zznhl
Fri Feb 04 15:49:05 CST 2005
Malke, Hi
Thanx alot for your very detailed and usefull answer: I'll let you know if
it worked. And I'll certainly check out your EBC site.
"Malke" wrote:
> zznhl wrote:
>
> > How can I get rid of this scumbag hijacker and unwanted crap that my
> > kid unwittingly downloaded and accepted?!!!!!!
>
> Go through the following malware removal steps. It is crucial that you
> do everything with updated tools in Safe Mode:
>
> 1) Scan in Safe Mode with current version (not earlier than 2003)
> antivirus using updated definitions.
>
> Before you remove malware, get LSPFix (or WinSockFix for XP which you
> can get from MajorGeeks) - see links below.
>
> 2) Remove spyware with Spybot Search & Destroy and Ad-aware. These
> programs are free, so use them both since they complement each other.
> There is a new version of CWShredder from Intermute. I would not
> install the other Intermute programs, however. Alternately, there are
> CoolWebSearch malware removal steps at SilentRunners.
>
> Be sure to update these programs before running, and it is a good idea
> to do virus/spyware scans in Safe Mode. Make sure you are able to see
> all hidden files and extensions (View tab in Folder Options).
>
> If the malware remains even after you used Ad-aware and Spybot, you can
> scan with HijackThis. HijackThis is an excellent tool to discover and
> disable hijackers, but it requires expert skill. See below for
> HijackThis links, including sites where you can post your HJT logs. A
> combination of HijackThis and About:Buster works well in removing the
> About:Blank homepage hijacker. Again, this is an expert tool and
> novices should get help with it.
>
> 3) If you are running Windows ME or XP, you should disable/enable System
> Restore after the system is clean because malware will be in the
> Restore Points. With ME, you must disable System Restore completely.
> With XP, you can delete all but the most recent (presumably clean)
> System Restore point from the More Options section of Disk Cleanup
> (Run>cleanmgr).
>
> 4) Make sure you've visited Windows Update and applied all security
> patches. Do not install driver updates from Windows Update.
>
> 5) Run a firewall.
>
> Links to help with malware:
>
> Software/Methods:
>
http://www.safer-networking.org - Spybot Search & Destroy
>
http://www.lavasoftusa.com - Ad-aware
>
http://www.majorgeeks.com - good download site
>
http://www.intermute.com/spysubtract/cwshredder_download.html
>
http://www.silentrunners.org/sr_cwsremoval.html. - SilentRunners
>
http://www.cexx.org/lspfix.htm - Repair Winsock 2 settings after
> removing spyware
>
http://www.spychecker.com/program/winsockxpfix.html - WinsockXPFix.exe
>
> HijackThis:
>
http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Jim
> Eshelman
>
http://aumha.net - forums
>
http://spywarewarrior.com/viewforum.php?f=5 - Spyware Warrior HijackThis
> forum
>
http://www.wilderssecurity.com/
>
http://forums.tomcoyote.org/
>
> General:
>
http://aumha.net - look under "Security" for various forums
>
http://rgharper.mvps.org/cleanit.htm
>
http://mvps.org/winhelp2002/unwanted.htm
>
http://www.aumha.org/a/parasite.htm - The Parasite Fight
>
http://www.spywarewarrior.com/rogue_anti-spyware.htm
>
> Malke
> --
> MS MVP - Windows Shell/User
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"
>