[pchelpers] Re: Do I Need To Reformat And Start Over?
- From: "Ekhart GEORGI (last name last)" <Ekhart.GEORGI@xxxxxxxxxxx>
- To: pchelpers@xxxxxxxxxxxxx
- Date: Thu, 28 Oct 2004 10:59:12 +0300
Hi George
Sounds pretty bad. In fact, sounds like you were being brave and used
Internet Explorer instead of Firefox (-: Even so, i'm pretty amazed you
were able to get infected with the SearchIt toolbar despite all the
protection you have. SearchIt shouldn't be that aggressive. Did
SpywareBlaster and Spybot warn you not to install SearchIt?
One possibility is that Spy Sweeper may have been partly tripped up by
CoolWWWSearch = CoolWebSearch or a new ugly variant of it that even
Spybot can't handle because the crooks behind the scam change it so
often. There's a special tool for that called CWShredder
www.spywareinfo.com/~merijn/files/CWShredder.exe
The crooks tried to fight back with a tool that disables this and the
best-known antispyware programs, but the author of Spybot wrote a
special tool for that called CWS.SmartKiller
www.safer-networking.org/files/delcwssk.zip
If these don't help, you could try to undo the Spy Sweeper changes by
using its backup function, which i'm sure it has, and trying to clean
the computer first with only Spybot and the above tools, followed by
AVG. Spybot is apparently the antispyware program with the best registry
and other repair functions.
What i didn't understand in your message is if the "continual" crashing
of your security software means that you are not able to perform
complete searches with AVG, Spybot, A Squared, etc. Can't you even
generate a log with HijackThis?
Ekhart
PS
After cleaning a CWS infection always check your 'Favorites' folder for
added porn links
(info on www.wilderssecurity.com/showthread.php?t=28658)
You might like to also post your question on
www.net-integration.net/forums.html, where they specifically say that
they can understand people who post without reading the FAQs etc. first.
At http://forums.spywareinfo.com, they don't seem to be so understanding
of people who don't do some reading first. But they're very helpful and
competent too and have some great info:
www.spywareinfo.com/articles/hijacked/prevent.php
http://forums.spywareinfo.com/index.php?showtopic=227
www.spywareinfo.com/articles/hijacked/#removal
I think my computer is infected or hijacked. What should I do? (Step by
step instructions:)
http://www.broadbandreports.com/faq/8428
HijackThis log tutorial
http://www.spywareinfo.com/~merijn/htlogtutorial.html
http://www.help2go.com/article153.html
(see end of this message if both sites are blocked by spammers)
I got an email from the expert who wrote the article at
www.spywareinfo.com/articles/hijacked/prevent.php. He accepted my
suggestion to add the following change to his list
of things to help make IE at least a bit more secure:
Scripting / Active Scripting: Enable=>prompt
More extensive repair:
Only in case the quick repair doesn't work, do you need to follow these
step by step instructions:
http://www.broadbandreports.com/faq/8428
HijackThis log tutorial
http://www.spywareinfo.com/~merijn/htlogtutorial.html
George T. Cox wrote:
> Hi Folks,
> I would like to get your thoughts on this: I found on my hard drive a
> SearchIt Toolbar that was cleaned out by Spy Sweeper. But since then I
> have continually been having crashes of my security software-AVG,
> Spybot, A Squared, AdAware, Spy Sweeper, Sygate, HijackThis!, and
> Spyware Blaster. I also am constantly being warned by Sygate that
> Thunderbird and Firefox have changed since the last time I opened them.
> I've refreshed the installation of all these programs and run Trend
> Micro's online scan and come up with nothing. But the crashes are
> continuing. The error message is that they have performed an illegal
> operation and will be shut down. As a last resort before re-formatting I
> thought I'd get your ideas on this situation.
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.
- Follow-Ups:
- [pchelpers] Re: Do I Need To Reformat And Start Over?
- From: George T. Cox
- References:
- [pchelpers] Moving Files and Licenses
- From: Cyril Halbach
- [pchelpers] Re: Moving Files and Licenses
- From: Scott McNay
- [pchelpers] Re: Moving Files and Licenses
- From: Cyril Halbach
- [pchelpers] Re: Moving Files and Licenses
- From: Scott McNay
- [pchelpers] Do I Need To Reformat And Start Over?
- From: George T. Cox
Other related posts:
- » [pchelpers] Do I Need To Reformat And Start Over?
- » [pchelpers] Re: Do I Need To Reformat And Start Over?
- » [pchelpers] Re: Do I Need To Reformat And Start Over?
- » [pchelpers] Re: Do I Need To Reformat And Start Over?
- » [pchelpers] Re: Do I Need To Reformat And Start Over?
- » [pchelpers] Re: Do I Need To Reformat And Start Over?
- » [pchelpers] Re: Do I Need To Reformat And Start Over?
- » [pchelpers] Re: Do I Need To Reformat And Start Over?
- [pchelpers] Re: Do I Need To Reformat And Start Over?
- From: George T. Cox
- [pchelpers] Moving Files and Licenses
- From: Cyril Halbach
- [pchelpers] Re: Moving Files and Licenses
- From: Scott McNay
- [pchelpers] Re: Moving Files and Licenses
- From: Cyril Halbach
- [pchelpers] Re: Moving Files and Licenses
- From: Scott McNay
- [pchelpers] Do I Need To Reformat And Start Over?
- From: George T. Cox