Virus Info

Intro...   the Beginning...    PLEASE READ.

    To all who enter these pages I say... Please check out ... and investigate ... ANYTHING that you read here. Things change, and you need to learn. Use Google, or Bing, or whatever; to search the Web for your own satisfaction, and information, on any and all items covered... here on this page and any others in my site. Make yourself as comfortable as you can with knowledge.


Linux vs Windows Viruses... and Linux does have some malware... List of Linux Viruses

Virus/Malware Removal

The following list, and references was borrowed/swiped from MakeUseOf. We were having trouble with my Sister's Laptop and so we decided to look for more info. We found the afore mentioned site and copied their procedures and references. We have used all of the Off-Line products before -but- not the On-line ones. Looks like they have a specific order and we will follow this to see if we can get rid of the problems that my Sister is having.

Anti-Virus Softwares

The following operations should be performed in Safe-Mode with System Restore disabled. If you don't know how to enter Safe-Mode -or- how to disable System Restore jump over to My Virus Whatis Web-Page.

1. Malwarebytes

2. A Squared

3. Microsoft Security Essentials

4. AVG Free

5. Spybot Search and Destroy

Online Scanners

1. Panda ActiveScan

2. Bitdefender

3. ESET

  Other Notes from: Technibble     Also see: Major Geeks Forums

PC AntiVirus Review
Vipre AVS
Free 30day Trial
Vipre FAQ
Vipre Info

Win 'XP Recovery' virus manually remove:

This was taken from: rootishare. -And- Yes! There is a Virus called 'Windows XP Recovery' and it looks very Official. -But- it is NOT!!

Fist you need to stop a process: How to stop a process

Second : How to delete registry entries

And after, do this :

Stop Windows XP Recovery processes:
[random names].exe

Remove Windows XP Recovery registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun �.exe�
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun ��
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings �CertificateRevocation� = �0'
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings �WarnonBadCertRecving� = �0'
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WARNONZONECROSSING = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\3\1601 = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\WINTRUST\TRUST PROVIDERS\SOFTWARE PUBLISHING\STATE = 146944
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\CONTROL\SESSION MANAGER\PENDINGFILERENAMEOPERATIONS = \??\%CommonAppData%\[RANDOM].exe

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesActiveDesktop �NoChangingWallPaper� = �1'
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAssociations �LowRiskFileTypes� = �/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:�
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAttachments �SaveZoneInformation� = �1'
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem �DisableTaskMgr� = �1'
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem �DisableTaskMgr� = �1'
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload �CheckExeSignatures� = �no�
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain �Use FormSuggest� = �yes�
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced �Hidden� = �0'
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced �ShowSuperHidden� = 0'

Delete Windows XP Recovery DLL files:
[random].dll

Delete Windows XP Recovery files:
%AllUsersProfile%Application Data~ %AllUsersProfile%Application Data~r %AllUsersProfile%Application Data[random].dll %AllUsersProfile%Application Data[random].exe %AllUsersProfile%Application Data[random].exe %UserProfile%DesktopWindows XP Recovery.lnk %UserProfile%Start MenuProgramsWindows XP Recovery %UserProfile%Start MenuProgramsWindows XP RecoveryUninstall Windows XP Recovery.lnk %UserProfile%Start MenuProgramsWindows XP RecoveryWindows XP Recovery.lnk

Delete Windows XP Recovery folders:
%AllUsersProfile%Application Data[random]

AFTER removing the Rogue Program use 'UnHide.exe' to get back your 'Missing' programs.

Virus Info Section

     Without your knowledge, or explicit permission, the Windows networking technology, which connects your computer to the Internet, may be offering some or all of your computer's data to the entire world at this very moment!

Update:  Two programs have become very important in dealing with all this malicious software. They are: Malwarebytes and ThreatFire. (These are in addition to avast! and AdAware.) And at this point in time, to my knowledge and experience, the only one (of the FREE versions) that AUTOMAGICALLY Updates its data file is avast. You must update the others yourself. I recommend, at the least, once a month... whether you use them or not. Better to be Up-To-Date BEFORE the problem(s).
And a 3rd: Combofix


   You must realize, that 99% of avoiding viruses is how you act on, and with, the Internet. Just piling on AV(Anti Virus) and Firewall programs isn't going to do much IF you have a tendency to download 'strange programs' and run scripts without really knowing who made them.
Another Update:  Well, it appears that the above isn't totally true anymore. The 'Darth Vaders' have invaded the good sites. Please read about it here and consider even more protection with:
   Firefox: NoScript
Firefox's NoScript plug-in (a free download at the Mozilla site -and- at NoScript.net) provides an elegant solution to the problem of malicious scripting. Once installed, NoScript prevents scripting from working at any Web site you visit until you approve it for that particular site. Being able to control scripting on a site-by-site basis with a single mouse click gives you a powerful security advantage.
     - and -
   Internet Explorer: IE8 incorporates a similar version internally.
For those of you still with IE6 and IE7, this may be a reason to update... IF you can. Now then, the other part of this is... you must have an "Up-To-Date" System in order to use IE8. That would be:
  Windows XP, Windows Vista, Windows 7 and Windows Server 2003.

IE6 support has been dropped by most, if not all, of the Internet World... and IE7 is close behind.

Annnnddd... a little side note. IF you are one of the ones, like me, that is still using Windows 2000, you will just have to move on up to Firefox. Microsoft drops Internet Explorer at version 6 on Win2k. IE7 and above will NOT even install on Win2k.


And then again, we can get so much "Protection" going that it can slow us down as bad, if not worse than the Virus/Spyware stuff. So, think before you 'load up' on all the Protections. They have to be executing at the same time you are executing your other Programs and Browsers. Even though they are "in the background", they are still using CPU and System resources.

    Good vs Evil: Mr. Gates and company, along with Intel, and various manufacturers, have strived to make the task of computing easy. Unfortunately, security was not high on the list... when all this first started. We didn't have the criminal elements then... or they were few and far between. Then Pranksters came in. These were knowledgeable people who played innocent jokes on their fellow workers. Not harmful ... but at times very irritating. These were overlooked.

     Then entered the criminal and malicious individuals...or ones who turned that way out of revenge. They pounced on the "easy" ways of DOS and Windows coding. The "Ease of Use" priority over "Security" jumped up and bit. Some of those innocent Pranks were turned into obnoxious, vicious and malicious malware that would make your previously user friendly PC an animal, or worse, wipe out a lot, or all, of your Hard Drive.

    Now then, you didn't pay for, nor did you request any of these viruses. Therefore, you really shouldn't have to pay for a fix. But, then again, the fixer needs to make a living also. However, there are some "free" solutions. All you have to do is find them and then take the time to understand how to use the code. Most of the free items are easy.

HOWEVER BEWARE!! Free can be horrendous unless you check out what you are gettin' for free.

If you start getting a lot of ads popping up on your screen, then the last piece of software that you loaded onto your 'Puter was NOT free. IF I get a call to help someone in these situations, my services are very low cost. (Exchanges of Love and Friendship for Relatives and Neighbors, small charges for time and gas to others.)

 There is enough info on the Net to allow you to fix almost any problem yourself. You   just have to bite the bullet, dig in, investigate, research and then fix the problems. 

 But ... I understand that ... just like cars ... some people don't want to work on   computers ... they want only to use them. 



    Now... to the rest of the story....... which assumes that you still have access to the Internet via yours, or preferably someone else's PC. Hopefully, all of the items I have given references to, are still available. IF not, go to and search for another.


    Why so many anti-virus, anti-adware programs??   Because ... ta, ta, tahhhh ... there are many and various pieces of malware. Annnnd ... it may take two or more of the fixers to rid your PC of its ills. The only other alternative is to wipe your system and re-load the OS... and all your extra programs... and all your data...
  (that you have so righteously saved ... ummmm backed-up ... right?? ?) This Forum Piece( click here) contains some of the names offenders have used for the SAME Virus!!

Now then, on that same note; You CAN NOT have more than one Anti-Virus program running at one time. You CAN NOT have avast!, Norton, AVG and McAfee all running at the same time. You CAN, and I do, have avast!, AdAware and Gibson Tools loaded and running at the same time. The Free version of AdAware does not run automatically or continuously. It must be seperately executed once a week or once a month.
 Update:  As I said in the beginning, things change. It appears that the newer versions of Ad-aware also run in the background. However, it has been noticed that it slows down the PC... maybe a little to much. This will have to be your decision and will also depend on your machine. You may want to disable it and then run it once a week or once a month like we did previously -or- just put up with the slowness. Most of the slowness is only in the System start up. After things get going it appears to be faster. Again, that is yours to decide.
The Gibson Tools are self explanatory. avast! will run continuously and periodically, usually daily, update itself.

When you first fire up your PC... after installing and activating an Anti-Malware program... at startup, you will notice a lot of activity -and- operations will be a little slower in the first few minutes. Go get your coffee and wait patiently.

This delay is caused by avast! (or Norton or McAfee or whatever AV program you installed) checking your system and updating itself. Give it a few to do its job. Go get your coffee, or tea or soda and all should be well, or close to it, when you return.

Update Note:  Seems that you can, and may want to, have another running with avast!. It is called ThreatFire. -But- please read up on it BEFORE you just jump and use it.


The following was borrowed/stolen from Windows Answers This was in response to a question/statement that Windows was saying AdAware was off when it was still on. My two cents on this is timing. Some of the Systems on which I have installed avast! complain at startup that avast! is out of date. However, shortly thereafter, you will get an avast! message saying that the database has been updated.

Some antivirus/security products could be causing this error. McAfee, Norton, Windows Live OneCare, Threatfire are a few. Whichever antivirus / antispyware / security products you have on your machine now. --And-- which have you EVER had on it... even if you uninstalled them. (These leave remnants which cause strange issues.) So its a definite in your case.( the case being discussed)

Check the default services and dependencies to make sure they are running.
http://www.blackviper.com/WinVista/Services/Security_Center.htm

Security Center Not Reporting Anti-Virus or Firewall Status Correctly
http://www.winhelponline.com/blog/security-center-not-reporting-anti-virus-or-firewall-status-correctly/

How to Fix the Vista Security Center Reporting Incorrect Information
http://www.vistax64.com/tutorials/195736-security-center-not-reporting-correct-information.html

How to Disable or Enable Security Center in Vista
http://www.vistax64.com/tutorials/67737-security-center.html

This thread might help as it might be a permissions issue.
http://social.answers.microsoft.com/Forums/en-US/vistawu/thread/3d2049ae-4581-439b-8e15-3f603f5c60f0/

    The following three, well actually four, items are your main path to security and peace of mind. They are "Free for Home Use" and cost little for "Work Use". Sometimes the "free", as in use part, is not obviously listed. So patiently look around on the site(s) and check them out.

Shields Up!     A means of testing your security is available from a very fine individual by the name of Steve Gibson at Gibson Research Corporation. Access to his site is listed as Shields Up! in the menu on the left. Steve is one of the good guys. He is trying to help make the Internet more secure and user friendly. Follow his advice, use his software (free and/or purchased) and you will also help to bring security back to the Internet.

Lavasoft     Another Company offering free and purchasable software is Lavasoft. They offer some excellent programs to dump and stop spyware. The main one: 'AdAware' is a privacy tool, that scans your memory, registry, hard, removable and optical drives for known data-mining, aggressive advertising, and tracking components. It then lists the results and offers to remove or quarantine the components.
Ad-Aware 9 in Pictures

avast!     Another is avast! HOME EDITION Free antivirus software providing desktop security and data protection. avast! detects and removes all forms of malware, including spyware, rootkits and trojans. Free for home users.

Routers    Another item, besides the Software above, that will aid in securing your 'Puter is a Router.
From How Stuff Works: 'How do routers protect you?'

  • Routers can possess a number of features which fine-tune what the router will let pass and what it will flag as potentially dangerous or unnecessary.
  • Routers can be equipped with authentication and encryption features to monitor packets entering your network.
  • Routers can have firewalls to block unwanted entry.

    Even though a Router is primarily for using more than one computer on an Internet connection, it could be used as part of your protection in a single PC environment. However, Wireless routers are not as secure as the hard wired ones. Check out the following:


    Now then, I want to say this about that. I am providing information here, that is from both, experience, and other people. However, things change, and in the Computer, PC Industry, changes are fast.

      Therefore, use any info from here at your own risk.

  I, nor any of the individuals, or Companies that I mention will take any responsibility for your choices, actions or screw-ups. There shouldn't be a need for any of these kinds of software programs but, we still have many unscrupulous individuals amongst us.


Some definitions of words used...

  • Spyware:
    Individual programs that embed themselves within your computer and monitor your internet browsing activities. They can "spy" on your confidential information (ie. passwords, credit card info, etc).
  • Spybot Worm:
    The spybot worm is a virus that attacks your computer system through Instant Messenger or Kazaa. If you are infected by spybot then your anti-virus software 'may' become disabled.
  • Adware:..( Please notice the spelling. This is NOT the program but what it prevents.)
    Programs that relay your personal information and internet browsing patterns from your PC to another PC for advertising purposes. Adware are software applications that display advertising banners and pop-ups. If you get inundated with pop-ups chances are you have been infected by adware.
  • Malware:
    It is the short term for malicious software. Malware are more commonly referred to as viruses, trojans, and worms. Malware self-propagates and hides themselves within another program(s). Malware is designed to annoy -but- they have been known to wipe out the an entire hard drive. The most 'common' form of being infected by Malware is through the opening of an email attachment.
  • Trojan:
    Software that breaks through computer security and disguises itself as something benign, such as a game or directory lister. Trojans do not replicate themselves and are usually installed by "freeware and shareware" programs. They are detected as back door.

    How to tell if a PC has a Virus


    

Specific Info

    Microsoft Messenger: - Beginning with Windows NT, Microsoft included the Windows Messenger Service, and it's been built-in to each subsequent version and release of Windows over the past several years. It is not being used for its original purpose but is being used for malicious intents. It is highly recommended that you disable it.

Shutting off Windows Messenger Service will have no effect on any of the popular "instant messaging" systems you might be using; they don't rely on Windows Messenger Service (irrespective of its name) to function. You can do it yourself or, assuming you have installed AdAware, load the Lavasoft plugin, Messenger-Control, that gives you control over this service... Or use the Gibson Research one listed below.
Also See: Disable MS Messenger and Shoot The Messenger

    Hex Dump: - With many files (cookies for example) there's no easy way to view any information about them. The HexDump extension for AdAware lets you view a hexadecimal version of a file turned up in a scan, along with an "English" translation of the hex code.

This is an aid I would recommend that you install. Even though Computers talk in a funny language, there are some helps that will assist in making what they say more human readable.

    Layered Service Providers (LSP): - Small pieces of software that can be added or inserted into the Windows TCP/IP handler by other software. Data outward bound from your computer to a legitimate destination on the Internet can be intercepted by an LSP and sent somewhere other than where you intend it to go.

This is another plugin, LSP Explorer, for AdAware that I would highly recommend you use.

The Internet Threats

Threat Risk
Hacking attempt Unauthorized access to your computer (total control of your system and all your files).
Viruses and remote attacks Loss of your data (files and documents), system crashes, unstable computer operation.
Trojan horses Unauthorized access to your computer (total control of your system and all your files).
Malicious web page content Loss of your privacy.
SpyWare Loss of your privacy.

Firewalls

    There are two kinds of Firewalls, hardware and software. These can be, and are, used together or separately. I personally have the hardware version which is as a result of my local network. When you share a cable connection with the other members of your family, you need a router. This causes a change in the IP addresses of your local machines to the Private range which is:

  • 10.0.0.0 with the subnet mask 255.0.0.0
  • 172.16.0.0 with the subnet mask 255.240.0.0
  • 192.168.0.0 with the subnet mask 255.255.0.0
The above addresses can not be used on, or accessed from, the Internet. So how can, how do, you communicate? Through the router. It will have the original IP address that your ISP assigned to you. The router will translate and "route" the messages to and from the correct machine.

Avast! - Free Home Version (and the one I recommend)
This antivirus software is based on the ALWIL Software Virus, Worm and Trojan horse scanning technology since 1988. The avast! antivirus portfolio includes a number of products, providing effective protection at all levels - from PDAs to large networks.

AVG Free Edition is now available for all single home users worldwide! Download, install and use AVG Free Edition and get:
  • AVG Resident Protection
  • AVG e-mail Scanner
  • AVG On-Demand Scanner
  • Basic Scheduled Tests
  • Free Virus Database Updates
  • Automatic Update feature
  • Easy-To-Use Interface
  • Automatic Healing of infected files
  • AVG Virus Vault for safe handling of infected files

AIM security

    Online Safety/Security FAQ The biggest problem with AIM is the same as with Email... Attachments. Good Anti-Virus software will help but... Read the truth about E-mail viruses.

Answers to some of your Questions

    If and when you use some of the tools I am recommending, you will need to know which items you should remove and/or disable. Two places have provided excellent information. The first I'll mention is Bleeping Computer. It has a number of selectable Tabs on its Home Page and the one we are mainly interested in is the Tab "Startup List". If you use the Startup Manager from CodeStuff you will get a list of programs that are started when you fire up your PC. Not all of these are needed... leastwise they are not necessarily needed at startup. This list will tell you which ones to leave alone and which ones you can remove or disable. Unnecessary startups slow down you 'puter, waste resources and ... well you get the idea.

    The table below is setup in the same format as the tables on the Answers that work pages. All I have done, and/or am doing, is add what I run into that isn't in their list. Again, this is a list of programs that you may, or may not, want to remove or disable.

Task List Name Program & Manufacturer What it is
and what you can do
gwremind Microsoft Greetings Workshop Reminders that you need??? Probably not.
Wnsapisv
or
WINSERVS or sear1
Clickspring / PuritySCAN An Addware program.
It will drop a copy of itself in the Windows StartUp folder as wnsapisv.exe or WINSERVS.EXE. This copy will load at start-up and spawn massive quantities of large popup ads when the user is online.
Edit your startup folder manually or with one of the available programs on the Internet. A good one is StarterSetup from CodeStuff.
Wupdater Kazaa
Prefetch, Perfectnav, and Incredifind
A spyware program.
Another program that gets loaded into your Startup. Edit your startup folder and remove it.
In general, these programs generate popup ads and may hijack web searches. Wupdater.exe seems to be a background update task. We'd recommend removing this file. You'll probably find it in C:\Program Files\Common files\updater\wupdater.exe.

The above info also will be of assistance when using the HiJack this program.

Some Startup Folder Fiascos

avacyptj.exe and mcfg32c.exe

    These two jewels are placed by totempole. They can be found in the startup folder and the actual programs are found in \\Windows\\system directory. This information is thanks to Jack on Annoyances.org. In order to remove them you will have to reboot and startup in Safe Mode.

bxxs5 or BookedSpace

     BookedSpace is an adware browser helper object. Installed silently. The controlling server is www.bookedspace.com and 66.225.192.199. Again this can be found in your startup folder.


Win32:Trojan-gen - removal

I swiped this info from a Bullguard forum. The gentleman, Emilio from Slovakia, seemed to be very knowledgeable. I am including his info and the above reference for your convenience. I had a client with this Win32:Trojan-gen problem and it was a nightmare. It slowed down her PC considerably. The only other alternative would be to wipe out the system and re-load Windows. I for one am getting tired of that particular scenario.

Download CCleaner
www.ccleaner.com/

Download Advanced Process Termination
(you don't have to install it....it's only executable utility)
Advanced Process Termination is a simple but powerful utility that provides nine (9) different process termination techniques - all at the click of a button. Process Guard also has powerful anti-hook capabilities to prevent other programs from hooking critical functions (something often done by trojans to prevent their processes from being seen or terminated). In addition to process termination, APT also allows you to Suspend and Resume processes, and also serves as a useful process list utility.
Windows 2000, Windows XP, and Windows 2003 are supported.


Procedure:
1.DISABLE SYSTEM RESTORE
   Windows ME and XP utilize a restore utility that backs up selected files automatically to
   the C:\_Restore folder. This means that an infected file could be stored there as a
   backup file, and VirusScan will be unable to delete these files. You must disable the
   System Restore Utility to remove the infected files from the C:\_Restore folder.
2.REBOOT TO THE SAFE MODE
   Safe mode is the Windows diagnostics mode. When you start the computer in Safe mode,
   only the specific components that are needed to run the operating system are loaded.
   Safe mode does not allow some functions, such as a connection to the Internet. Safe
   mode also loads a standard video driver at a low resolution. Due to the low resolution,
   your programs and the Windows desktop may look different than usual and the desktop
   icons may have moved to different locations on the desktop.

The F8 key is used to enter Safe mode. It can be, and many times is, tricky to get it to work. If you can not get the F8 key entry to safe mode, then follow the directions presented by Symantec in the reference above.

3.SHOW HIDDEN FILES
   The system files are normally hidden. Since some of these are pretending to be system
   files we need to open up the system to show them.
4.RUN HIAJCKTHIS:
 Check:
  R3 - Default URLSearchHook is missing
  O4 - HKLM\..\Run: [jUSnC] C:\WINDOWS\dpexao.exe
  O4 - HKLM\..\Run: [version] C:\WINDOWS\System32\Takrst.exe
  O4 - HKLM\..\Run: [secure] C:\WINDOWS\System32\Prlvgv.exe
  O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe /service (file missing)
  O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe /service (file missing)
 FIX CHECKED........

5.RUN ADVANCED PROCESS TERMINATION
 Kill these processes(select then press "ALL" button in PROCESS CONTROL OPTIONS)
  C:\WINDOWS\dpexao.exe
  C:\WINDOWS\System32\Takrst.exe
  C:\WINDOWS\System32\Prlvgv.exe

6.FIND AND DELETE THESE FILES:(some files may not exist)
  C:\WINDOWS\dpexao.exe
  C:\WINDOWS\System32\Takrst.exe
  C:\WINDOWS\System32\Prlvgv.exe

7.SCANS:
  do some scans with applications which you can download mentioned in other posts....
AdAwareSE,SpyBot,SysClean and so on..

  • run scan with AdAwareSE (full system scan, scan volume for ADS)
  • run scan with SpyBot
  • run scan with ScanSpyware (do complete scan)
  • run scan with Stinger
  • run scan with Mwav (all scan options)
  • run scan with SysClean
    Notice: Sysclean is not meant to protect your computer from viruses. Sysclean only scans your computer and removes any viruses it finds. You need to purchase antivirus software for full real time protection.
  • run scan with TDS-3 (choose all choices to scan in SCAN CONTROL)

AdAware SE.......Install, click Check for Updates now and get any updates, then exit.
AdAware VX2 Cleaner Plug-In.....Install only
avast! antivirus software..........Install
CCleaner.............Install only, then exit
Spybot................Install, do the search for updates now and get any updates, then exit.
SpywareBlaster...Install, click Download Latest Protection Updates, Check for Updates, and then Enable All Protection, then exit. It does a great job of blocking known vulnerabilities as well as known malicious websites.
McAfee AVERT Stinger.....No installation required! Ready to run as is.
CWShredder......No installation required! Just unzip it to a folder.
Kill2me..............No installation required! Just unzip it to a folder.
about:Buster......No installation required! Just unzip it to a folder. Click Update and download any before scanning.
HSRemove........No installation required! Ready to run as is. (Only for WinNT, 2K, XP)

8.CLEANING
run CCleaner (analyze---run cleaner)

9.RE-ENABLE SYSTEM RESTORE

10.REBOOT

    

    


Remove: AntiVirusGold

AntivirusGold is an adware application. Antivirus Gold is installed by some trojans without asking for user permission. The deskop wallpaper is modified & advertisement is displayed urging the user to buy Antivirus Gold. Upon clicking on the message, a web explorer is opened to point to www.AntiVirus-Gold.com. The purpose of this trojan is to install itself & pretend that only AntiVirus Gold can remove it.
Home Page:   SpywareDB removal tool

DyFuca.InternetOptimizer

DyFuca.InternetOptimizer is a variant of the DyFuca page hijacker. Unknown-server errors, page-missing errors, server errors and even password-required errors are redirected to Internet Optimizer's controlling server at www.internet-optimizer.com. The 'DyFuCA Active Alert' component can open pop-up 'alerts' when directed by its controlling server. And can download and execute arbitrary unsigned code from its controlling server, as an update feature.
Home Page:   Spython removal tool

ABetterInternet

ABetterInternet runs at your system's start-up and may track your Internet activity. If A Better Internet gathers personal information about yourself and your web browsing habits, it may target pop-up advertisements at you, redirect certain URLs, and automatically update itself and install third-party software, files and desktop icons.
Home Page:   Spywareremove

2ndThought

2nd Thought may download and display advertisements, and may reset your home page and report your web activity to its parent company.
Home Page:   Spywareremove

Twain-Tech

Twain-Tech Removal - This bug is adware. Comes as both a BHO and a toolbar. If you'd like to send them some love visit their site. Also read below and also send the software company who installed it on you some love as well. Free programs that are sponsored by ads are not truly free. If you want to profit from making software please go the 15 day trial route cause ads will only make people hate you.
Home Page:   I am not a Geek

Addclicker

Runs in the background and periodically pops up a warning that there is a problem with your computer. Can display a warning message from the system tray that your computer has spyware. Clicking the warning message will take you to a website to download antispyware software that does not do what it claims.
Home Page:   Spyware Guide

Home Page:   

Home Page:   

Home Page:   


Copyright © 2004-2010 All rights reserved.