Mark's friendly spyware removal tip of the day..

[MarkCS]

So BleepingComputer.. makers of ComboFix have an excellent website regarding all the bullshiit that is out there to infect your computers..

They have released a new tool called rkill.exe that will stop the processes of most of these malware programs so that you can run Malwarebytes to clean the system up even without having to run ComboFix.

Find your rouge app here : http://www.bleepingcomputer.com/virus-removal/ On the right about the middle of the page is a google search box to search the site.

RKill.exe is here : http://download.bleepingcomputer.com/grinler/rkill.com I recommend that you rename it to something like AVDIE.com when you download it because as time goes on the malware bitches will figure out to stop anything named rkill.com from running.

Same goes when you download combofix.. always name it something weird.. I use AV2011.exe when I save combofix.

This is also another good scanning tool : http://www.softpedia.com/get/Antivir...-Toolkit.shtml

As always.. Malwarebytes can be downloaded from here : http://download.cnet.com/Malwarebyte...=dl&tag=button

As far as Antivirus goes.. I think the new M$ AV is running great and works well.. http://www.microsoft.com/Security_Essentials/

And for you facebookers.. BleepingComputer has a fan page where they list all the new shiit as they find it.. http://www.facebook.com/pages/Bleepi...r/121623401752

Merry Christmas.

[Richard F. Togo]

combofix workable for vista 64?

[MarkCS]

Quote:

Originally Posted by Richard F. Togo

combofix workable for vista 64?

Yeah.. all the malware is 32 bit crap anyhoo..

[ChrisN1313]

[00NIGHTMARE]

Fvck, that would have helped me a couple days ago. Could'nt run Malwarebytes even after renaming it and re-installing it under a new name. Had to run ComboFix.

[Concordium]

[Bluestreak]

thanks

[RioRed4v]

thanks

[Frito]

Quote:

Originally Posted by 00NIGHTMARE

Fvck, that would have helped me a couple days ago. Could'nt run Malwarebytes even after renaming it and re-installing it under a new name. Had to run ComboFix.

Same here, I was able to run it in safe mode. But after my pc rebooted my IE was unoperable. Still not working because I have not found an older copy online. I don't want to upgrade to anything newer because I hate how it tries to take over everything in my media.

[MarkCS]

Quote:

Originally Posted by Frito

Same here, I was able to run it in safe mode. But after my pc rebooted my IE was unoperable. Still not working because I have not found an older copy online. I don't want to upgrade to anything newer because I hate how it tries to take over everything in my media.

Um no.. it doesn't.. download IE 8 and be done with it.

[RioRed4v]

Hey Mark.. quick question for ya. Upon startup, i keep getting a popup that says something in regards to "install Windows Genuine Advantage.. yes/no". It seems like a legit program but i havent done anything about it, since i never had a disc for Windows and I had the IT dept at my old work format my computer and toss Windows on for me. The popup is annoying, but should I go ahead and install it?

[MarkCS]

Quote:

Originally Posted by RioRed4v

Hey Mark.. quick question for ya. Upon startup, i keep getting a popup that says something in regards to "install Windows Genuine Advantage.. yes/no". It seems like a legit program but i havent done anything about it, since i never had a disc for Windows and I had the IT dept at my old work format my computer and toss Windows on for me. The popup is annoying, but should I go ahead and install it?

It's legit.. was a M$ KB update.. it will run for a sec then ask if you want to see some web page about legit m$ software.. just uncheck it so you dont have to see the webpage and it will go away forever. But run the update.

[P51-SN95]

Cool I'll have to look in to this.

[RioRed4v]

Quote:

Originally Posted by MarkCS

It's legit.. was a M$ KB update.. it will run for a sec then ask if you want to see some web page about legit m$ software.. just uncheck it so you dont have to see the webpage and it will go away forever. But run the update.

alright, thanks i wasnt sure if it was going to ask my to toss in the MS disc or something, and then if i didnt have it, it would lock up my whole computer

[Alfdog]

Thanks Marky Mark

[Hanzo Hattori]

Quote:

Originally Posted by RioRed4v

alright, thanks i wasnt sure if it was going to ask my to toss in the MS disc or something, and then if i didnt have it, it would lock up my whole computer

Oh... its going to do that alright.... MarckCS just thinks sh1t like that is hilarious.

[The Rick]

subscribing for later

[RioRed4v]

Quote:

Originally Posted by Hanzo Hattori

Oh... its going to do that alright.... MarckCS just thinks sh1t like that is hilarious.

[BONESTOCK]

sub.T for my home comp!

[STRICTLY STANGS]

sweet shat bro

[Cobra S]

MarkCS. Helping n00bs remove spyware\malware since 1999.

[cholland]

Haven't seen the AVZ4 before. looks really useful. Like malwarebytes except you don't need to install it, plus it has some handy utilities in there like the process and dll manager

[CA_Harry]

Spanks

[wxmyjnsn]

sub for later

[drevil7171]

That was extremely friendly.

[BlackVenom96]

sub.T

[berlinetta]

one of the most helpful dudes on MW

[Frito]

Anybody find sh!t they didn't even know they had.

[Orkin]

[cholland]

I ran the AVZ4 on a computer with fake a/v on it and it did not even find it. Combofix removed a dozen or so files and MB found a couple of hundred after AVZ4 had ran and said it was clean. Looks like it still needs some work..

[Hanzo Hattori]

Quote:

Originally Posted by cholland

I ran the AVZ4 on a computer with fake a/v on it and it did not even find it. Combofix removed a dozen or so files and MB found a couple of hundred after AVZ4 had ran and said it was clean. Looks like it still needs some work..

AV snob.

[MarkCS]

Quote:

Originally Posted by cholland

I ran the AVZ4 on a computer with fake a/v on it and it did not even find it. Combofix removed a dozen or so files and MB found a couple of hundred after AVZ4 had ran and said it was clean. Looks like it still needs some work..

AVZ 4 works really well on Rootkits and also is able to repair safemode BSOD.. only other one that does is Combofix.

I had a nasty rootkit that wouldn't come off with Combofix and AVZ4 worked.

[ITSME99GT]

i had a Netsky virus which would not allow me to acess the web to download any of these fixes.also could not restore to back date.had it in safe mode too.
I had to reboot back to scratch.was there something i could of done to prevent this next time around?

[Hanzo Hattori]

Quote:

Originally Posted by ITSME99GT

i had a Netsky virus which would not allow me to acess the web to download any of these fixes.also could not restore to back date.had it in safe mode too.
I had to reboot back to scratch.was there something i could of done to prevent this next time around?

Leave the pron sites alone and use firefox.

[ITSME99GT]

Quote:

Originally Posted by Hanzo Hattori

Leave the pron sites alone and use firefox.

I don't think i got it from that

[Bender]

my shiatty windows live onecare seems to be keeping me safe so far.

[MarkCS]

Quote:

Originally Posted by Bender

my shiatty windows live onecare seems to be keeping me safe so far.

Windows Live OneCare is no longer available for sale


Existing subscribers will continue to be supported throughout the term of their subscriptions. Existing subscribers can reinstall by following the steps to download a trial, and can still add a PC to their existing OneCare circle.

Learn more about end of OneCare sale

On September 29th 2009, Microsoft introduced Microsoft Security Essentials, a FREE consumer anti-malware solution for Genuine Windows based PCs.

Learn more about Microsoft Security Essentials or download from Microsoft directly at: http://www.microsoft.com/security_es...s/default.aspx.

[Bender]

Quote:

Originally Posted by MarkCS

Windows Live OneCare is no longer available for sale


Existing subscribers will continue to be supported throughout the term of their subscriptions. Existing subscribers can reinstall by following the steps to download a trial, and can still add a PC to their existing OneCare circle.

Learn more about end of OneCare sale

On September 29th 2009, Microsoft introduced Microsoft Security Essentials, a FREE consumer anti-malware solution for Genuine Windows based PCs.

Learn more about Microsoft Security Essentials or download from Microsoft directly at: http://www.microsoft.com/security_es...s/default.aspx.

Thanks but I still got a few months left in the free 6 month extension they gave me. I don't see any need to change until thats up. In the meantime I bookmarked the linky.

[BONESTOCK]

Quote:

Originally Posted by MarkCS

So BleepingComputer.. makers of ComboFix have an excellent website regarding all the bullshiit that is out there to infect your computers..

They have released a new tool called rkill.exe that will stop the processes of most of these malware programs so that you can run Malwarebytes to clean the system up even without having to run ComboFix.

Find your rouge app here : http://www.bleepingcomputer.com/virus-removal/ On the right about the middle of the page is a google search box to search the site.

RKill.exe is here : http://download.bleepingcomputer.com/grinler/rkill.com I recommend that you rename it to something like AVDIE.com when you download it because as time goes on the malware bitches will figure out to stop anything named rkill.com from running.

Same goes when you download combofix.. always name it something weird.. I use AV2011.exe when I save combofix.

This is also another good scanning tool : http://www.softpedia.com/get/Antivir...-Toolkit.shtml

As always.. Malwarebytes can be downloaded from here : http://download.cnet.com/Malwarebyte...=dl&tag=button

As far as Antivirus goes.. I think the new M$ AV is running great and works well.. http://www.microsoft.com/Security_Essentials/

And for you facebookers.. BleepingComputer has a fan page where they list all the new shiit as they find it.. http://www.facebook.com/pages/Bleepi...r/121623401752

Merry Christmas.

Ok....sooooo I'm a computer retArd. I clicked on that rkill.com dl and a pop-up came up to save file. I clicked save file and now I don't know what happened to it. I was trying to find it on my comp to rename it like you said but I can't even find that. That's the only thing I've done so far. Help meh.

EDIT: Figured it out. Had to use IE instead of Firefox.

[BONESTOCK]

Quote:

Originally Posted by MarkCS

Find your rouge app here : http://www.bleepingcomputer.com/virus-removal/ On the right about the middle of the page is a google search box to search the site.

What do you mean here? Rouge app? What do I search for in that google search link?