- Download, install, update, configure, and run Ad-Aware SE Personal 1.06.
- Download Ad-Aware SE Personal 1.06:
- Download Ad-Aware SE Personal 1.05.
- Save aawsepersonal.exe to a convenient location.
- Install Ad-Aware SE Personal 1.06:
- Double-click on aawsepersonal.exe to install the program.
- Follow the default settings for installation.
- After the program has finished installing uncheck the "Perform a full system scan now", "Update definition file now", and "Open the help file now" boxes.
- Update Ad-Aware SE Personal 1.06:
- Double-click the Ad-Aware SE Personal icon on your desktop.
- Click "Check for updates now" then click "Connect".
- It will check for any updates. If any are found click "OK" to download and install the updates. Once it has finished click "Finish".
- Configure Ad-Aware SE Personal 1.06:
- Click on the Gear button at the top of the window.
- Click "General" on the left hand side to display the General Settings box.
- Make sure these items have a green check next to them. If they do not, click once on the circle next to them to put a green checkmark in it.:
- "Automatically save logfile"
- "Automatically quarantine objects prior to removal"
- "Safe Mode (always request confirmation)"
- "Prompt to update outdated definitions" - change to 7 days from the default 14.
- Click "Scanning" on the left hand side to display the Scan Settings box.
- Make sure these items have a green check next to them. If they do not, click once on the circle next to them to put a green checkmark in it.:
- "Scan within archives"
- "Select drives & folders to scan" - select your hard drive(s).
- "Scan active processes"
- "Scan registry"
- "Deep-scan registry"
- "Scan my IE favorites for banned URLs"
- "Scan my Hosts file"
- Click "Advanced" on the left hand side to display the Advanced Settings box.
- Make sure these items have a green check next to them. If they do not, click once on the circle next to them to put a green checkmark in it.:
- "Move deleted files to Recycle Bin"
- "Include additional object information"
- "Include negligible objects information"
- "Include environment information"
- Click "Defaults" on the left hand side to display the Default Settings box.
- Make sure these items have your preferred settings in them.:
- "Default homepage"
- "Default searchpage"
- Click "Tweak" on the left hand side to display the Tweak Settings box.
- Click the + (plus) sign next to the Log Files section. This will expand the section.
- Make sure these items have a green check next to them. If they do not, click once on the circle next to them to put a green checkmark in it.:
- "Include basic Ad-Aware settings in log file"
- "Include additional Ad-Aware settings in log file"
- "Include reference summary in log file"
- "Include alternate data stream details in log file"
- Click the + (plus) sign next to the Scanning Engine section. This will expand the section.
- Make sure these items have a green check next to them. If they do not, click once on the circle next to them to put a green checkmark in it.:
- "Unload recognized processes & modules during scan"
- "Scan registry for all users instead of current user only"
- "Obtain command line of scanned processes"
- Click the + (plus) sign next to the Cleaning Engine section. This will expand the section.
- Make sure these items have a green check next to them. If they do not, click once on the circle next to them to put a green checkmark in it.:
- "Always try to unload modules before deletion"
- "During removal, unload Explorer and IE if necessary"
- "Let Windows remove files in use at next reboot"
- "Delete quarantined objects after restoring"
- Once you are done with these settings, click "Proceed" to save them.
- This will take you back to the main screen.
- Download Ad-Aware SE Personal 1.06:
- Run Ad-Aware SE Personal 1.06:
- Click the "Start" button.
- Uncheck the "Search for negligible risk entries" entry.
- Choose the "Use custom scanning options" scan mode.
- Click the "Next" button.
- Ad-Aware will begin to scan for malware residing on your computer.
- Allow the scan to finish.
- Right-click on any entry in the list and click "Select All" to select the whole list.
- Click "Next" and choose "OK" at the prompt to quarantine and remove the objects.
Look2me and probably more [RESOLVED]
Started by
arnanderson
, Jul 06 2005 07:18 PM
-
This topic is locked
#16
Posted 11 July 2005 - 11:02 AM
Trevuren
-
- Retired Staff
-
- 18,699 posts
Old Dog
#17
Posted 11 July 2005 - 10:20 PM
arnanderson
- Topic Starter
-
- Member
-
- 9 posts
New Member
Here you go man, looks good to me. You've been incredibly helpful. Thanks for all that you've done. I'll check back to see what you think.
Logfile of HijackThis v1.99.1
Scan saved at 12:17:19 AM, on 7/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\ewido\security suite\ewidoctrl.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
C:\AsusProb.exe
C:\HJT\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ASUS Probe] c:\AsusProb.exe
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\system32\NeroCheck.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} (ActiveX Control) - http://www.icannnews.../ST/ActiveX.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1119220897326
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido\security suite\ewidoctrl.exe
Logfile of HijackThis v1.99.1
Scan saved at 12:17:19 AM, on 7/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\ewido\security suite\ewidoctrl.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
C:\AsusProb.exe
C:\HJT\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ASUS Probe] c:\AsusProb.exe
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\system32\NeroCheck.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} (ActiveX Control) - http://www.icannnews.../ST/ActiveX.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1119220897326
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido\security suite\ewidoctrl.exe
#18
Posted 11 July 2005 - 10:40 PM
Trevuren
-
- Retired Staff
-
- 18,699 posts
Old Dog
Congratulations, your log shows that your SYSTEM IS CLEAN
There are a few things you must do once you are completely clean:
1. Reset and Re-enable your System Restore to remove bad files from the backup that Windows makes as no program is able to clean those files:
TO DISABLE SYSTEM RESTORE
1. Right-click "My Computer", and then left click "Properties".
2. Left click on "System Restore Tab"
3. Check box beside "Turn Off System Restore"
4. Left click on "Apply"
TO ENABLE SYSTEM RESTORE
1.Remove check mark from "Turn Off System Restore"
2.Click on "Apply"
2. Cleanup the leftovers. Download CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
3. Finally, Re-hide your System Files and Folders to prevent any future accidents.
Here are some tips to reduce the potential for spyware infection in the future:
Make sure you keep your Windows OS current by visiting Windows update
regularly to download and install any critical updates and service packs. With out these you are leaving the backdoor open.
I strongly recommend installing the following applications:
So how did I get infected in the first place? (My Favorite)
Regards,
Trevuren
There are a few things you must do once you are completely clean:
1. Reset and Re-enable your System Restore to remove bad files from the backup that Windows makes as no program is able to clean those files:
TO DISABLE SYSTEM RESTORE
1. Right-click "My Computer", and then left click "Properties".
2. Left click on "System Restore Tab"
3. Check box beside "Turn Off System Restore"
4. Left click on "Apply"
TO ENABLE SYSTEM RESTORE
1.Remove check mark from "Turn Off System Restore"
2.Click on "Apply"
2. Cleanup the leftovers. Download CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
3. Finally, Re-hide your System Files and Folders to prevent any future accidents.
Here are some tips to reduce the potential for spyware infection in the future:
Make sure you keep your Windows OS current by visiting Windows update
regularly to download and install any critical updates and service packs. With out these you are leaving the backdoor open.
I strongly recommend installing the following applications:
- Spywareblaster <= SpywareBlaster will prevent spyware from being installed.
- Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
- How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
- How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.
- Spyad <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
- MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
- Google Toolbar <= Get the free google toolbar to help stop pop up windows.
So how did I get infected in the first place? (My Favorite)
Regards,
Trevuren
#19
Posted 14 July 2005 - 10:28 AM
Trevuren
-
- Retired Staff
-
- 18,699 posts
Old Dog
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. 
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
