1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Free Window's Security Software! :- ) *UPDATED*

Discussion in 'Windows - Virus and spyware problems' started by rav009, Jan 22, 2006.

  1. xhardc0re

    xhardc0re Guest

    great work rav009. Now the question is, can you put together a step by step list for n00bs? I'd love to post this for co-workers and family.
     
  2. rav009

    rav009 Active member

    Joined:
    Nov 14, 2005
    Messages:
    2,204
    Likes Received:
    0
    Trophy Points:
    66
    I am in the processs of doing so actually my friend, here's a little sneak peak:

    Windows Freeware Security Essentials!!!

    Had to update this thing sooner or later, so here I go, this time around more pics and info, enjoy.

    Basically, the whole point of this guide is to show you its very possible to successfully run your computer using freeware security apps, you need security apps no matter what your level of experience is, they are essential, if you follow this guide carefully enough the result will be a nicely secured computer all done for FREE.

    Just because you paid for it doesn’t mean its better than a freeware app, I'm sure you have all heard the storys, "I uninstalled Norton Anti Virus and installed AVG Free, it found 4 Trojans that Norton didn’t even know existed!" etc.

    Symantec's Norton products are an example of this, they are really popular these days, probably because they are attractive, simply to use and effective to a certain extent, however they still have ALOT of improvements to make before I ever use them again, plain and simple resource hog if you ask me, waste of space inferior protection....however that’s just my opinion :)

    My new setup came preloaded with Norton Internet Security 2006, it was gone within an hour of my comps first run as I am never going down that road again.

    Its important that you know a little before you follow this guide, I have made an assumption about you if you are reading this, I have assumed you can open a browser and read English, that’s it. 

    You should read these:
    Computer Virus

    http://en.wikipedia.org/wiki/Computer_Virus

    Spyware

    http://en.wikipedia.org/wiki/Spyware

    Ad ware

    http://en.wikipedia.org/wiki/Adware

    Malware In General

    http://en.wikipedia.org/wiki/Malware

    Read them?, right, so lets get started shall we?, first of all, lets install an AV (anti virus)
    -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Web definition of Anti Virus

    Аntivirus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).

    Аntivirus software typically uses two different techniques to accomplish this:
    Examining (scanning) files to look for known viruses matching definitions in a virus dictionary
    Identifying suspicious behaviour from any computer program which might indicate infection. Such analysis may include data captures, port monitoring and other methods.

    Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach.


    From:

    http://en.wikipedia.org/wiki/Anti_virus

    It is highly recommended you keep an AV, if you don't I will promise you will be kicking yourself and so will your kids when they find out they can't log onto Msn Messenger as you've taken the careless approach and not installed an AV program, now you realise you are prone to all the malware on the web and this will cost you time and money, please have some sense and try not to let your pc get into a horrible state like this and to the smart thing, install an anti virus program!
    -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Anti Virus Software For Windows

    REMEMBER TO ONLY HAVE ONE OF THEESE INSTALLED AS THEY WILL CONFLICT AND CREATE FALSE POSSTIVE RESULTS

    AVG FREE
    (Writers Choice)
    [​IMG]

    GRISOFT once again received the VB100% Award by independent malware advisor, Virus Bulletin, in June 2006. AVG Anti-Virus proved itself by detecting all In the Wild viruses, while generating no false positives, during both on-demand and on-access scanning in Virus Bulletin's comparative tests.

    Download AVG FREE-----> http://free.grisoft.com/doc/5390/lng/us/tpl/v5

    AVG Free is an excellent anti virus app that you can have faith in, protection you can trust to keep you out of sticky situations, this is my pick and I highly recommend its use, I've used it for years and on many a pc without a single worry and it has proved to be effective in doing what it does, give it a try today for nothing, can't hurt can it? :)


    Thats just the start, you'll love it I promise, the first one was just a quick one I did, this ones a little more extensive.
     
  3. bayezid

    bayezid Member

    Joined:
    Jul 25, 2006
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    11
    can any of u guyz give me da cracked version of AD ADWARE SE i would b thankful to all of u
     
  4. rav009

    rav009 Active member

    Joined:
    Nov 14, 2005
    Messages:
    2,204
    Likes Received:
    0
    Trophy Points:
    66
    Erm, lets see.

    NO

    Its against the forum rules and is illegal, why don't you buy it, its worth it......
     
  5. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,167
    Likes Received:
    136
    Trophy Points:
    143
    bayezid, read the forum rules above about posting & piracy as piracy is not condoned on this site. the free version is just as good as the pay version. i have it on almost 100 plus customers' computers.
     
  6. bayezid

    bayezid Member

    Joined:
    Jul 25, 2006
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    11
    hey ok i got it ...plz. can u help me out of diz mess .from many dayz dere are spywarez and adwarez in my pc i even formatted my disk but da same think now i hav the spysweeeper n i scan it daily and it finds the adware n deletes it but later theyre back again .....herez the log of my last scan which i did 2day ....
    ********
    11:38 AM: | Start of Session, Thursday, July 27, 2006 |
    11:38 AM: Spy Sweeper started
    11:38 AM: Sweep initiated using definitions version 725
    11:39 AM: Starting Memory Sweep
    11:44 AM: Memory Sweep Complete, Elapsed Time: 00:05:06
    11:44 AM: Starting Registry Sweep
    11:44 AM: Registry Sweep Complete, Elapsed Time:00:00:24
    11:44 AM: Starting Cookie Sweep
    11:44 AM: Cookie Sweep Complete, Elapsed Time: 00:00:00
    11:44 AM: Starting File Sweep
    11:55 AM: Found Adware: look2me
    11:55 AM: 00002965.dll (ID = 159)
    11:56 AM: 00002963.dll (ID = 159)
    11:56 AM: 00002960.dll (ID = 159)
    11:57 AM: 00002956.dll (ID = 163672)
    11:57 AM: Found Adware: command
    11:57 AM: 00002993._ (ID = 166754)
    11:57 AM: 00002954.dll (ID = 159)
    11:58 AM: 00002950.dll (ID = 159)
    12:00 PM: 00002947.dll (ID = 159)
    12:01 PM: 00002944.dll (ID = 163672)
    12:02 PM: 00002941.dll (ID = 159)
    12:06 PM: 00002939.dll (ID = 159)
    12:10 PM: 00002936.dll (ID = 159)
    12:11 PM: 00002934.dll (ID = 159)
    12:12 PM: 00002931.dll (ID = 163672)
    12:12 PM: 00002929.dll (ID = 159)
    12:12 PM: 00002927.dll (ID = 163672)
    12:12 PM: 00002925.dll (ID = 159)
    12:12 PM: 00002923.dll (ID = 163672)
    12:12 PM: 00002921.dll (ID = 159)
    12:12 PM: 00002918.dll (ID = 159)
    12:12 PM: 00002988.dll (ID = 144945)
    12:12 PM: 00002916.dll (ID = 163672)
    12:12 PM: 00002913.dll (ID = 159)
    12:12 PM: 00002986.dll (ID = 166754)
    12:13 PM: 00002984.exe (ID = 185985)
    12:19 PM: 00002911.dll (ID = 159)
    12:19 PM: 00002909.dll (ID = 159)
    12:19 PM: 00002907.dll (ID = 159)
    12:19 PM: 00002982.vbs (ID = 185675)
    12:20 PM: File Sweep Complete, Elapsed Time: 00:35:44
    12:20 PM: Full Sweep has completed. Elapsed time 00:41:22
    12:20 PM: Traces Found: 29
    1:23 PM: Removal process initiated
    1:23 PM: Quarantining All Traces: look2me
    1:24 PM: Quarantining All Traces: command
    1:24 PM: Removal process completed. Elapsed time 00:00:46
    ********
    6:52 PM: | Start of Session, Tuesday, July 25, 2006 |
    6:52 PM: Spy Sweeper started
    6:52 PM: Sweep initiated using definitions version 725
    6:52 PM: Starting Memory Sweep
    6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:10 PM: Memory Sweep Complete, Elapsed Time: 00:17:19
    7:10 PM: Starting Registry Sweep
    7:11 PM: Found Adware: findthewebsiteyouneed hijack
    7:11 PM: HKU\.default\software\microsoft\internet explorer\search\searchassistant explorer\main\ || default_search_url (ID = 555438)
    7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:11 PM: Registry Sweep Complete, Elapsed Time:00:01:27
    7:11 PM: Starting Cookie Sweep
    7:11 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
    7:11 PM: Starting File Sweep
    7:13 PM: Found Adware: look2me
    7:13 PM: 00002690.dll (ID = 159)
    7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:17 PM: 00002685.dll (ID = 159)
    7:18 PM: 00002683.dll (ID = 159)
    7:18 PM: 00002681.exe (ID = 168558)
    7:19 PM: 00002679.dll (ID = 159)
    7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:21 PM: 00002676.dll (ID = 159)
    7:22 PM: 00002674.dll (ID = 159)
    7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:27 PM: 00002668.dll (ID = 159)
    7:28 PM: 00002666.dll (ID = 159)
    7:28 PM: 00002664.dll (ID = 163672)
    7:28 PM: 00002662.dll (ID = 159)
    7:28 PM: 00002660.dll (ID = 159)
    7:28 PM: 00002658.dll (ID = 159)
    7:28 PM: 00002656.dll (ID = 159)
    7:29 PM: 00002651.dll (ID = 159)
    7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:31 PM: Found Adware: command
    7:31 PM: uninstall_nmon.vbs (ID = 231442)
    7:33 PM: ahferror.dll (ID = 159)
    7:33 PM: k0pmla711d.dll (ID = 159)
    7:34 PM: 00001130.dll (ID = 163672)
    7:35 PM: hrr8059ue.dll (ID = 159)
    7:35 PM: 00000594.dll (ID = 159)
    7:35 PM: 00000841.dll (ID = 159)
    7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:36 PM: cudial32.dll (ID = 163672)
    7:36 PM: atmtd.dll._ (ID = 166754)
    7:37 PM: wdnotify.dll (ID = 159)
    7:37 PM: 00000843.dll (ID = 159)
    7:38 PM: 00000639.dll (ID = 159)
    7:39 PM: m4640ejqehoe0.dll (ID = 159)
    7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:41 PM: 00000744.dll (ID = 159)
    7:43 PM: lvl0093me.dll (ID = 159)
    7:45 PM: 00000152.dll (ID = 159)
    7:45 PM: dnrawex.dll (ID = 163672)
    7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:47 PM: rooc3260.dll (ID = 159)
    7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:54 PM: Found Adware: dollarrevenue
    7:54 PM: drsmartload46a[1].exe (ID = 325335)
    7:54 PM: sylogcfg.dll (ID = 159)
    7:55 PM: drsmartload849a[1].exe (ID = 325336)
    7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:00 PM: 00000597.dll (ID = 159)
    8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:01 PM: cmdinst.exe (ID = 231664)
    8:02 PM: dl3j.dll (ID = 159)
    8:04 PM: kdrberos.dll (ID = 159)
    8:05 PM: 00000567.dll (ID = 159)
    8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:06 PM: loader[1].exe (ID = 325333)
    8:06 PM: rismxs.dll (ID = 163672)
    8:07 PM: mkwdat10.dll (ID = 159)
    8:07 PM: soredir.dll (ID = 163672)
    8:07 PM: d4j00e1meh.dll (ID = 159)
    8:07 PM: d00mlad11d0.dll (ID = 163672)
    8:07 PM: mdtime.dll (ID = 159)
    8:07 PM: 00000591.dll (ID = 159)
    8:07 PM: mjoa.dll (ID = 159)
    8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:11 PM: 00002445.exe (ID = 144946)
    8:11 PM: 00002692.exe (ID = 231443)
    8:11 PM: asappsrv.dll (ID = 144945)
    8:12 PM: 00002705.exe (ID = 325652)
    8:12 PM: 00002708.exe (ID = 326742)
    8:14 PM: miperf.dll (ID = 163672)
    8:15 PM: uwat.dll (ID = 159)
    8:16 PM: atmtd.dll (ID = 166754)
    8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:17 PM: drsmartload45a[1].exe (ID = 325334)
    8:17 PM: drsmartload46a[1].exe (ID = 325335)
    8:17 PM: drsmartload849a[1].exe (ID = 325336)
    8:17 PM: mte3ndi6odoxng.exe (ID = 185985)
    8:17 PM: ktp8l77u1.dll (ID = 159)
    8:18 PM: g8220ifoe82c0.dll (ID = 159)
    8:18 PM: lt4027hmg.dll (ID = 159)
    8:19 PM: saictrddte.vbs (ID = 185675)
    8:20 PM: File Sweep Complete, Elapsed Time: 01:08:42
    8:20 PM: Full Sweep has completed. Elapsed time 01:27:46
    8:20 PM: Traces Found: 67
    8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:22 PM: Removal process initiated
    8:23 PM: Quarantining All Traces: look2me
    8:24 PM: Quarantining All Traces: command
    8:24 PM: Quarantining All Traces: findthewebsiteyouneed hijack
    8:24 PM: Quarantining All Traces: dollarrevenue
    8:24 PM: Removal process completed. Elapsed time 00:01:45
    8:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    8:31 PM: IE Tracking Cookies Shield: Removed hotlog cookie
    9:22 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:22 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:33 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:33 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:41 PM: IE Tracking Cookies Shield: Removed mp3downloadhq cookie
    9:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:41 PM: IE Tracking Cookies Shield: Removed overture cookie
    9:42 PM: IE Tracking Cookies Shield: Removed mp3downloadhq cookie
    9:42 PM: IE Tracking Cookies Shield: Removed mp3downloadhq cookie
    9:43 PM: IE Tracking Cookies Shield: Removed mp3downloadhq cookie
    9:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    9:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    10:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    10:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:55 AM: Processing Startup Alerts
    11:55 AM: Removed Startup entry: MSMSGS
    11:55 AM: Removed Startup entry: PcSync
    12:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    12:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:07 PM: IE Tracking Cookies Shield: Removed pointroll cookie
    1:07 PM: IE Tracking Cookies Shield: Removed pointroll cookie
    1:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:11 PM: IE Tracking Cookies Shield: Removed pointroll cookie
    1:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:17 PM: IE Tracking Cookies Shield: Removed pointroll cookie
    1:17 PM: IE Tracking Cookies Shield: Removed pointroll cookie
    10:46 AM: Processing Startup Alerts
    10:46 AM: Removed Startup entry: MSMSGS
    10:50 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    10:50 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    10:51 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    10:51 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    10:56 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    10:56 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:01 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:01 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:06 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:06 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:11 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:11 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:16 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:16 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:21 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:21 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:26 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:26 AM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    11:38 AM: Program Version 4.5.3 (Build 560) Using Spyware Definitions 725
    11:38 AM: | End of Session, Thursday, July 27, 2006 |
    ********
    10:30 PM: | Start of Session, Monday, July 24, 2006 |
    10:30 PM: Spy Sweeper started
    10:30 PM: Sweep initiated using definitions version 725
    10:30 PM: Found Adware: dollarrevenue
    10:30 PM: HKLM\software\microsoft\windows\currentversion\run\ || newname (ID = 1231926)
    10:30 PM: nwnmed_7.exe (ID = 1231926)
    10:30 PM: Starting Memory Sweep
    10:43 PM: Found Adware: command
    10:43 PM: Detected running threat: C:\Program Files\Network Monitor\netmon.exe (ID = 231443)
    10:45 PM: Detected running threat: C:\dfndrdd_6.exe (ID = 325652)
    10:48 PM: Memory Sweep Complete, Elapsed Time: 00:17:47
    10:48 PM: Starting Registry Sweep
    10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ (7 subtraces) (ID = 892523)
    10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || nomodify (ID = 958653)
    10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || noremove (ID = 958654)
    10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || norepair (ID = 958655)
    10:49 PM: HKLM\system\currentcontrolset\services\cmdservice\ (12 subtraces) (ID = 958670)
    10:49 PM: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\0000\ (6 subtraces) (ID = 1016064)
    10:49 PM: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\ (8 subtraces) (ID = 1016072)
    10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{a394e835-c8d6-4b4b-884b-d2709059f3be}\ (7 subtraces) (ID = 1110756)
    10:49 PM: HKLM\software\microsoft\drsmartload2\ (1 subtraces) (ID = 1134137)
    10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || uninstallstring (ID = 1134952)
    10:49 PM: Found Trojan Horse: trojan-backdoor-ranky
    10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || windows core kernel update (ID = 1382092)
    10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || defender (ID = 1558788)
    10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || keyboard (ID = 1558789)
    10:49 PM: Registry Sweep Complete, Elapsed Time:00:01:29
    10:49 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:49 PM: Starting Cookie Sweep
    10:49 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
    10:49 PM: Starting File Sweep
    10:49 PM: c:\program files\network monitor (1 subtraces) (ID = -2147459771)
    10:49 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:50 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:51 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:52 PM: Found Adware: look2me
    10:52 PM: l46o0ej3eho.dll (ID = 159)
    10:52 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:52 PM: 00000601.dll (ID = 159)
    10:53 PM: 00002443.dll (ID = 159)
    10:53 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:53 PM: 00000809.dll (ID = 159)
    10:53 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:54 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:56 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:56 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:58 PM: hrnq0555e.dll (ID = 159)
    10:59 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    10:59 PM: hrpu0579e.dll (ID = 159)
    10:59 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:00 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:01 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:01 PM: warebundle3.exe (ID = 168558)
    11:01 PM: Spy Installation Shield: found: Adware: dollarrevenue, version 1.0.0.0 -- Execution Denied
    11:01 PM: Spy Installation Shield: found: Adware: dollarrevenue, version 1.0.0.0 -- Execution Denied
    11:01 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:02 PM: n4p40e7qeh.dll (ID = 159)
    11:03 PM: 00000743.dll (ID = 159)
    11:03 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:05 PM: k4620ejoehoc0.dll (ID = 159)
    11:07 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:08 PM: sdrmdll.dll (ID = 159)
    11:08 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:09 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:10 PM: 00000808.dll (ID = 159)
    11:11 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    11:16 PM: 00000770.dll (ID = 159)
    11:17 PM: 00001516.dll (ID = 159)
    11:17 PM: 00000750.dll (ID = 159)
    11:17 PM: wjhcon.dll (ID = 159)
    11:18 PM: fsclient.dll (ID = 159)
    11:19 PM: crmodem.dll (ID = 163672)
    11:19 PM: padx5016.dll (ID = 159)
    11:19 PM: p06s0aj7edo.dll (ID = 159)
    11:19 PM: d40m0ed1eh0.dll (ID = 159)
    11:19 PM: nwnmed_7[1].exe (ID = 326742)
    11:19 PM: mgjetoledb40.dll (ID = 159)
    11:19 PM: 00000592.dll (ID = 159)
    11:20 PM: 00000599.dll (ID = 159)
    11:21 PM: hr8605lse.dll (ID = 159)
    11:24 PM: Sweep Canceled
    11:24 PM: File Sweep Complete, Elapsed Time: 00:34:29
    11:24 PM: Traces Found: 86
    11:24 PM: Processing Startup Alerts
    11:24 PM: Removed Startup entry: newname
    11:24 PM: Removed Startup entry: defender
    11:24 PM: Removed Startup entry: keyboard
    11:25 PM: Removal process initiated
    11:25 PM: Quarantining All Traces: look2me
    11:26 PM: Quarantining All Traces: trojan-backdoor-ranky
    11:26 PM: Quarantining All Traces: command
    11:27 PM: Quarantining All Traces: dollarrevenue
    11:27 PM: Removal process completed. Elapsed time 00:01:42
    1:28 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:28 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:54 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
    1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    1:58 PM: IE Tracking Cookies Shield: Removed yadro cookie
    1:59 PM: IE Tracking Cookies Shield: Removed rambler cookie
    1:59 PM: IE Tracking Cookies Shield: Removed yadro cookie
    2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:45 PM: Processing Startup Alerts
    6:45 PM: Removed Startup entry: MSMSGS
    6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
    6:52 PM: Deletion from quarantine initiated
    6:52 PM: Processing: command
    6:52 PM: Processing: dollarrevenue
    6:52 PM: Processing: findthewebsiteyouneed hijack
    6:52 PM: Processing: icannnews
    6:52 PM: Processing: isearch desktop search
    6:52 PM: Processing: look2me
    6:52 PM: Processing: trojan-backdoor-ranky
    6:52 PM: Deletion from quarantine completed. Elapsed time 00:00:01
    6:52 PM: | End of Session, Tuesday, July 25, 2006 |
    ********
    9:33 PM: | Start of Session, Monday, July 24, 2006 |
    9:33 PM: Spy Sweeper started
    9:33 PM: Sweep initiated using definitions version 547
    9:33 PM: Starting Memory Sweep
    9:34 PM: Found Adware: icannnews
    9:34 PM: Detected running threat: C:\WINDOWS\system32\n06q0aj5edo.dll (ID = 83)
    9:36 PM: Detected running threat: C:\WINDOWS\system32\tBpiui.dll (ID = 83)
    9:36 PM: Found Adware: isearch desktop search
    9:36 PM: Detected running threat: C:\WINDOWS\YmF5ZXppZA\command.exe (ID = 144946)
    9:38 PM: Memory Sweep Complete, Elapsed Time: 00:05:10
    9:38 PM: Starting Registry Sweep
    9:39 PM: Found Adware: findthewebsiteyouneed hijacker
    9:39 PM: HKU\.default\software\microsoft\internet explorer\search\searchassistant explorer\main\ || default_search_url (ID = 555438)
    9:39 PM: Registry Sweep Complete, Elapsed Time:00:00:32
    9:39 PM: Starting Cookie Sweep
    9:39 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
    9:39 PM: Starting File Sweep
    9:41 PM: Found Adware: look2me
    9:41 PM: appwrap[1].exe (ID = 65721)
    9:41 PM: command.exe (ID = 144946)
    9:41 PM: bw2.com (ID = 65721)
    9:42 PM: File Sweep Complete, Elapsed Time: 00:02:53
    9:42 PM: Full Sweep has completed. Elapsed time 00:08:46
    9:42 PM: Traces Found: 7
    9:44 PM: Removal process initiated
    9:45 PM: Quarantining All Traces: look2me
    9:45 PM: Quarantining All Traces: icannnews
    9:45 PM: icannnews is in use. It will be removed on reboot.
    9:45 PM: C:\WINDOWS\system32\n06q0aj5edo.dll is in use. It will be removed on reboot.
    9:45 PM: C:\WINDOWS\system32\tBpiui.dll is in use. It will be removed on reboot.
    9:45 PM: Quarantining All Traces: isearch desktop search
    9:45 PM: isearch desktop search is in use. It will be removed on reboot.
    9:45 PM: command.exe is in use. It will be removed on reboot.
    9:45 PM: Quarantining All Traces: findthewebsiteyouneed hijacker
    9:45 PM: Warning: Launched explorer.exe
    9:45 PM: Warning: Quarantine process could not restart Explorer.
    9:45 PM: Preparing to restart your computer. Please wait...
    9:45 PM: Removal process completed. Elapsed time 00:00:54
    10:19 PM: Processing Startup Alerts
    10:19 PM: Removed Startup entry: MSMSGS
    10:19 PM: Updating spyware definitions
    10:29 PM: Your spyware definitions have been updated.
    10:30 PM: Memory Shield: Found: Memory-resident threat command, version 1.0.0.0
    10:30 PM: Detected running threat: command
    10:30 PM: | End of Session, Monday, July 24, 2006 |
    ********
    9:31 PM: | Start of Session, Monday, July 24, 2006 |
    9:31 PM: Spy Sweeper started
    9:32 PM: IE Tracking Cookies Shield: Removed com.com cookie
    9:33 PM: | End of Session, Monday, July 24, 2006 |


    plz...helpme...
     
  7. rav009

    rav009 Active member

    Joined:
    Nov 14, 2005
    Messages:
    2,204
    Likes Received:
    0
    Trophy Points:
    66
    Start a thread in this forum with a HJT log.
     
  8. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,167
    Likes Received:
    136
    Trophy Points:
    143
    2nd that on starting new thread about problem. repost that log in new thread
     
  9. bayezid

    bayezid Member

    Joined:
    Jul 25, 2006
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    11
    i got a week ban for not following your advice. edited by ddp
     
    Last edited: Jul 28, 2006
  10. rav009

    rav009 Active member

    Joined:
    Nov 14, 2005
    Messages:
    2,204
    Likes Received:
    0
    Trophy Points:
    66
    Damm, I missed it...

    Why did I ever leave aD unatended..... :(
     
  11. xhardc0re

    xhardc0re Guest

    Anyone familiar here with the HOSTS file? It's a file that sits on your Windows box in C:\WINDOWS\system32\drivers\etc
    Basically, if you know how to add entries it will -block- you from visiting those sites (and those sites from visiting you).
    Any cookies or HTTP traffic sent to your computer will be blocked out. This isn't a hack, it's a rarely documented feature of Windoze. Learn about it here- http://en.wikipedia.org/wiki/HOSTS

    There's another good thread on antivirus/spyware/malware at this site-> http://www.fatwallet.com/forums/arcmessageview.php?catid=28&threadid=299439
    and the best Online Virus Scanner of your PC: http://www.pandasoftware.com/activescan
     
    Last edited by a moderator: Aug 8, 2006
  12. rav009

    rav009 Active member

    Joined:
    Nov 14, 2005
    Messages:
    2,204
    Likes Received:
    0
    Trophy Points:
    66
    Updated for you all :-D
     
  13. DVDBack23

    DVDBack23 Administrator Staff Member

    Joined:
    Jun 19, 2005
    Messages:
    2,443
    Likes Received:
    5
    Trophy Points:
    68
    damn its got pics and stuff now, very classy, and excellent guide :)
     
  14. rav009

    rav009 Active member

    Joined:
    Nov 14, 2005
    Messages:
    2,204
    Likes Received:
    0
    Trophy Points:
    66
    Cheers DvD, updated it quite a bit, added many new programs and tips, I will keep it updated :)

    I hope someone will find it of use.
     
  15. pyffy

    pyffy Regular member

    Joined:
    Sep 7, 2004
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    26
    Hi Rav, just wanted to thank you for your guide and I love the new look of the update, very professional. My Norton Internet Security Suite subscription finaly ran out yesterday so I zapped it all with the norton removal tool and now have AVG and Zone Alarm installed and updated and running sweetly. Now the resource hogger that was Norton is history I can reclaim some of my speed and enjoy safer web use. Thanks again mate, keep up the good work.
     
  16. ofolion

    ofolion Regular member

    Joined:
    Apr 6, 2006
    Messages:
    417
    Likes Received:
    0
    Trophy Points:
    26
    Hey, great guide :) just downloading some of them now, i'm using norton at the moment (SAVE ME FLAMING) but probably gonna switch off when it runs out, lol this is gonna sound bad coming from a "norton user" but windows defender is so bad for hogging...seriously i had it installed i got errors programs ran so slowy and when i uninstalled everything was fine. Just some advice :S
     
  17. rav009

    rav009 Active member

    Joined:
    Nov 14, 2005
    Messages:
    2,204
    Likes Received:
    0
    Trophy Points:
    66
    Hey all, thank you for the credit :)

    @pyffy,

    Hey buddy, nice one, well done to you, glad you dumped that p.o.s and switched to a better & free combo :)

    @ofolion,

    Hello there, cheers for the complemets, your the first to say Windows Deffender is a resource hog, I don't use it, so I would'nt know :)

    If you need support for it check here:

    http://www.microsoft.com/athome/security/spyware/software/support/default.mspx

    Good luck.
     
  18. borhan9

    borhan9 Active member

    Joined:
    May 25, 2005
    Messages:
    2,771
    Likes Received:
    3
    Trophy Points:
    68
    Hey Rav. I love this page. I have added it too my links in my profile page. Keep up the good work. :)
     
  19. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    rav009, like to thank you for turning me on to the McAfee SiteAdvisor. It has already proven effective and I have had it less than 5 minutes. Hadn't read the new update until now. :) Terrific guide man! You work is apprecitated!
     
  20. zippyd

    zippyd Active member

    Joined:
    Aug 4, 2004
    Messages:
    1,240
    Likes Received:
    0
    Trophy Points:
    66
    THIS might help choosing an anti-virus.....
    Stumbled on it the other day.
     
    Last edited: Sep 18, 2006

Share This Page