Support Forums

Full Version: An anti-spyware hidden in Windows Vista
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
There are a number of software "spies" who spend their days scrutinizing your computer to inform their employers… To avoid this there are programs like Ad-aware responsible for removing them.



Windows Vista includes two anti-spyware: one "official" Windows Defender and another who does not enjoy the same reputation: "Malicious Software Removal Tool."



The first is useful, think well to keep activated. To do this, type "defender" in the pursuit of quick start menu and click windows defender. Try a search to verify that your system is clean.



The Malicious Software removal tool when asked to gymnastics more important to be used:



Also in the quick search Vista, type "command" and run the command prompt.



Once the window pseudo launched MS-DOS, type "mrt" wait and that the software is displayed.



Simply do searches on your computer to see that your system is finally healthy (or not).



I do not know what the analysis of the two programs differ, but as the saying goes: prevention is better than cure (and this is especially true for Vista).
Thank you my friend...this information will be useful to me in the future =]
I use Linux, but on my windows box i always use Malwarebytes, and i've not had any problems.
Nice commands, this should help in the defense against those pesky viruses/worms/bots/trojans and other ;)
yea i know one very annoying one called Internet security 2010 it is one fudged up box of trouble.
(12-22-2009, 01:43 AM)jfmherokiller Wrote: [ -> ]yea i know one very annoying one called Internet security 2010 it is one fudged up box of trouble.

You really should use HiJackThis and Malwarebytes. Smile
Of course HJT and Malwarebytes are far greater, although I find that the latter does not work very well on Win 7.
AAH! It's the malicious removal tool. Thx, working too in W7(windows 7)
i cann't remove spyware-realtime- spy (potentialy unwanted program)!!!!!
my mcafee detected, but cann't remove it. also can anyone look at my hijacjthis log!!
my comp. is very slow about a week!!!!!!! THANX.
my comp. is very slow. its DSL , to open a page takes <4min.
sometimes it doesn't open at all.
so.. my scan results:


* mbam: No malicious items detected
* novirusthanks:
* eset(online scan): not detected
* spybot-search&destroy: No immediate threats were found. (Status)
* mcfee: spyware-realtime-spy (potentialy unwanted program)

here is hijack log:


Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\AVG\AVGLS\avgtray.exe
C:\Program Files (x86)\ProxyWay\proxyway.exe
C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe
C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE
C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer
R1 - HKCU\Software\Microsoft\Internet Explorer\
R1 - HKLM\Software\Microsoft\Internet Explorer\
R1 - HKLM\Software\Microsoft\Internet Explorer\
R1 - HKLM\Software\Microsoft\Internet Explorer\
R0 - HKLM\Software\Microsoft\Internet Explorer\
R0 - HKLM\Software\Microsoft\Internet Explorer\
R0 - HKLM\Software\Microsoft\Internet Explorer\
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVGLS\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVGLS\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVGLS\Toolbar\IEToolbar.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVGLS\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~2\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVGLS\avgtray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Anna\AppData\Local\Google\U
Pages: 1 2