Spy wares and addwares...immediate

i want immediate help plzzzz...........................i have been infected by spywares and adult addwares :)   .............. my system had slowed down really ........i am using mccaffe 10 , for virus protection but no virus or threat has been detected


plz tell me which one is the best spyware romover ( no demo plz i want a permanet solution)...because the net is floded with thousands of spyware removers ......well there are tools which are free  recommend those too .........but recommend the best one in the market .....adult adwares are killin me out :P

one thing which continiously disturbes me is suddenly a popup appairs in the startup panel and when i click on it it opens www.spywarequake.com....it annoys me a lot specially when using programs like an encyclopedia or playing a game...
the pop is red in colour and reads

"critical system error....system detected virus activities..this may cause system faiiliure pls use antimalware software to clean and protect ur system with parasital activities click to get available software " 
lov_hackerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
Hello there,

Go here for the 2 best spyware/adware removers. They work great!

Spybot S&D

http://www.spybot.info/en/download/index.html (download 1.4)

Adaware SE Personal

http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10045910.html?part=dl-ad-aware&subj=dl&tag=top5 

Hope this helps
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Will SzymkowskiSenior Solution ArchitectCommented:
You can also download hijackthis

http://www.download.com/HijackThis/3000-8022_4-10379544.html

also another great program
0
Will SzymkowskiSenior Solution ArchitectCommented:
Also go to command line and type "msconfig"

Go to the startup tab and disable any/all of the programs that you don't want running when windows starts.
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

lov_hackerAuthor Commented:
yeah i have done that one i am checking the linkz too








thankz
0
Will SzymkowskiSenior Solution ArchitectCommented:
Anytime

:-)

let me know if they get rid of the spyware that you have. I also know a few other programs that might help. But the ones that I gave you should do the trick.
0
lov_hackerAuthor Commented:
ya from "add aware se" the adult addwares and other r removed......but i am still geting the massage of  alert system enfected continuesly which open a site   www.spywarequake.com   :@  ......that is really anoying....the site is abt a program named spyware quake which is an anti spyware , but this had becomed a great spyware for me now .......the icon is continuesly in the system tray and is not removing .....one more it also open a site named www.spyguard.com :P ....
plz tell me abt this too if ya knew ...





abt this link hijack ..........mccaffe 10 has deleted this saying this one is a trojan :-o  .......... do see it....

http://www.download.com/HijackThis/3000-8022_4-10379544.html
0
Will SzymkowskiSenior Solution ArchitectCommented:
Have you gone into add/remove programs and see if there is anything that is associated with this program that is running in the system tray?

Did you try Spybot? You didn't mention this one. When you install it make sure that you do an update and install everything that comes up. when the updates are finished go into Immunize and update that as well.

Try and do these scans in Safemode. The program is probably loading automatically when you start windows.

Another thing you can try doing is go into administrative tools and "Services" and see if the program is in there. If it is disable it.

Also you could go to Google.ca and then click on the link www.google.com then click more. Download the google pack and it will give you a list of software. You will find Norton Antivirus 2005 this is a 6 month full version trial. Download that and run a full system scan on your computer in safe mode.

hope this helps
0
lov_hackerAuthor Commented:
i am abt to try spybot lets see what happens ..................i will post soon now after nortan installation , i think that would surely help ....may this i pray


see ya
0
Will SzymkowskiSenior Solution ArchitectCommented:
Sounds good

:-)
0
rpggamergirlCommented:
Hi,
If you still have problems,
Do this to remove SpywareQuake popups.

1. Download Smitrem.
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1
and save the file to your desktop.
Double click on the file to extract it to it's own folder on the desktop.

Next, please reboot your computer in Safe Mode:

Open the "smitRem" folder, then double click the "RunThis.bat" file to start the tool. Follow the prompts on screen.  Your desktop and icons will disappear and then reappear again --- this is normal.
Wait for the tool to complete and Disk Cleanup to finish --- this may take a while; please be patient.


2. Then, download roguescanfix.exe , and save it to your desktop.
http://www.martijnc.be/tools/roguescanfix.exe
Double click roguescanfix.exe to install it.
Open the roguescanfix folder, and doubleclick run.bat. Make Sure you have an active internet connection!
Your desktop and icons will disappear and then reappear again, this is normal.
Wait till the message "Completed script execution" appears, then click OK.
Click "Exit" to close BFU.
Click "OK" to start the SpywareQuake/Spyfalcon uninstaller, after that click "uninstall". Please wait until it is finished.
WARNING: You will be asked to reboot your computer. Wait until the uninstallers did their job before clicking YES.

*In case you still get the message BFU.exe is not present, download BFU.zip:
http://www.merijn.org/files/bfu.zip
Unzip it and place BFU.exe in the Roguescanfix-folder. Then doubleclick Run.bat again.


If problem persists,
Let us look at your Hijackthis log, turn off Mcafee while scanning(mcafee does that eventhough hijackthis is NOT a trojan.


You can also try Ewido anti-malware.
Download and install the free version of Ewido anti-malware.
http://www.ewido.net/en/download/
Update first then scan in safe mode.
0
phileocaCommented:
1) stop downloading Porno games
2) stop downloading porno
3) stop looking for free applications online
4) stop using the internet

when you're done with those, take the suggestions of the above people.
when all else fails

FDISK and FORMAT
0
lov_hackerAuthor Commented:
gr8 reply phileoca i am looking to gave u immediate 500 points for such a great answer :) ..........abt porno games and porns well majority people do it , and i am not a speacial one who does this...... (well good guessing thou by loking at some of my questions :)  ......)  

*****************************************************************************************

ya i can't still get rid off the quake message and it is annoying me a lot :@ so i would try ur linkz too man  "rpggamergirl"


see ya
bye
0
lov_hackerAuthor Commented:
why do u people  say me to scan my drives on  safe mode ?? what is the diffrence in scaning in safe mode and the GUI mode ...??
0
rpggamergirlCommented:
@ phileoca, lol, stop using internet? I'm off for a "week-long" holiday tomorrow to a place where there's no internet access, but nice views and lots of fishing. I'm looking forward to it but I think I'll also miss my internet access! :)

lov_hacker,
Scanners works better in Safe Mode because not many services loads in safe mode, less conflicts and most importantly common malware doesn't run in safe mode so your scanner can easily sweep them off.

On the other hand, must NOT run Hijackthis in safe mode because it will produce a "next to useless" log.
0
Will SzymkowskiSenior Solution ArchitectCommented:
Safemode is suggested because the malware programs can't be wiped clean because they are running in the background.

Did any of the things above help???
0
Will SzymkowskiSenior Solution ArchitectCommented:
Please post a comment about any of the thing thats you have tried and let us know if any of the things listed are helping..

thanks
0
Heem14Commented:
If your machine is as bad as you make it out to be. Stop wasting your time here looking for anti-spyware, and rebuild the machine. get your important documents... or.. maybe in this case.. pictures.. backed up somewhere and wipe out the machine. no amount of anti-anything is going to get rid of every last problem without major frustration.

And while you are rebuilding... perhaps you'd like to consider switching to Linux.... no threat of spyware like windows.

0
nothing8171Commented:
dude, you need to change your name from "lov_hacker" to "know_nothing_about_hacking"
0
damod2kCommented:
By running your mahcine in safe mode and scanning with Ad-aware and Spyboy with their latest definitions you should be able to remove all the spyware intalled. If not use the manual method. You should also look at spyware protection softwares such as SpywareGuard, a very light real time scanning engine (free to download from http://www.javacoolsoftware.com/sgdownload.html), and also SpywareBlaster which doesn't run any processes in the background but blocks cookies, activeX etc. (free from www.javacoolsoftware.com/spywareblaster.html)

Manual method of removing SpywareQuake:

To remove SpywareQuake, first you must stop any SpywareQuake processes that are running in your computer's memory. To stop all SpywareQuake processes, press CTRL+ALT+DELETE to open the Windows Task Manager. Click on the  "Processes" tab, and select the following SpywareQuake processes:

spywarequakeinstaller.exe
spywarequake.exe
uninst.exe

Right-click these SpywareQuake processes and select "End Process."

Delete SpywareQuake Registry Keys

1. To delete SpywareQuake registry keys, open the Windows Registry Editor by clicking on the Windows "Start" button.

2. Select "Run," and type "regedit" into the box.

3. Click "OK" button. Once the Registry Editor is open, find the following registry values:

Remove SpywareQuake registry values:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpywareQuake
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
SharedTaskScheduler\{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}
HKEY_CLASSES_ROOT\Typelib\{661173EE-FA31-4769-97D4-B556B5D09BDA}
HKEY_CURRENT_USER\Software\Classes\CLSID\{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BrowserHelper Objects\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareQuake HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\App Paths\SpywareQuake.exe\: "%programfiles%\SpywareQuake\SpywareQuake.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run\SpywareQuake: "%program files%\SpywareQuake\SpywareQuake.exe /h"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Uninstall\SpywareQuake\DisplayName: "SpywareQuake 2.0"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Uninstall\SpywareQuake\UninstallString: "%programfiles%\SpywareQuake\uninst.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Uninstall\SpywareQuake\DisplayIcon: "%programfiles%\SpywareQuake\SpywareQuake.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Uninstall\SpywareQuake\DisplayVersion: "2.0"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Uninstall\SpywareQuake\NSIS:StartMenuDir: "SpywareQuake"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Uninstall\SpywareQuake\URLInfoAbout: "http://www.spywarequake.com"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Uninstall\SpywareQuake\Publisher: "SpywareQuake.com"
HKEY_LOCAL_MACHINE\SOFTWARE\SpywareQuake\refid: "1"
HKEY_LOCAL_MACHINE\SOFTWARE\SpywareQuake\Language: "1033"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}
KEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{5790B963-23C5-43C1-BCF5-01C9B5A3E44E
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{5D42DDF4-81EB-4668-9951-819A1D5BEFC8
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{76D06077-D5D3-40CA-B32D-6A67A7FF3F06
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{9283DAC1-43F5-4580-BF86-841F22AF233
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{AE90CAFC-09D4-47F0-9E11-CE621C424F08}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{BA397E39-F67F-423F-BC6E-65939450093A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{C4EEDC19-992D-409A-B323-ED57D511AFA5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{DD90F677-D205-4F70-9014-659614AABCB2}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{E3DF91F3-F24F-441E-9001-D61F36024322}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{F459EADB-5903-48D5-864C-2B7B46AB1424}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\
{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}

4. Click on these SpywareQuake registry values to select them, then click "Delete."

Unregister SpywareQuake  DLL Files

To un-register a SpywareQuake DLL file, you'll first need to find the SpywareQuake DLL files on your hard drive.

1. Click on the Windows "Start" button and then select "Run."

2. A window will popup. Type "cmd" into the box of the Window that appears.

3. Then click "OK". Locate the following SpywareQuake DLL files:
(Example: To unregister a file called "myDll.dll," located in the "C:\windows\system32" folder, you would type "%WinDir%\System"regsvr32 /u myDll.dll".)

Unregister SpywareQuake DLL files:
stickrep.dll
msvcp71.dll
msvcr71.dll
ex. 2020search2.dll,2020search.dll

4. Click "Enter." The message "DllRegisterServer in C:\Windows\SystemFolder\XXXXXX.dll succeeded" will appear when the SpywareQuake DLL file is successfully unregistered.

Remove SpywareQuake Files

To completely get rid of SpywareQuake, you must manually remove SpywareQuake files.

Detect and Delete these SpywareQuake files:
dfrgsrv.exe
mssearchnet.exe
nvctrl.exe
spywarequake 2.0 website.lnk
spywarequake 2.0.lnk
uninstall spywarequake 2.0.lnk
spywarequake 2.0.lnk
blacklist.txt
ref.dat
spywarequake.url
sq.ini
english.ini
hp[X].tmp
ld[X].tmp

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.