Results 1 to 3 of 3

Thread: What to do before posting about spyware issues

  1. #1
    Senior Member
    Join Date
    Jun 2004

    What to do before posting about spyware issues

    I will be assuming that people are running either windows 2k or xp in this tip:

    Download these tools and install them:
    AdAware => http://www.webattack.com/download/dladaware.shtml
    CoolWebShredder => http://www.spychecker.com/program/coolwebshredder.html
    SpyBot => http://www.snapfiles.com/download/dlspybot.html
    Spyware Blaster => http://www.javacoolsoftware.com/sbdownload.html
    Stinger => http://vil.nai.com/vil/stinger
    ToolBar Cop => http://www.mvps.org/sramesh2k/toolbarcop.htm
    After that Follow these Instructions:

    1. First turn Off your System Restore
    2. Boot into safemode and Login as Administrator
    3. Run the AntiVirus tool and delete all viruses it found
    4. Run the Spyware Removal tools and delete everything they detect
    5. Then goto C:\Documents and Settings\[username]\Local Settings\Temp and delete all files present here
    6. Goto C:\Documents and Settings\[username]\Local Settings\Temporary Internet Files, and delete the folder of ContentIE
    7. Goto C:\Documents and Settings\[username]\Cookies, and delete all cookies present here.
    8. Reboot back in Normal Mode and check if problems are gone
    9. After making sure that every junk stuff is deleted, and System is Clean, Turn On the System Restore again !!!
    10. If your computer is fixed then Great, otherwise run the Hijakcthis scan, and post the LOG file here -- (link for hijackthis)
    [gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo [/shadow]

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    Just one thing to add, from the same source as CWShredder, get Kill2Me and run that before CWShredder. Some versions cannot be deleted that easily, and this is an additional tool to get round the problem.


    EDIT: and the instructions are the same for WinME except that you automatically log in with Administrator rights, so you don't have to worry about that. Win98 and 98SE are even simpler, as they don't have system restore, so you can ignore that step.

    Provided that you can find versions of the tools that will run under NT4, the procedure is the same as for Win2K and XP, except that you don't have to worry about system restore (you still need Admin rights though)

  3. #3
    Senior Member
    Join Date
    Feb 2004
    I have to stick my nose in here, sorry. I disagree with some of the above. You should never run CWShredder as a simple matter of course. It's designed for a specific infection. In some cases, running CWShredder can make a CWS infection even harder to diagnose. It forces it to mutate. Instead, consult with someone who knows what they are doing or do some research and find out what the experts in the field are recommending. Google is your friend.

    Also, Spyware Blaster is great for preventing infection but it does nothing to clean up after you have been infected. It's nice to recommend that people install it, but it's not going to help resolve their current problem.

    Lastly, telling someone to turn off their System Restore before they have fixed the problem is, IMO, a very bad practice. They have nothing to turn back to if they hose their pc by "fixing" it. And if they have a severe infection you have just told them to erase any clean restore points they may have.

    Other than that, there are some very good points made.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts