Thread Tools Display Modes
11-07-07, 12:12 PM   #1
Tsurani
A Black Drake
 
Tsurani's Avatar
AddOn Author - Click to view addons
Join Date: Nov 2005
Posts: 81
[UPDATED] Slow System, Lag, Crashes, Virus, Spyware? Probable Fix

Finally updated!! there are some coding issues but I'll play with them when i have more free time

What you might be experiencing is what we like to call Malware / Spyware / Trojans / bad things, here is a little "How To" to fix those issues. And after you are done scanning your system please Defrag your system; you would be surprised as to how much speed you will pick up.

This "How To" is simply to help folks that might otherwise not be familiar with some of these applications and processes. And none of these programs except the anti-virus run in your background nor do they take up any recourses other than when you run them.


==========================

Make sure you don't have any viruses. Make sure you have an up-to-date virus checker on your system, and *gasp* actually use it once in a while.

If you don't have a virus checker and can't afford to buy one, go to Trend Micro's Free online virus Scanner, House Call: http://housecall.trendmicro.com

Although everyone should have an Antivirus (AV) Scanner and they should update it Daily, if you don't set it up to update automatically you will have to click the Update button.

If you're looking for an excellent AV light on resources NOD32 is for you. You can at least give it a try: http://www.eset.com/home/home.htm

Another Good and FREE scanner is AVG: http://free.grisoft.com/doc/1

Another thing to always do is to keep your system up to date from Microsoft (If it is a "special" copy of XP, uninstall KB892130 from the add/remove section [thanks monsterous2008]) http://update.microsoft.com/microsoftupdate/v6/ .

==========================

Please print out a copy of this overview and use it to check off each step as it is completed.

Throughout this guide you will see it says "post this HijackThis log to xxx" go HERE to get a list of forums that specialize in reading HijackThis logs.

Save this 'checklist' of removal programs you have run, because they will be asking you to provide them with that information when it comes time to post a HijackThis log. Good Luck!


==========================


before running any automatic cleaning programs or scanners, we request that you perform a Reference HijackThis scan and save the results tohijackthisref.log for later posting. This Reference HijackThis log will indicate what infections were present on your system and visible to HijackThis, prior to running any preliminary anti-malware tools. This log serves as an important baseline indicator to the person analyzing your HijackThis log, so be sure to save it properly.

To download and properly install HijackThis:

* Download the HijackThis Installer from Trendmicro by clicking HERE
* Save the HJT Installer to to folder of your choice, then navigate to that folder and double-click HJTInstall.exe to start the installation.
* When the Trend Micro HJT install box appears, click Install.
* HijackThis (HJT) will be installed in the C:\Program Files\Trend Micro\HijackThis folder by default and a desktop shortcut will be created.

To obtain your Reference HijackThis Log:

* Select the Do a system scan and save a logfile option
* HijackThis will analyze your system, and automatically open a notepad textfile containing the HijackThis log when the scan is finished.

To save the Reference HijackThis log:

* You must change the default log filename from hijackthis.log to hijackthisref.log
* The file hijackthisref.log will be saved in the C:\Program Files\Trend Micro\HijackThis folder.
* Make sure you are able to access hijackthisref.log for later posting, before moving on to the next step.

PLEASE DO NOT ATTEMPT TO FIX ANYTHING WITH HIJACKTHIS. MOST OF THE HJT LOG ENTRIES ARE CRITICAL TO THE PROPER FUNCTIONING OF YOUR COMPUTER. REMOVING ESSENTIAL ENTRIES CAN POTENTIALLY CAUSE SERIOUS DAMAGE TO YOUR COMPUTER

==========================

The Control Panel - Add/Remove Programs


The first place to look when attempting to remove spyware/adware threats is in the "Add/Remove Programs" utility in the Control Panel . Many questionable programs are installed into their own program folder, using the customary method provided by WIndows and bear recognizable names. You may find adware/spyware Toolbars (Not the trustworthy ones like Google, MSN, Yahoo or AOL), bogus search aids such as WinTools, or NavHelper (NavExcel), and a variety of other suspect programs.


After a program is uninstalled via "Add/Remove Programs", except in the most difficult cases, any remaining remnants will ordinarily be removed by the scanning programs we recommend. If you are unsure about whether or not to uninstall a specific program, you may find the answer in the

Bleeping Computer Uninstall Database. Another very useful resource is Uninstall Malware via Add/Remove Programs by chaslang.

Some additional spyware databases that may provide you with information about particular threats are The CounterSpy Threat Library and the Computer Associates Spyware Information Center If you cannot arrive at a definitive answer after consulting these resources, then leave the program intact and mention it when you post a reply.

==========================


Please temporarily disable any real time monitoring programs.

Some security programs with active monitoring processes are known to interfere with automatic scanners and can actually prevent HJT fixes from taking effect.

Please turn off or disable any of the following programs you may have, before running your preliminary scans and for the duration of your HJT cleanup (should you post a log). To do disable these programs, please follow the instructions provided in the respective sections. Some of these programs will automatically restart upon reboot, so you will have to repeat these disabling steps as required. After Malware Removal is complete, you should reactivate these protective programs if you do not intend to post a HijackThis log.

Spybot S&D (Teatimer)
  • Run Spybot-S&D in Advanced Mode.
  • If it is not already set to do this Go to the Mode menu select "Advanced Mode"
  • On the left hand side, Click on Tools
  • Then click on the Resident Icon in the List
  • Uncheck "Resident TeaTimer" and OK any prompts.
  • Restart your computer.


Ad-Aware Ad-Watch
  • Right click on the Ad-Watch icon in the system tray.
  • At the bottom of the screen there will be two checkable items called "Active" and "Automatic".
    Active: This will turn Ad-Watch On\Off without closing it
    Automatic: Suspicious activity will be blocked automatically
  • Uncheck both of those boxes.


Spywareguard
Right click the running icon of Spywareguard in the system tray to open the program. Then go to Menu, File, and choose Exit. It will automatically restart at next boot.


Windows Defender
  • Click on "Tools"
  • Click on "General Settings"
  • Scroll down to "Real-time protection options"
  • Uncheck "Turn on Real-time protection (recommended)"
  • Click "Save"


TrojanHunter Guard
  • Disable TrojanHunter Guard by right clicking on the icon in your System Tray.
  • Make sure that the program, TrojanHunter itself, is also closed/not running.


Disable SpySweeper

If you have Spy Sweeper version 4:
  • Open it, Click Options over on the left, then Program options
  • Uncheck load at windows startup.
  • Over to the left, Click shields and Uncheck all there.
  • Uncheck home page shield.
  • Uncheck automatically restore default without notification.
  • Reboot your machine for the changes to take effect before running HJT.

--------------

If you have SpySweeper version 5:


To disable SpySweeper Shields
  • Open SpySweeper.
  • Click Shield Settings on the right


(or Shields on the left, depending what screen you're on).
  • Click Internet Explorer and uncheck all items.
  • Click Windows System and uncheck all items.
  • Click Hosts File and uncheck all items.
  • Click Startup Programs and uncheck all items.
  • Close SpySweeper.
Reboot you computer, and ensure Spy Sweeper is disabled.


WinPatrol
Right-click the running icon of Winpatrol in the system tray and choose exit. It will automatically restart at next boot.


CounterSpy
  • Right-click the running icon of CounterSpy in the system tray.
  • With your mouse, hover over Active Protection Status (This should be enabled).
  • A menu will slide out and then you need to right click on "Disable Active Protection".


AVG Anti-Spyware (formerly ewido)
  • Open AVG Anti-Spyware by double-clicking the multi-colored box emblazoned with an 'S' in the system tray.
  • In the 'Resident Shield' section, toggle the AVG Anti-Spyware active protection 'off' by clicking 'Change state' which will then change the protection status to 'inactive'.
  • If you are instructed to reboot at any time during your cleanup, AVG Anti-Spyware will prompt you as to whether you would like to "Restart the Resident Shield".
  • Reply 'no' and set it to 'inactive' for the duration of your cleanup.


Spyware Doctor
  • From within Spyware Doctor, click the "OnGuard" button on the left side.
  • Uncheck "Activate OnGuard".


Prevx
  • Right click on the Prevx icon in your system tray at the bottom-right corner of your screen and choose Show Management Console..
  • On the Management Console click the Protection Level drop-down menu. You will see three levels:
    Maximum
    Off
    User Defined
  • To disable all protection set the level to Off. You will receive a prompt asking "You are about to change your security settings. Do you wish to continue?" Click Yes.
  • Click the X on the upper right hand corner to exit the Management console.


ProcessGuard
  • Right-click the blue lock ProcessGuard icon located in the system tray.
  • Uncheck 'protection enabled'
  • Click yes.


ZoneAlarm's OS Firewall
  • Go to the Program tab, then click "Main".
  • Press the first "Custom" button from the top.
  • Uncheck "Enable OS Firewall".
  • Click OK.

==========================
__________________

Last edited by Tsurani : 01-29-08 at 09:31 PM.
  Reply With Quote
11-07-07, 12:12 PM   #2
Tsurani
A Black Drake
 
Tsurani's Avatar
AddOn Author - Click to view addons
Join Date: Nov 2005
Posts: 81
Now please complete the following automatic malware detection and removal steps.

After you have installed the scanning programs listed below, please be sure to update them. A program is only effective if it updated with the latest definitions. Updating will help provide protection against the most recently introduced security threats.

==========================


Cleaning out the Crap:
Now "Clean out the Crap". By this we mean removing all the temporary, temporary Internet and other junk files that are stored on your computer. You may accomplish this by running CCleaner. CCleaner will not only clean out the garbage, but it will also remove malicious files which may be hiding in your temp folders. Make "Cleaning out the Crap" a part of your regular maintenance routine.


CCleaner (All versions of Windows including Vista)

CCleaner Download and Install Directions

For a basic version of CCleaner with no Yahoo Toolbar Uncheck "Add CCleaner Yahoo! Toolbar", as it is checked by default during CCleaner Setup


CCleaner Setup and Usage
  • Before first use, check under Options, Advanced, and UNCHECK "Only delete files in Windows Temp folder older than 48 hours".
  • A pop up box will appear advising this process will permanently delete files from your system.
  • Then select the items you wish to clean up. (See Note 1 below)
Code:
	In the Windows Tab:
			
				Clean all entries in the "Internet Explorer". If you prefer to keep your cookies, uncheck the Cookies entry. Deleting cookies will require re-entry of user names and passwords on next visit to sites that require users log in.

				Clean all the entries in the "Windows Explorer" section.

				Clean all entries in the "System" section.

				Clean all entries in the "Advanced" section.

				Clean any others that you choose.

			
			
			In the Applications Tab:
			
				Clean all (optionally, except cookies) in the Firefox/Mozilla section if you use it.

				Clean all in the Opera section if you use it.

				Clean Sun Java in the Internet Section. ==> Important: See Note 2 below before proceeding

				Clean any others that you choose.
  • Then click the "Run Cleaner" button and it will scan and clean your system. Click exit.


For operational help with CCleaner's setup and features please consult this screenshot tutorial

Note 1: To see a list of everything that CCleaner 'cleans' so you may customize the settings to suit your needs, click here

Note 2: If you run Yahoo's website design program called SiteBuilder do not check the option to clean out Sun Java, accessed under the Applications => Internet => Sun Java section as specified in Step 3 above.


++++++++++++++++++++++++++


ATF Cleaner (Win 98/ME/2K/XP and Vista)

Please download ATF Cleaner by Atribune.



This program is for Windows 98/ME/2K/XP and Vista
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Uncheck Cookies - only, if you choose to retain your cookies
  • Click the Empty Selected button.


If you use Firefox browser
  • Click Firefox at the top and choose: Select All
  • Uncheck Cookies - only, if you choose to retain your cookies
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.


If you use Opera browser
  • Click Opera at the top and choose: Select All
  • Uncheck Cookies - only, if you choose to retain your cookies
  • Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.


Click Exit. on the Main menu to close the program.


For Technical Support, double-click the e-mail address located at the bottom of each menu.

==========================
__________________

Last edited by Tsurani : 11-07-07 at 12:31 PM.
  Reply With Quote
11-07-07, 12:13 PM   #3
Tsurani
A Black Drake
 
Tsurani's Avatar
AddOn Author - Click to view addons
Join Date: Nov 2005
Posts: 81
Antispyware Scanners - Run at least one, preferably two - if your system is functioning well enough:


++++++++++++++++++++++++++

Ad-Aware (Win 98/Me/NT/2000/XP)

Download Ad-Aware 2007 and install it. If you already have Ad-aware 2007, please configure it per instructions below. If you have a previous version of Ad-Aware, please install the newest build

Launch Ad-Aware and update the Definition Files by clicking on 'Check for Updates now' in the lower right hand corner. Then, to run:
  • Click on "Scan now"
  • Uncheck "Search for negligible risk entries"
  • Check "Search for low risk entries"
  • Check "Perform a full system scan"
  • Click the "Next" button in the lower right hand corner. to begin scanning.
  • When the scan has completed, select Next.
  • In the Scanning Results window, select the "Scan Summary" tab.
  • Check the box next to each "target family" you wish to remove.
  • Click next, Click OK.
  • Shutdown/restart the computer.


++++++++++++++++++++++++++

SpyBot S&D (Win 95, 98, ME, 2K, XP, 2003, PE, Vista)

Supported Operating Systems
  • All Versions of Windows including Vista
  • Can be integrated into Vista Security Center - Monitors if Spybot-S&D is up-to-date and whether the permanent protection (TeaTimer) is running or not).

Download Spybot Search & Destroy and install it.
  • Run Spybot and allow it to create a backup of your registry when prompted.
  • Click on "Search for Updates".
  • If any updates are found, place a check mark next to each one.
  • Click on "Download Updates".
  • Click on "Immunize" [When it detects what has or has not been blocked, block all remaining items].
  • Do this by clicking the green plus sign next to immunize at the top.
  • Click on "Check for Problems" and if any problems are found, click on "Fix Selected Problems".
  • Reboot your computer.

Bleeping Computer's Setup & Configuration Instructions
Tom Coyote's Tutorial & Help


++++++++++++++++++++++++++

Windows Defender (Win XP SP2, Win 2003 SP1+, Vista) - This scanner will remove the Sony XCP DRM rootkit

Windows XP and Windows Server 2003 users can find information and download links for Windows Defender

Please note: The Microsoft download site will require you to validate your copy of Windows before allowing you to download this program. Only systems that are fully updated with all service packs will be allowed to download.

Supported Operating Systems
  • Windows Server 2003 Service Pack 1
  • Windows XP Service Pack 2
  • Vista (it comes installed with the Operating System so you don't need to download it)
  • Download and install the Windows Defender by checking the use recommended settings option.
  • When the installation has finished, allow the program to automatically update the definitions and perform a quick scan. This will only take a few minutes, but it is not enough to ensure you have a clean system.
  • Following the completion of the quick scan, click the white down arrow next to Scan, and then click Full Scan. The Full Scan option will allow Windows Defender to perform an in depth scan of your entire system which is necessary to detect any hidden spyware/adware threats.
  • When the full scan is complete, you will be presented with your spyware scan results.
  • Take the default action suggested by Windows Defender to deal with all threats found.
  • Once you have selected an action for all threats found in the spyware scan results, you will need to reboot your computer.

For more detailed instructions consult Beyond the Basics Help and How Tos and the Windows Defender FAQ

Note: Windows Defender will remove the rootkit portion of the Sony XCP DRM software.


++++++++++++++++++++++++++

SUPERAntiSpyware


SUPERAntiSypware (SAS) is free to home users

Supported Operating Systems
  • Windows 98, ME, 2000, XP, 2003, Vista


System Requirements
  • 400Mhz or faster Processor with atleast 256MB RAM


Download and install SUPERAntiSypware using the default settings
  • Double-click the SUPERAntiSpyware desktop icon to launch the program.
  • When you are asked to update the program definitions, click Yes.

Only if you are not prompted to update the definitions or already have SAS, select Check for Updates before scanning.


Program Setup

Select Preferences | Scanning Control

Check the following Scanner Options:

  • Close browsers before scanning.
  • Scan for tracking cookies.
  • Terminate memory threats before quarantining.

Click the Close button to leave the control center screen.


Scanning
  • On the main SAS screen, under Scan for Harmful Software select Scan your Computer.
  • On the left, make sure your primary drive (normally C:\Fixed Drive) is selected, plus any other hard drives that are connected to your system.
  • On the right, under Complete Scan, choose Perform Complete Scan.
  • Click Next to start the scan.
  • After the scan is complete, a Scan Summary box will appear listing potential threats that were detected. Click OK.
  • Check all detected threats, then click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click OK and then click the Finish to return to the main menu.
  • Reboot your computer


Retrieving the scan report

  • Relaunch SUPERAntispyware
  • Click Preferences | Statistics/Logs
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
  • If there are several logs, select the most recent and press View log. The SAS scan log will be displayed in your default text editor.
  • If you are posting a HJT log, and any threats (excuding cookies) were found - copy and paste the SAS Scan Log results in your HJT topic - along with your HJT log.
  • Click Close to exit the program.


If you have questions or need help, please refer the SUPERAntiSpyware Frequently Asked Questions.


++++++++++++++++++++++++++

Prevx2


Please note: Prevx2 provides the cleanup option only for 30 days of free use, thereafter it will only detect and not cleanup infections.

Supported Operating Systems
  • Windows 2000, Windows 2003 and Windows XP - a Beta version is available for Vista (32 and 64 bit)
  • Download and install Prevx2 by clicking the Download Now button.
  • When the installation has finished click on the Start Trial to activate and then reboot your system.
  • Allow the installation scan to complete after the reboot.
  • If malware is already running then the Process Scan will detect and launch the Cleanup routine.
  • Follow the directions on the screen.

==========================
__________________

Last edited by Tsurani : 11-07-07 at 12:31 PM.
  Reply With Quote
11-07-07, 12:13 PM   #4
Tsurani
A Black Drake
 
Tsurani's Avatar
AddOn Author - Click to view addons
Join Date: Nov 2005
Posts: 81
Before performing your Online AntiVirus Scan, please disable your own resident antivirus's real-time protection feature, to avoid any conflicts. Even if you have an up-to-date AntiVirus program on your system, it is still important to run an online scan, since some parasites may prevent your own anti-virus program from functioning properly or even disable it. Additionally, it does no harm to "get a 2nd opinion" with antivirus scanners because they often find different types of Spyware.


Preliminary Considerations:
  • Please do not re-enable your own AV's real time protection, until all the scans suggested in this tutorial have been completed.
  • In all cases, choose the option to save the scan report when the scan is complete.
  • Supported operating systems are indicated if that information was made available at the vendor's website.
  • Vista users


  • Must launch Internet Explorer as an Administrator to perform an online scan. To do so, right-click on the Internet Explorer icon in the Start Menu and select "Run as administrator" from the context menu.
  • Need to add the website address (url) of the antivirus scanner you are using to the Trusted Zone of Internet Explorer, for the scanner to function properly.
  • Launch Internet Explorer and navigate to the Antivirus scanner you have selected from the list of scanners we have suggested. (Vista Users: The ESET Nod32 Scanner is the only Vista compatible scanner that is out of Beta - so that is the scanner you should use)
  • On the Internet Explorer Menu or Toolbar, choose Tools | Internet Options and select the Security tab.
  • Choose Trusted Sites.
  • Click the Sites button.
  • Uncheck - "Require server verification (https:) for all sites in this zone".
  • The website address of the Antivirus Scanner you are using (for example, http://www.eset.com for the ESET Nod32 scanner) should appear in the open box labeled "Add this website to the zone".
  • Click the Add button.
  • Verify the url has been added to the trusted zone by inspected the Website listing in the bottom pane.
  • For Vista users, this will turn off Internet Explorer Protected Mode for the website you have just added to the trusted zone.
  • Click the Close button.



Perform at least one of the following scans:

The following scanners require a browser which supports active-X downloads (i.e. Internet Explorer).:




  • The Online Panda Scan flags both viruses and spyware, but will only disinfect viruses.
  • Please scan 'My computer' and save the log produced at the end of scan, because the HJT Team may request to see it later.





  • 64 bit versions of Windows are supported.
  • The scan report is saved by default in C:\Program Files\EsetOnlineScanner\log.txt




The F-Secure Online Virus Scanner has incorporated rootkit detection capabilities through its BlackLight engine. For Windows 2000 and XP only.
  • Javascript must be enabled to run this scanner.
  • Beta version supports Vista.






  • Bitdefender (Win 98/ME/2000/2003/NT/XP). Please see*Note below.




  • Removes viruses, spyware and hard disk clutter
  • Beta version supports Vista


The following scanner supports these browsers:
Internet Explorer - Netscape (6+) - Mozilla (1+) - Firefox (all):



Let the online AV scanner(s) auto clean whatever is detected and then reboot your system.

Note: Only if you are so severely infected that you cannot complete an online scan, even when run overnight, you may use a temporary solution, until a full online viral scan can be performed:
  • McAfee Stinger detects and disinfects many harmful and prevalent infections.
  • The Malicious Software Removal Tool (MSRT) detects and removes many prevalent and malicous threats.
  • [url=http://www.nanoscan.com/]Panda's Nanoscan scans your PC for active viruses, spyware and Trojans in about a minute (this scan uses behavioral characteristics to identify Spyware - not signatures, and is not a substitute for a full antivirus scan when it is possible).


Note: regarding the BitDefender Online Scanner: When a threat is detected by the the BitDefender Online scanner, it will first attempt to disinfect (repair) the file, and only if it cannot be repaired, it will delete it. However, you can elect to change the secondary action from delete to "Report Only" or "Prompt for User Action", so an infected system file is not deleted. This is the safest option to guard against false positives and system files that have been "patched" by Spyware. It is also the safest option if heuristics are used in detection, which they are by default.


  • The options which are checked (enabled) in the image are the BitDefender default scanning options, and they may be changed.

==========================
__________________

Last edited by Tsurani : 11-07-07 at 12:30 PM.
  Reply With Quote
11-07-07, 12:14 PM   #5
Tsurani
A Black Drake
 
Tsurani's Avatar
AddOn Author - Click to view addons
Join Date: Nov 2005
Posts: 81
Run atleast one Anti-trojan Scanner:


AVG Anti-Spyware Free (formerly ewido anti-spyware) runs on Windows 2000, XP and Vista (32 and 64 bit)


Only if you already have either AVG Anti-Spyware version 7.5.0.50 or the Vista compatible version 7.5.1.43, installed, then: (Otherwise proceed to Step 1)
  • Open AVG Anti-Spyware, make sure it is fully updated and then close it.
  • Do NOT run a scan yet.
  • Proceed to Step 2 below, so you may perform your ewido scan in safe mode.

Step 1 - Download, Install, and Update AVG Anti-Spyware Free
  • Please download the AVG Anti-Spyware Free v.7.5.1.43 installer to your desktop.
    • After the download is complete, double-click on the ewido install file to launch the installation process.
    • Follow the prompts and be sure that Launch AVG Anti-Spyware Free is checked.
    • Once the AVG Anti-Spyware Free main program screen has opened, click on Update now.
    • You will see an update progress bar, followed by an Update Succesful message when updating is complete.
    • After the database is installed, Click Scanner | Settings
    • Under How to act?


    • Select Recommended Actions and choose Quarantine to set the default action for detected malware


    • Under the Reports section:


    • Select Automatically generate report after every scan
    • De-select Only if threats were found



    Once updating is 100% complete close AVG Anti-Spyware, so you can perform the AVG Anti-Spyware scan in safe mode as described in Step 2. Safe mode is preferable because often malware programs which run in normal Windows mode will not be running in safe mode. This makes it easier to safely quarantine these threats because they will not be "in use". Another advantage, is some rootkits may not run in safe mode, and if this is the case, AVG Anti-Spyware will be able to detect them and the malware they are hiding. If you have trouble starting your computer in safe mode, just perform the scan in normal Windows mode as outlined in Step 2.


    Note: This new version of AVG Anti Spyware (7.5.1.43) corrects the inability to run in safe mode that was present in the recently released v.7.5.1.36. If you previously installed AVG Anti Spyware v.7.5.1.36, please uninstall it and replace it with this newer version (v. 7.5.1.43). Then proceed to Step 2.


    Step 2 - Perform AVG Anti-Spyware scan in safe mode and save the scan report

    • Boot into Safe Mode
      • Restart the computer
      • Watch the screen while it is black. After the BIOS memory check is done, start tapping the F8 key
      • If done correctly, the Windows Advanced Options Menu will appear.
      • Select Safe Mode from the options menu. Starting Windows in Safe Mode may take several minutes
      • Logon on using your usual account name


    • Perform the AVG Anti-Spyware scan

      • Select the Scanner icon at the top
      • Click the Scan tab
      • Select Complete System Scan.
      • If a threat is found, make sure Quarantine is set as the action to apply, and then click Apply all actions
      • Allow the scan to complete


      Note: Do not, proceed to Step 3 - Save the scan report until you have clicked the Apply all actions button. If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the Apply all actions button.


    • Save the scan report

      • Select the Reports icon at the top.
      • Select the Save report as button in the lower left hand corner of the screen
      • Save the report to a location which you will remember, so it is readily available if a staff member requests to see it. If you post a hijackthis log, please include it in your topic. By default, the scan report is saved to a reports sub-folder within the AVG Anti-Spyware 7.5 folder:

      On Win 2k and XP systems, the default scan report location for both AVG AS v. 7.5.0.50 and v.7.5.1.43 is:


      • C:\Program Files\AVG Anti-Spyware 7.5\Reports\




      On Vista platforms, the default scan report location for AVG AS v.7.5.1.43 is:


      • C:\Users\<user name>\AppData\Roaming\Grisoft\AVG Antispyware 7.5\Reports\



      • Close AVG Anti-Spyware and reboot your system back into Normal Mode



      For more detailed instructions regarding AVG Anti-Spyware setup and scanning features, please consult the Ewido Quick Guide(pdf) by DieHard

      ++++++++++++++++++++++++++


      TrojanHunter Trial

      Note: TrojanHunter runs on Windows 95, 98, ME, NT, 2000, XP and Vista.
      • Download and Install the 30-day trial ofTrojanHunter v. 5.0
        Note: If you already have TrojanHunter v. 5.0, please update it and configure to match the settings we recommended in Step 3.
      • There is no updating feature available within the trial version of TrojanHunter itself, so you must download a compressed ruleset and unzip all the files within it to the TrojanHunter folder, as outlined in the Manual Update Instructions.
      • To set up TrojanHunter Click Options and check mark everything except Display log messages & Log NTFS Alternate Data Streams. Then close TrojanHunter, because the scan can be performed more effectively in safe mode.
      • Now, boot into safe mode, by restarting your computer while tapping the F8 key. Once the Windows Advanced Options Menu appears, select Safe Mode and wait until the Safe Mode desktop appears.
      • Once in safe mode, reopen TrojanHunter and check all the boxes (green) beside your main hard drive folders, then click on Full Scan.
      • When the scan is finished, click File | Save Scan Report on the Main Menu. The scan report will be saved to the TrojanHunter Program Folder.
      • Reboot normally.


    Note: If Nod32 Antivirus's active protection is running during your scan, AMON (the Nod32 file system monitor) will detect and quarantine a randomly named EXE file in your user profile temp directory. This file is SAFE and created during TrojanHunter's execution. Please disable AMON during your TrojanHunter scan, or run the scan in safe mode as suggested. The program is fully functional and free to first time users for only 30 days.



    For more detailed instructions regarding TrojanHunter setup and scanning features, please consult the TrojanHunter Online Help Guide

__________________

Last edited by Tsurani : 11-07-07 at 12:32 PM.
  Reply With Quote
11-07-07, 12:14 PM   #6
Tsurani
A Black Drake
 
Tsurani's Avatar
AddOn Author - Click to view addons
Join Date: Nov 2005
Posts: 81
==========================
==========================

Now once your system is clean stop useing Internet Explorer and get FireFox


Install FireFox from here: http://www.getfirefox.com

then get these Add-Ons


Adblock Plus: https://addons.mozilla.org/en-US/firefox/addon/1865
Ever been annoyed by all those ads and banners on the internet that often take longer to download than everything else on the page? Install Adblock Plus now and get rid of them.

Right-click on a banner and choose "Adblock" from the context menu - the banner won't be downloaded again. Maybe even replace parts of the banner address with star symbols to block similar banners as well. Or you select a filter subscription when Adblock Plus starts up the first time, then even this simple task will usually be unnecessary: the filter subscription will block most advertisements fully automatically.



Adblock Filterset.G Updater: https://addons.mozilla.org/en-US/firefox/addon/1136
This is a companion extension to Adblock or Adblock Plus and should be used in conjunction with it. This extension automatically downloads the latest version of Filterset.G every 4-7 days. Filterset.G is an excellent set of filters maintained by G for Adblock that blocks most ads on the internet. In addition, this extension allows you to define your own set of filters that you can add along with Filterset.G during an update.



NoScript: https://addons.mozilla.org/en-US/firefox/addon/722
Winner of the "2006 PC World World Class Award", this tool provides extra protection to your Firefox.

It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, and guards the "trust boundaries" against cross-site scripting attacks (XSS).

Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality...

Experts do agree: Firefox is really safer with NoScript ;-)



IE Tab: https://addons.mozilla.org/en-US/firefox/addon/1419 Or
IE View: https://addons.mozilla.org/en-US/firefox/addon/35

IE View & IE Tab are a simple Mozilla and Mozilla Firefox extension (for Microsoft Windows systems), which allows the current page or a selected link to be opened in Internet Explorer. I use Firefox 99.99% of the time, but there are those moments -- particularly when testing new pages, or when viewing that rare IE-only page that's actually interesting -- when I need to see what things look like in IE.

IE View & IE Tab adds menu items to the page context menu, and the link context menu. Right-clicking a link now includes an "Open link target in IE" menu item. Right-clicking elsewhere in the main body of the page (not within an image, text box, etc.) gives "View this page in IE."

You can also add sites to an "always-view-in-IE" list. These sites, when reached in Firefox, will automatically reopen in Internet Explorer. The site you are currently viewing can be added via the Firefox.


==========================

This is fitting; for a little humor watch this flash movie
http://homestarrunner.com/sbemail118.html

==========================

O just for ****s and grins, post how many bugs you found on your system after you ran the clean ups.

The most I found was on my friends system, she has LimeWire, Napster, and an outdated Anti-Virus program, and she had over 1000 bugs (Virus and spyware)
__________________

Last edited by Tsurani : 02-15-08 at 04:23 PM.
  Reply With Quote
11-07-07, 04:31 PM   #7
Cralor
Mmm... cookies!!!
 
Cralor's Avatar
AddOn Author - Click to view addons
Join Date: Jun 2007
Posts: 772
thanks.

i liked your firefox addon part. that helped me a lot! weee no more ads...

.. i actually knew about adblock, but now that there is an updater for it, it is now good. before it was such a hassle to right click each new ad u found.


edit: oh, and i found 2 spyware several weeks ago when i ran trend micro Housecall for the heck of it lol.

but now i have avast! virus scanner. it's a free program for house residents and updated it's virus database daily.

... stupid Norton. it sucks so bad. doesn't find anything. updated only like once every 2 weeks and then u gotta restart the whole comp. AND you gotta pay for it. even support.
__________________
Never be satisfied with satisfactory.

Last edited by Cralor : 11-07-07 at 04:34 PM.
  Reply With Quote
11-07-07, 04:46 PM   #8
Kaomie
A Scalebane Royal Guard
 
Kaomie's Avatar
AddOn Author - Click to view addons
Join Date: Jan 2007
Posts: 438
I use ABP with the built-in EasyList (USA) filter subscription.
It already updates on its own and so far I have yet to see any unwanted ads.
If you are from other parts of the World you may want to use local subscriptions.
__________________
Kaomie
"WE LOTS OF PEOPLE FROM STRONG SERVER GUILDS" - Trade Channel

Last edited by Kaomie : 11-07-07 at 04:48 PM.
  Reply With Quote
11-07-07, 05:06 PM   #9
Dreadlorde
A Pyroguard Emberseer
 
Dreadlorde's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 2,302
Mac's ftw?


yes, I know there are trojan's and malware for mac's, but there's a lot less than windows has.
__________________

Funtoo - Plan 9 - Windows 7
  Reply With Quote
12-03-07, 03:40 PM   #10
Tsurani
A Black Drake
 
Tsurani's Avatar
AddOn Author - Click to view addons
Join Date: Nov 2005
Posts: 81
ok ya'll with the on slaugh of Viruses in the last few days re read this thread and pass it on to everyone you know ( that uses the internet)
__________________
  Reply With Quote
01-29-08, 09:33 PM   #11
Tsurani
A Black Drake
 
Tsurani's Avatar
AddOn Author - Click to view addons
Join Date: Nov 2005
Posts: 81
just posted this thread in the wow forum post called

There is something fishy in here....

now lets see if he comes here or not
__________________
  Reply With Quote
02-08-08, 02:27 PM   #12
Cralor
Mmm... cookies!!!
 
Cralor's Avatar
AddOn Author - Click to view addons
Join Date: Jun 2007
Posts: 772
I also recommend McAfee SiteAdvisor plugin for IE or extension for FireFox. Tells sites from Good to Bad.

It shows on links in Google Search, and when you are browsing anywhere.

Download links and Info:

IE: http://www.siteadvisor.com/download/ie.html

FF: http://www.siteadvisor.com/download/ff.html

Preview: (Firefox Extension)

__________________
Never be satisfied with satisfactory.
  Reply With Quote
03-03-08, 08:43 PM   #13
Dreadlorde
A Pyroguard Emberseer
 
Dreadlorde's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2006
Posts: 2,302
DeepFreeze

For those people who really, really, really want to keep their system safe, I would also recommend Faronics DeepFreeze. There's more information on the website. I'm using it right now and it works good, just make sure you read the manuals with it before you even install it.
__________________

Funtoo - Plan 9 - Windows 7
  Reply With Quote
08-19-09, 01:01 PM   #14
Ashkir
A Cyclonian
Join Date: Oct 2007
Posts: 40
I find MalwareBytes to be a very useful program for these as well.

http://www.malwarebytes.org/
  Reply With Quote
08-20-09, 03:25 PM   #15
Limb0
A Cobalt Mageweaver
 
Limb0's Avatar
AddOn Author - Click to view addons
Join Date: Feb 2008
Posts: 220
I'd like to add the little blurb I have on my UI page to this for the community..

PERFORMANCE
-I have a lot of friends who have lag issues so since this is also for them, I suggest checking out the Blue Posts at WoW Forums' System Performance Guide, 3.1 edition and checking out LeatrixLatencyFix.
  Reply With Quote

WoWInterface » General Discussion » Tech Chat » [UPDATED] Slow System, Lag, Crashes, Virus, Spyware? Probable Fix

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off