Broadband Tech > Security > Security > HJT sir search is the pest that wont die

HJT sir search is the pest that wont die

You have so much crap on your computer, I would run this free AV first. Then post another log.

»www.mwti.net/antivirus/free_utilities.asp
--
Better to remain silent and be thought a fool, than to speak and remove all doubt.

reply to irisheyes921
AHHH! I downloaded escan from that link you provided. I ran it and it scanned like 87,000 files. 500 viruses were found, 350 deleted and 100 and some were "renamed." I restarted my computer. The bar along the bottom of the screen where start is and other programs has completely disappeared. The only thing on the screen is the background pic and shortcut icons. I clicked on internet explorer to see if sir search was deleted and IT IS STILL THERE! Do you know how to get my start bar back and anymore ideas on how to get rid of sir search?
Thanks for your help

You should maybe consider »Security »When should I re-format? How should I reinstall?

Cudni

reply to irisheyes921
I have tried so many things to get rid of the sir search and other stupid little things like that. I am not sure how to re-format or re-install but from what I read it sounds like I probably should. Do you think I need someone to come look at my computer?
Thanks for your help.

reply to irisheyes921
»Security »I think my computer is infected or hijacked. What should I do?

Follow all the steps in the link above and post a new log.
--
The next best thing to being smart is being able to quote someone who is.

reply to irisheyes921
My hijack this is not on my desktop but i cant access it because i dont have a task bar so how can i run a scan and get a log?
thanks

Hit Ctrl+Alt+Del and click on New Task button. Type in C:\Documents and Settings\Mags\Local Settings\Temp\hijackthis[1].zip\HijackThis.exe and hit enter.
--
anon43@gmail.com

reply to irisheyes921
Logfile of HijackThis v1.98.2
Scan saved at 2:20:49 AM, on 9/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\System32\s3hotkey.exe
C:\WINDOWS\System32\TFNF5.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe
C:\quickenw\QAGENT.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\support.com\bin\tgcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIM95\aim.exe
C:\WINDOWS\System32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\Mags\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = »www.begin2search.com/googlesidesearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = »www.toshiba.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = »www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {965A592F-8EFA-4250-8630-7960230792F1} - (no file)
R3 - URLSearchHook: (no name) - {CADA41F9-AA81-A897-1224-087771AEC292} - C:\WINDOWS\Veprtecx.dll
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [S3Hotkey] s3hotkey.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TSysSMon] c:\toshiba\sysstability\tsyssmon.exe /detect
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [Drag'n Drop CD] C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [QAGENT] C:\quickenw\QAGENT.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dpcproxy] C:\WINDOWS\System32\dpcproxy.exe
O4 - HKLM\..\Run: [aqadcup] C:\WINDOWS\aqadcup.exe
O4 - HKLM\..\Run: [Jawa32] C:\WINDOWS\jawa32.exe
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKCU\..\Run: [Osus] C:\Documents and Settings\Mags\Application Data\acao.exe
O4 - HKCU\..\Run: [Mw2sRVa5g] ntwert2.exe
O4 - HKCU\..\Run: [Jawa32] C:\WINDOWS\jawa32.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - »www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - »www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - »online.comcast.net/help/ (file missing)
O9 - Extra button: PD - {A83B19E2-32C3-405F-8138-B8788B4AAB10} - C:\Program Files\Pop up Blocker\pd.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .mpga: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - »imgfarm.com/images/nocache/funwe···.0.8.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - »software-dl.real.com/291e6043451···E601.cab
O16 - DPF: {5C7F15E1-F31A-44FD-AA1A-2EC63AAFFD3A} - »www.atelys.com/src/Speedup.ocx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - »a840.g.akamai.net/7/840/537/2003···an53.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - »downloads.aaa1screensavers.com/d···_acx.exe
O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) - »ipgweb.cce.hp.com/rdqna/download···info.cab
O16 - DPF: {D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} (WebBasedClientInstall Class) - »nav.cas.msu.edu/WebInst.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} (Personal System Administrator Control) - »206.65.172.231/check/netset//ins···wngc.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - »by7fd.bay7.hotmail.msn.com/activ···chmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - »chat.msn.com/bin/msnchat45.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

reply to irisheyes921
the above log i did after i ran the escan virus program posted by someone from a previous reply. it said it detected and deleted a bazillion viruses, trojan thingys, etc. i restarted my computer and the task bar no long shows up. i have no idea how screwed up my computer is or what to do. i am computer retarded.
thanks everyone for your help.

reply to irisheyes921
Damn it, now i cant access my hotmail account on msn and certain webpages are failing to load. i'm about ready to throw my computer out the window and hunt down the people that invent these viruses and spyware and shoot them

reply to irisheyes921
irish,

1. Very Important!!! If you are able to access Windows Explorer, please create a permanent folder for HijackThis (I suggest "C:\HJT") and move the HijackThis program there. HijackThis will create a number of backup files which will be lost if run from a temporary folder.

2. Reboot into Safe Mode - How do I boot into "Safe" mode?

3. Make sure your Windows Explorer Folder Settings are as follows:

(To access them, go "Tools" > "Folder Options" > "View")

a. "Show hidden files and folders" should be checked.
b. "Hide extensions for known file types" should be unchecked.
c. "Hide protected operating system files" should be unchecked.

4. Make sure all application windows are closed. Run another HijackThis scan from its permanent location. Check the below items for removal. Once all are checked, click the "Fix checked" button. When the fix completes, close HijackThis.

Fix these items:
---------------------------------------------------------

---> R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = »www.begin2search.com/googlesidesearch...

---> R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

---> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

---> R3 - URLSearchHook: (no name) - {965A592F-8EFA-4250-8630-7960230792F1} - (no file)

---> R3 - URLSearchHook: (no name) - {CADA41F9-AA81-A897-1224-087771AEC292} - C:\WINDOWS\Veprtecx.dll

---> O4 - HKLM\..\Run: [dpcproxy] C:\WINDOWS\System32\dpcproxy.exe

---> O4 - HKLM\..\Run: [aqadcup] C:\WINDOWS\aqadcup.exe

---> O4 - HKLM\..\Run: [Jawa32] C:\WINDOWS\jawa32.exe

---> O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server

---> O4 - HKCU\..\Run: [Osus] C:\Documents and Settings\Mags\Application Data\acao.exe

---> O4 - HKCU\..\Run: [Mw2sRVa5g] ntwert2.exe

---> O4 - HKCU\..\Run: [Jawa32] C:\WINDOWS\jawa32.exe

---> O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - »imgfarm.com/images/nocache/funwebprodu..

---> O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - »software-dl.real.com/291e6043451322ca3..

---> O16 - DPF: {5C7F15E1-F31A-44FD-AA1A-2EC63AAFFD3A} - »www.atelys.com/src/Speedup.ocx

---> O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297B} - »downloads.aaa1screensavers.com/downloa..

---------------------------------------------------------

5. While still in "Safe Mode", remove the following files/folders:

a. The file "Veprtecx.dll" in "C:\WINDOWS".

b. The file "dpcproxy.exe" in "C:\WINDOWS\System32".

c. The file "aqadcup.exe" in "C:\WINDOWS".

d. The file "jawa32.exe" in "C:\WINDOWS".

e. The file "acao.exe" in "C:\Documents and Settings\Mags\Application Data".

f. The file "ntwert2.exe" in "C:\WINDOWS" or "C:\WINDOWS\System32".

6. Run a "Full Custom" scan with Ad-aware and let it fix anything it finds. "How do I do a Full Custom" scan.

7. Reboot your computer into Normal Mode and run another HijackThis scan. Post the new log here.

reply to irisheyes921
Ok, so i tried to reboot in safe mode using the instructions in the link provided. the drop down menu for windows xp/2000 didnt work for me so it said to download windows scripting 5.6 (or something like that) so i did and the drop down menu still didnt work so i couldnt reboot in safe mode. but i followed the rest of the instructions and ran a custom scan of adaware and did a new hijack log and this is what it came up with:
Logfile of HijackThis v1.98.2
Scan saved at 2:34:29 PM, on 9/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\00THotkey.exe
C:\toshiba\ivp\ism\pinger.exe
C:\WINDOWS\System32\s3hotkey.exe
C:\WINDOWS\System32\TFNF5.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe
C:\quickenw\QAGENT.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\support.com\bin\tgcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Documents and Settings\Mags\My Documents\hjt\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = »www.toshiba.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = »www.comcast.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [S3Hotkey] s3hotkey.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TSysSMon] c:\toshiba\sysstability\tsyssmon.exe /detect
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [Drag'n Drop CD] C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [QAGENT] C:\quickenw\QAGENT.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - »www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - »www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - »online.comcast.net/help/ (file missing)
O9 - Extra button: PD - {A83B19E2-32C3-405F-8138-B8788B4AAB10} - C:\Program Files\Pop up Blocker\pd.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O12 - Plugin for .mpga: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - »a840.g.akamai.net/7/840/537/2003···an53.cab
O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} (LogData Class) - »ipgweb.cce.hp.com/rdqna/download···info.cab
O16 - DPF: {D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} (WebBasedClientInstall Class) - »nav.cas.msu.edu/WebInst.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} (Personal System Administrator Control) - »206.65.172.231/check/netset//ins···wngc.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - »by7fd.bay7.hotmail.msn.com/activ···chmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - »chat.msn.com/bin/msnchat45.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

Your log looks pretty good. Has there been any improvement in your system?

To get into "Safe Mode"
----------------------------------------------------------
To use the F8 method

Use this method only if Windows XP is the only operating system installed on your computer.

1. Start Windows, or if it is running, shut Windows down, and then turn off the computer.
2. Restart the computer. The computer begins processing a set of instructions known as the Basic Input/Output System (BIOS). What is displayed depends on the BIOS manufacturer. Some computers display a progress bar that refers to the word BIOS, while others may not display any indication that this process is happening.
3. As soon as the BIOS has finished loading, begin tapping the F8 key on your keyboard. Continue to do so until the Windows Advanced Options menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
4. Using the arrow keys on the keyboard, scroll to and select the Safe mode menu item, and then press Enter.
----------------------------------------------------------

reply to irisheyes921
all you need to do is to DL a copy of scanspyware, pestpatrol, adaware, spybot, and HJT. It might sound a lot of work but the combo of all these programs above will remove your crap 100%. Scanspyware and Pestpatrol alone will do 90% of the cleaning. The best programs I ever use. Disregard any newbie who said Pestpatrol and Scanspyware as rogue. Maybe that's because they have no idea what they are talking about in which they never use but instead speak from reading some guy's comment. Try to get yourself a copy of those apps above and you will be OK.

said by crashnburn:

---

all you need to do is to DL a copy of scanspyware, pestpatrol, adaware, spybot, and HJT. It might sound a lot of work but the combo of all these programs above will remove your crap 100%. Scanspyware and Pestpatrol alone will do 90% of the cleaning. The best programs I ever use. Disregard any newbie who said Pestpatrol and Scanspyware as rogue. Maybe that's because they have no idea what they are talking about in which they never use but instead speak from reading some guy's comment. Try to get yourself a copy of those apps above and you will be OK.

---

reply to irisheyes921
Scan with hijacktyhis again and put a check beside these lines and choose FIX.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0

R3 - Default URLSearchHook is missing
--
The next best thing to being smart is being able to quote someone who is.

reply to CajunTek
that's the exact site I was talking about. I read the site awhile back and half way down I stop because I realized it's not but crap to me. No offense to the guy spending time putting the info together but it would be nice only he is tested it out all those apps instead of putting pieces together like a piece of puzzle. I have test scanspyware myself and foudn it to be the mose useful spyware removal util ever. It's my first choice then pestpatrol, then Adaware, Spybot. When I have time I will will post of all the stuff it find that other missed. I will test it out with Adware first then Spybot, then I will post what Scanspyware will detect. Don't worry I will post screen shots with time stamp so that you will see what was scan first and what is missing. And if you think it's a rogue software then the only way to find out is to get a copy and see for yourself. It wouldn't hurt to test out something that some guy site is so called "bashing". BTW, Scanspyware is not free but if you want to test it out then PM me and I can send you a copy personally for you to put it to the test.

reply to irisheyes921
Ok, i really dont know much about computers. what does rogue and DL mean?

said by irisheyes921:

---

Ok, i really dont know much about computers. what does rogue and DL mean?

---