://download.tenebril.com/pub/bin/spycatcher-express.exe]Spy Catcher Express [/URL] [URL=http://www.bleepingcomputer.com/tutorials/tutorial42.html#NDiag]HijackThis Tutorial & Guide [/URL] [URL=http://siri.urz.free.fr/Fix/SmitfraudFix.zip]Smith fraud Fix [/URL] [URL=http://download.ewido.net/ewido-setup.exe]Ewido [/URL] [URL=http://www.filehippo.com/download_ccleaner/]CCleaner [/URL] [URL=http://www.stevengould.org/downloads/cleanup/CleanUp451.exe]Cleanup! [/URL] [URL=http://download.sysinternals.com/Files/RootkitRevealer.zip]Rootkit Revealer [/URL] [URL=http://www.trendmicro.com/cwshredder/]CWShredder [/URL] [URL=http://www.get-in-control.com/msconfig-cleanup/msconfig-cleanup-setup.exe]Msconfig Cleanup [/URL] 2.) [B] Update your System completely and remove offending programs [/B] Make sure your system is completely updated with all of Microsoft・s Updates including SP2 This service pack fixes a lot of Spyware issues, exploits, etc. NOTE: If your system is severely infected DO NOT INSTALL SP2 DOING SO CAN/WILL RENDER YOUR SYSTEM USELESS AND WILL BE TO BE REINSTALLED. [URL=http://www.microsoft.com/smallbusiness/resources/technology/security/steps_to_take_before_installing_windows_xp_sp2.mspx]Read this as to why not to install SP2 on an infected machine [/URL] Please visit at least 2 of these free online virus scanners [url]http://housecall.trendmicro.com/[/url] [url]http://www3.ca.com/virusinfo/virusscan.aspx[/url] [url]http://www.tenebril.com/scanner/main_scan.php[/url] Next go to Add/Remove Programs and uninstall any offending programs, here are some below: Note: If you have more than one antivirus installed, please remove one. If during the uninstall process you receive an access denied, just move on to the next one. You may be asked to visit the offending programs website to receive an uninstaller, do not do so, just ignore it, close it, and move on. If you are no sure about a specific program, look below. All programs in this site are offending and needs to be removed ASAP, even if you paid for it. [url]http://www.spywarewarrior.com/rogue_anti-spyware.htm[/url] 180 Search Assistant 180Solutions Active alert Ad Service AdTools AdTools Service Alexa toolbar BargainBuddy Bearshare Bullseye Networks CashBack CMDtel.exe Cosmi DH EasySearchBar Elite Sidebar Elite Toolbar Freeze Clip Art GAIN Gator Hotbar Outlook Tools Hotbar Web Tools HuntBar Internet Optimizer ISTbar ISTSvc Keyloggers Limewire MaxiFiles Media Access Media Gateway MySearch MyWay Search Bar MyWebSearch Morpheus Toolbar NavExcel Search Toolbar NavHelper ncase Oemji Toolbar Open Site Preview AdService Search Toolbar (HuntBar/WinTools) Sender.exe ShopperReports by Hotbar Sidefind SideSearch Slotchbar Spysheriff Spyware Warrior Spyware Soft Spot Software Update Manager SurfAccuracy SurfSideKick Upspiral Toolbar TurboDownload VBouncer Viewpoint Viewpoint Manager Viewpoint Media Player WareOut Warezp2p Web.exe WeatherBug Web Rebates Web Search Toolbar (WinTools) Webhancer WhenU (any entry) WeirdOnTheWeb Windows AdService Windows AdStatus Windows ServeAd WinTools WinTools Easy Installer WSEM Update Download Accelerator Plus Kazaa Kazaa Lite Kontiki Messenger Plus NetPumper NewDotNet P2P Networking StarWare WildTangent 3.) [B] MSCONFIG Entries removal [/B] Next step is to open MSCONFIG. Go to start, run, type Msconfig, press ok, go to the startup tab, then click disable all. Now re-check your antivirus, firewall or any other program that you absolutely need to be started up each and every time windows is restarted. Now rechecking these entries right now will result in deleted entries of your programs in the next step. Then you will need to reinstall that program. Then click apply, ok, but don・t reboot yet. NOTE: when you reboot, you will see the System Configuration Utility dialog box appear. Just put a checkmark in the box and press ok. NOTE: If you can not open MSCONFIG, TASK MANAGER OR REGEDIT, just move to the next step or download it to your desktop below and then perform the task: [URL=http://www.dougknox.com/xp/utils/xp_emergencyutil.zip]Download MSCONFIG, REGEDIT, and TASK MANAGER to your desktop [/URL] Next run Msconfig Cleanup after you unchecked the items you were told to uncheck and recheck, click "Select All", then click "Clean up Selected", then click "Quit". Make sure your antivirus and firewall are not checked. If you delete your antivirus and firewall entries, you will need to reinstall them so be sure to check them and don・t reboot. 4.) [B] It's time to scan your system [/B] Start off with any Spyware program. Make sure you update it. Make sure all IE, FF, Opera windows are closed. The only program(s) that need to be running are the Spyware scanners and your antivirus. Please do not quarantine anything. Please delete everything. [B]For Lavasoft Adaware SE 1.6, configure it by following these steps:[/B] Open Adaware, click on Scan Now Then click on Use Custom Scanning Options, and then click Customize Click on Scan within archives Click on Advanced, then click on Move deleted files to the recycle bin Then click on Tweak, and select Scanning Engine, then select Run Scan as a background process for low CPU usage. Click on Tweak and choose Write protect system files after repair Then click on Proceed and select Search for low risk threats Click next and let it scan. Make sure you remove every thing is finds. You may need to run this program more than once depending on how bad you are infected. [B]For Ad-aware Messenger Service Plug-in, just install it[/B]. It may as you to reboot, don・t reboot yet. You will run Adaware SE 1.6 again after you reboot. This program is a plug-in for Adaware SE along with the VX2 Cleaner. [B]For Spybot Search and Destroy 1.4, configure it by following these steps:[/B] Open Spybot, make sure it is updated. Click on Mode, then select Advanced Mode, select yes at the prompt. Click on Settings, then scroll down the list to uncheck Create Backup Copies, there are 3 that need to be unchecked. Then click on Tools and select Resident. Make sure Tea Timer is selected and not Ad-watch. Then select IE Tweaks and make sure under Miscellaneous Locks that all 3 boxes are checked. Then scan your system. Make sure you remove every thing is finds. You may need to run this program more than once depending on how bad you are infected. [B]For Ewido 4.0, configure it by following these steps:[/B] Open Ewido and make sure it is updated Click on Scanner, then settings and put a check mark in Scan every file under What to Scan. Ewido may find items like VNC, RadMin, or any other Remote Control Tools; if you know that those programs are legit, click on ignore and put a checkmark in the box to always perform this option for these types of programs. If it not legit, select remove. Ewido will take a while to scan your system so be patient as this whole process can take about 15 to 30 minutes depending on the speed of your computer. Ewido is not free and the updates will expire in 15 days. That means after 15 days you will no longer be able to update the program but you can still use it fully functional after the 15 days. On systems with 512mb memory or less, I would recommend not have it in your taskbar as it will slow your computer down. [B]For CCleaner, configure it by following these steps:[/B] Open CCleaner Click on Cleaner and make sure all the boxes are check, select yes to the prompts Then click Run Cleaner. Put a check mark in the box then scan your system. This may take several passes to complete After the scan complete, click on the Applications tab and click on Run Cleaner Then click on Issues, and then click on Scan for Issues Select yes or no if you want to have your registry backed up. Then click on Fix Selected Issues. [B]For Cleanup! Just run it. [/B] If you want to run a full system scan, click on Options and select everything you want it to clean. Selecting everything will delete all your favorites so make sure that is what you want. Then let it scan your system. When it asks you to log off, select no. [B]For CWShredder, just run it[/B]. It will close any IE windows you have open. [B]For Smith Fraud Fix, configure it by following these steps: [/B] Extract all the archive content. Search: Double-click smitfraudfix.cmd Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt Clean: Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually) Double-click smitfraudfix.cmd Select 2 and hit Enter to delete infect files. You will be prompted: Do you want to clean the registry? Answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection. The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file? Answer Y (yes) and hit Enter to restore a clean file. A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt [B]For Hijackthis! [/B] 1. Open up the Hijackthis Program 2. Click on SCAN at the bottom. 3. Once it's finished click on Save Log and save it as a .txt file. [B]DO NOT FIX ANYTHING!![/B] 4. Paste the log onto the forum. Do not attach it. 5. Always start a new thread. Don・t add on to someone else・s thread but reply to your own thread, don・t start a new one. 6. We are not here 24/7 so we will look at your issues ASAP. Posted by: talldude123 Is this a new, updated version Warez? Because there's already one stickied at the top. Posted by: Warez Monster I updated it. Look there --> [url]http://www.tech-forums.net/showthread.php?threadid=119855[/url] Posted by: man4u_26 I would appretiate if someone cud list out the best softwares in each class. I have tried ADware SE free edition and webroot spysweeper. the later works much better Posted by: Warez Monster Ewido has the best detection ratio but they all catch someone the others dont so it always good to run mulitple scans with different programs Posted by: H4x3r it's like the old saying... "two hands are better then one" Posted by: baronvongogo warez I like your guide I use a similar one my self for helping people although I did get a smack on the wrist for suggesting vx cleaner and smithfraud in another online forum. As they said it could damage the pc and are only for certain types of spyware and viruses. Do you think there right at all? Personally I'm a firm believer in running everything even if it might not be on my comp its best to be safe than sorry but that's just me. Posted by: Warez Monster Well, I run a small side business fixing computers. I have ran those tools on many many computers and never had anything happen. I dont see why they say that. All its going to do is scan your pc and if nothing is there, then it can do anything. Simple as that. Sometimes they tell you to run those programs and it wont find anything so whats the difference? The same thing with msconfig startup entries. They tell you not to disable them or remove them, I dont know why but to this day, I ve never ever had an issue with doing that. So its up to you on what you want to do. Posted by: aff1993 how do you get those things like this one [url]http://img220.imageshack.us/img220/6044/userbar132583vd5.gif[/url] Posted by: hawaiian style ccleaner is really really super awsomly really good Posted by: MrCoffee maybe i'm just missing it, but I can'y see any rootkit scanners there.. Seems like a glaring omission to me. Posted by: Warez Monster you mean in my guide? Posted by: MrCoffee yeah? I mean, if you get a virus with a rootkit then your steps might not get rid of it. Posted by: Warez Monster [B]Warez Monsters 4 Step Spyware Removal Guide[/B] Follow these instructions carefully and do what is said. If you can・t perform a step, then skip it, an example would be if you can・t get into safemode to scan your system, skip it and move on to the next. Please be precise in what your problem is. The more information I have the better I can help. Please name the Trojan, virus, Spyware you have and the affects it is having on your computer. An example would be your desktop has changed and you can・t change it or a program is asking you to scan your system and then once you let it scan it asks you to buy it so it can remove the problems. If you happen to view this guide before posting, please tell us that you already performed these steps so I don・t waste time in posting this guide up for you. If you have dial-up, I suggest you download these programs on another computer and then transfer them to the infected computer. Please be active with your posts meaning don't come here and state your issues, then have someone help you out but then you come back 2 weeks later. These issues need to be addressed ASAP. When posting your log, don't attach your log as a text document, copy and paste it to the forum. If you don・t know what you are doing, (I know you are just try to help) then please refrain from telling someone what to delete using Hijackthis as it can cause a system crash or other irreversible affects. Thanks for your cooperation. 1.) [B] Download ALL 13 programs and update ASAP if needed. [URL=http://www.majorgeeks.com/downloadget.php?id=3155&file=11&evp=3304750663b552982a8baee6434cfc13]HijackThis [/URL] Make sure you put Hijackthis! In the root of your drive (C:\HJT) IMPORTANT!! [/B][URL=http://www.majorgeeks.com/downloadget.php?id=506&file=11&evp=8dbaff7daca8f4b55bf695220993fc0f]Ad Aware SE Personal Free [/URL] [URL=http://www.majorgeeks.com/downloadget.php?id=4025&file=10&evp=6ac65226642ee253cc5268f7c31f3660]Ad-aware Messenger Service Plug-in [/URL] [URL=http://www.majorgeeks.com/downloadget.php?id=4283&file=10&evp=34312f31f5a8511bfb7cf839b1eaff0b]Ad-Aware VX2 Cleaner Plug-in [/URL] [URL=http://www.majorgeeks.com/downloadget.php?id=2471&file=11&evp=2470f9bfb0cc682334ff8c4459556118]Spybot Search and Destroy Free [/URL] [URL=http://download.tenebril.com/pub/bin/spycatcher-express.exe]Spy Catcher Express [/URL] [URL=http://www.bleepingcomputer.com/tutorials/tutorial42.html#NDiag]HijackThis Tutorial & Guide [/URL] [URL=http://siri.urz.free.fr/Fix/SmitfraudFix.zip]Smith fraud Fix [/URL] [URL=http://download.ewido.net/ewido-setup.exe]Ewido [/URL] [URL=http://www.filehippo.com/download_ccleaner/]CCleaner [/URL] [URL=http://www.stevengould.org/downloads/cleanup/CleanUp451.exe]Cleanup! [/URL] [URL=http://download.sysinternals.com/Files/RootkitRevealer.zip]Rootkit Revealer [/URL] [URL=http://www.trendmicro.com/cwshredder/]CWShredder [/URL] [URL=http://www.get-in-control.com/msconfig-cleanup/msconfig-cleanup-setup.exe]Msconfig Cleanup [/URL] 2.) [B] Update your System completely and remove offending programs [/B] Make sure your system is completely updated with all of Microsoft・s Updates including SP2 This service pack fixes a lot of Spyware issues, exploits, etc. NOTE: If your system is severely infected DO NOT INSTALL SP2 DOING SO CAN/WILL RENDER YOUR SYSTEM USELESS AND WILL BE TO BE REINSTALLED. [URL=http://www.microsoft.com/smallbusiness/resources/technology/security/steps_to_take_before_installing_windows_xp_sp2.mspx]Read this as to why not to install SP2 on an infected machine [/URL] Please visit at least 2 of these free online virus scanners [url]http://housecall.trendmicro.com/[/url] [url]http://www3.ca.com/virusinfo/virusscan.aspx[/url] [url]http://www.tenebril.com/scanner/main_scan.php[/url] Next go to Add/Remove Programs and uninstall any offending programs, here are some below: Note: If you have more than one antivirus installed, please remove one. If during the uninstall process you receive an access denied, just move on to the next one. You may be asked to visit the offending programs website to receive an uninstaller, do not do so, just ignore it, close it, and move on. If you are no sure about a specific program, look below. All programs in this site are offending and needs to be removed ASAP, even if you paid for it. [url]http://www.spywarewarrior.com/rogue_anti-spyware.htm[/url] 180 Search Assistant 180Solutions Active alert Ad Service AdTools AdTools Service Alexa toolbar BargainBuddy Bearshare Bullseye Networks CashBack CMDtel.exe Cosmi DH EasySearchBar Elite Sidebar Elite Toolbar Freeze Clip Art GAIN Gator Hotbar Outlook Tools Hotbar Web Tools HuntBar Internet Optimizer ISTbar ISTSvc Keyloggers Limewire MaxiFiles Media Access Media Gateway MySearch MyWay Search Bar MyWebSearch Morpheus Toolbar NavExcel Search Toolbar NavHelper ncase Oemji Toolbar Open Site Preview AdService Search Toolbar (HuntBar/WinTools) Sender.exe ShopperReports by Hotbar Sidefind SideSearch Slotchbar Spysheriff Spyware Warrior Spyware Soft Spot Software Update Manager SurfAccuracy SurfSideKick Upspiral Toolbar TurboDownload VBouncer Viewpoint Viewpoint Manager Viewpoint Media Player WareOut Warezp2p Web.exe WeatherBug Web Rebates Web Search Toolbar (WinTools) Webhancer WhenU (any entry) WeirdOnTheWeb Windows AdService Windows AdStatus Windows ServeAd WinTools WinTools Easy Installer WSEM Update Download Accelerator Plus Kazaa Kazaa Lite Kontiki Messenger Plus NetPumper NewDotNet P2P Networking StarWare WildTangent 3.) [B] MSCONFIG Entries removal [/B] Next step is to open MSCONFIG. Go to start, run, type Msconfig, press ok, go to the startup tab, then click disable all. Now re-check your antivirus, firewall or any other program that you absolutely need to be started up each and every time windows is restarted. Now rechecking these entries right now will result in deleted entries of your programs in the next step. Then you will need to reinstall that program. Then click apply, ok, but don・t reboot yet. NOTE: when you reboot, you will see the System Configuration Utility dialog box appear. Just put a checkmark in the box and press ok. NOTE: If you can not open MSCONFIG, TASK MANAGER OR REGEDIT, just move to the next step or download it to your desktop below and then perform the task: [URL=http://www.dougknox.com/xp/utils/xp_emergencyutil.zip]Download MSCONFIG, REGEDIT, and TASK MANAGER to your desktop [/URL] Next run Msconfig Cleanup after you unchecked the items you were told to uncheck and recheck, click "Select All", then click "Clean up Selected", then click "Quit". Make sure your antivirus and firewall are not checked. If you delete your antivirus and firewall entries, you will need to reinstall them so be sure to check them and don・t reboot. 4.) [B] It's time to scan your system [/B] Start off with any Spyware program. Make sure you update it. Make sure all IE, FF, Opera windows are closed. The only program(s) that need to be running are the Spyware scanners and your antivirus. Please do not quarantine anything. Please delete everything. [B]For Lavasoft Adaware SE 1.6, configure it by following these steps:[/B] Open Adaware, click on Scan Now Then click on Use Custom Scanning Options, and then click Customize Click on Scan within archives Click on Advanced, then click on Move deleted files to the recycle bin Then click on Tweak, and select Scanning Engine, then select Run Scan as a background process for low CPU usage. Click on Tweak and choose Write protect system files after repair Then click on Proceed and select Search for low risk threats Click next and let it scan. Make sure you remove every thing is finds. You may need to run this program more than once depending on how bad you are infected. [B]For Ad-aware Messenger Service Plug-in, just install it[/B]. It may as you to reboot, don・t reboot yet. You will run Adaware SE 1.6 again after you reboot. This program is a plug-in for Adaware SE along with the VX2 Cleaner. [B]For Spybot Search and Destroy 1.4, configure it by following these steps:[/B] Open Spybot, make sure it is updated. Click on Mode, then select Advanced Mode, select yes at the prompt. Click on Settings, then scroll down the list to uncheck Create Backup Copies, there are 3 that need to be unchecked. Then click on Tools and select Resident. Make sure Tea Timer is selected and not Ad-watch. Then select IE Tweaks and make sure under Miscellaneous Locks that all 3 boxes are checked. Then scan your system. Make sure you remove every thing is finds. You may need to run this program more than once depending on how bad you are infected. [B]For Ewido 4.0, configure it by following these steps:[/B] Open Ewido and make sure it is updated Click on Scanner, then settings and put a check mark in Scan every file under What to Scan. Ewido may find items like VNC, RadMin, or any other Remote Control Tools; if you know that those programs are legit, click on ignore and put a checkmark in the box to always perform this option for these types of programs. If it not legit, select remove. Ewido will take a while to scan your system so be patient as this whole process can take about 15 to 30 minutes depending on the speed of your computer. Ewido is not free and the updates will expire in 15 days. That means after 15 days you will no longer be able to update the program but you can still use it fully functional after the 15 days. On systems with 512mb memory or less, I would recommend not have it in your taskbar as it will slow your computer down. [B]For CCleaner, configure it by following these steps:[/B] Open CCleaner Click on Cleaner and make sure all the boxes are check, select yes to the prompts Then click Run Cleaner. Put a check mark in the box then scan your system. This may take several passes to complete After the scan complete, click on the Applications tab and click on Run Cleaner Then click on Issues, and then click on Scan for Issues Select yes or no if you want to have your registry backed up. Then click on Fix Selected Issues. [B]For Cleanup! Just run it. [/B] If you want to run a full system scan, click on Options and select everything you want it to clean. Selecting everything will delete all your favorites so make sure that is what you want. Then let it scan your system. When it asks you to log off, select no. [B]For CWShredder, just run it[/B]. It will close any IE windows you have open. [B]For Smith Fraud Fix, configure it by following these steps: [/B] Extract all the archive content. Search: Double-click smitfraudfix.cmd Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt Clean: Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually) Double-click smitfraudfix.cmd Select 2 and hit Enter to delete infect files. You will be prompted: Do you want to clean the registry? Answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection. The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file? Answer Y (yes) and hit Enter to restore a clean file. A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt [B]For Hijackthis! [/B] 1. Open up the Hijackthis Program 2. Click on SCAN at the bottom. 3. Once it's finished click on Save Log and save it as a .txt file. [B]DO NOT FIX ANYTHING!![/B] 4. Paste the log onto the forum. Do not attach it. 5. Always start a new thread. Don・t add on to someone else・s thread but reply to your own thread, don・t start a new one. 6. We are not here 24/7 so we will look at your issues ASAP. Posted by: baronvongogo you only put rootkit revealer in? AVG beta rootkit remover: [url]http://www.majorgeeks.com/AVG_Anti-Rootkit_d5249.html[/url] F secure Blacklight: [url]http://www.f-secure.com/blacklight/[/url] Bitdefender rootkit beta(register): [url]http://beta.bitdefender.com/login.php[/url] I have used rootkit revealer and it doesnt do much and to the average person, it could make them panic as it shows many entries that are not rootkits. You should have just edited your last one instead of pasting it all again :D Posted by: Warez Monster You cant edit a post after 24 hours..... Its one of the top 4 root kit scanners Sysinternals Tripwire RKHunter chkrootkit Posted by: MrCoffee yeah good stuff, I always use rootkit reveler, and blacklight. helped me out with a couple of tricky infestations. Posted by: DMo224 The original post has been updated. Dave :D Posted by: chinese I am a Chinese and a learner of Englsih and computer technology,but my English is not so good that I seldom browse the English forums.So I didn't know how you who are the foreigners to me to deal with the spyware on your PC. I had read some articles about this issue, I think the methods in China are better than yours. Why?I think the reson is there are much more such affending softwares in China.Someday I will translate the article and paste it on the forum. Posted by: Warez Monster well id like to see it Posted by: Jam3s-Zer0 [QUOTE][i]Originally posted by Warez Monster [/i] [B]well id like to see it [/B][/QUOTE] ya Posted by: SomeIranianKid sorry but how do you put hijack this in your root file? Posted by: Warez Monster C:\HJT Posted by: vipercrazed um ewido still lets me update the free version, might want to check that out or edit your thread Posted by: Jam3s-Zer0 Ewido has also changed its name to AVG Anti-Spyware 7.5. It is also a 30day trial. Posted by: baronvongogo this is the version i have currently installed on my pc: [url]http://free.grisoft.com/doc/20/lng/us/tpl/v5[/url] its been on longer than 30 days you just don't get active protection but it updates regularly and runs scans. Posted by: Jam3s-Zer0 It shouldn't have automatic online-updates after 30days. Posted by: baronvongogo well it may not be automatic but i assume you can still do it manually by clicking the button correct? I still think its a viable spyware removal option. Posted by: Jam3s-Zer0 Ya, it can be manually updated which I used to do anyway everytime I used it when I used to have it installed. Posted by: kold_fusion Holy crap dude. that is WAY more than 4 steps!! Posted by: Warez Monster 1 2 3 4 Posted by: macdawg "well it may not be automatic but i assume you can still do it manually by clicking the button correct?" correct "I still think its a viable spyware removal option." agreed Posted by: dawizhacker WOW, I couldn't run 12 of 13 programs, it appears i have 139 processes running. I fresh copy of windows could do the trick! Will be deleting windows in 48 hours! Posted by: blonde_cowgirl Thanks for the tips, but now when I start my computer, I get a message to press F1 to go to setup. When I do that I just go to Exit and press F10. Then after I log in the clock has to be reset. What's going on??? Posted by: Warez Monster what was wrong with your pc in the first place? Posted by: blonde_cowgirl My PC was running slow and freezing. Now when it is turned off overnight, the clock has to be reset. Posted by: superdave1984 [QUOTE][i]Originally posted by blonde_cowgirl [/i] [B]My PC was running slow and freezing. Now when it is turned off overnight, the clock has to be reset. [/B][/QUOTE] Sounds like you need a new CMOS battery. Posted by: blonde_cowgirl How expensive is that???!! Posted by: blonde_cowgirl Oh by the way, when I turn my computer back on it hasn't just lost minutes and hours - it has lost years! It is usually set for January 2003. Now I admit I would like to be younger, but I don't think the clock can help me - lol. Posted by: Warez Monster well i guess it depends on what type of battery you want. you can get a rolex battery for 150$ or get a generic mobo battery for maybe 3$ or less Posted by: Alexje4400 WAREZ Monster, hey can you explain the MSconfig step a little more in detail? I'm kind of a noob with that sort of thing, the wordind was a little confusing. Thanks Posted by: dkadmin Could you help me a bit with the smitfraud one, I couldn't figure out where the install file was Posted by: baronvongogo you dont install smitfraud you run the batch file it says in warez monsters guide how to use each progrsm. Posted by: Snake-Eyes SpyCatcher causes Steam to not load up. Just an FYI. I believe when you quarantine your computer, something in Steam gets quarantined. Posted by: alexsabree oh noes... no CounterStrike, im definatly not running that one Posted by: ben_ben THIS DOESNT WORK WARZE MONSTER IS AN IDIOT!!!!!!!!!! Posted by: baronvongogo Most often than not the user is at fault for problems with their pc, you sir are therefore an idiot it`ll teach you for downloading things you shouldn't. Posted by: Warez Monster [QUOTE][i]Originally posted by ben_ben [/i] [B]THIS DOESNT WORK WARZE MONSTER IS AN IDIOT!!!!!!!!!! [/B][/QUOTE] WTF?? what the **** is your problem? Posted by: ben_ben instead of posting the log on tech-forums.net go to hijackthis.de and post it there it is automatic and catches everything (a lot better) Posted by: Warez Monster you see, thats where you are wrong, it does not catch everything......... Please Visit the Online Configurator, Email Hosting, Internet Marketing , Computer Schools , Software for Real Estate , AAOutlook , Search Engine Site |