Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Stuck with Spy Sheriff. Help to remove it please! 4

Status
Not open for further replies.
eman6

eman6

Programmer
Joined
Dec 7, 2004
Messages
578
Location
CH
That's it.
I don't know how this so called Spy Sherif got installed in my computer but now it starts every time I start windows and seems to scan my computer, display a prompt for registration and everything is frozen while the hard disk is spinning like nuts.
I tried safe mode and uninstall from the control panel Add/remove but did not help at all.
It starts with Windows no matter what I do (except in safe mode).
How do I get rid of this monster for the devil's sake?

Thanks for any advice in this matter.


_______________________________________

Eman_2005
Technical Communicator
 
Sort by date Sort by votes
Thank you for your input.
I amusing XP Pro.
How can I use msconfig to get rid of spysherif?
Can I use hiJack this from Safe mode?
Also, I forgot what button I should press on reboot to prevent any auto start software.


_______________________________________

Eman_2005
Technical Communicator
 
Upvote 0 Downvote
It is recommended to 1.) Disable Restore, 2.) run all AntiSpyware Software from SafetyMode (this includes HiJackThis)...

In MS-Config you can look at some (No ALL) AutoStart Progies and disable them from AutoStarting... I suggest you run HiJackThis and Post the LOG here in the FORUM, or have it Online analyzed here at ...

good hunting


Ben

If it works don't fix it! If it doesn't use a sledgehammer...
 
Upvote 0 Downvote
By the way, forgot to precise this is a German Windows, as I am in Switzerland.

Logfile of HijackThis v1.99.1
Scan saved at 16:24:54, on 09.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\kernels32.exe
C:\WINDOWS\System32\vxh8jkdq6.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\vxgame4.exe
C:\Dokumente und Einstellungen\Administrator\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer,Search = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\kernels32.exe
O1 - Hosts: auto.search.msn.com 127.0.0.1
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Programme\CxtPls\cxtpls.dll
O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\GEMEIN~1\WinTools\WToolsB.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: (no name) - {FA5C6032-A7FD-D922-D095-D10FD6E51DC8} - C:\WINDOWS\System32\dldzvd.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels32.exe
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{87136014-7009-4179-8D52-C54704A63DCA}\SVCHOST.EXE
O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\GEMEIN~1\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Programme\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [msxct] msxct.exe
O4 - HKLM\..\Run: [37oQ35P] odescfg.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{343390D9-6724-44AF-9A5F-90C44A385CF4}\SECURITY.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O13 - DefaultPrefix: O13 - O13 - Home Prefix: O13 - Mosaic Prefix: O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - O21 - SSODL: System - {C095DE02-F306-4546-B677-A005FCEB1EC5} - vr_sys.dll (file missing)



_______________________________________

Eman_2005
Technical Communicator
 
Upvote 0 Downvote
To being with, it looks like you are infected with the DLoader-FC or Bropia.V Trojan. See and for starters.

Get rid of that and rerun HiJackThis.

James P. Cottingham
-----------------------------------------
I'm number 1,229!
I'm number 1,229!
 
Upvote 0 Downvote
Thank you very much.
I'll do that and let you know the result tomorrow.

_______________________________________

Eman_2005
Technical Communicator
 
Upvote 0 Downvote
Hmmmm... after you have done your Online Virus Check... I suggest that:

1.) You definately update your XP to SP2 with latest HotFixes... as it seems that you do not have this already done... (Update ist sehr wichtig, hier...)

2.) Install a AntiVirusChecker such as AVG Free, AntiVir, etc. (dies ist sogar wichtiger als das Update zu SP2)

3.) Install a Software FIREWALL, such as ZoneAlarm, Kerio, Tiny or whatever is suited best, or activate the Build in XP-Firewall (at least) (Dies ist auch sehr wichtig denn durch offene Kanaele kommen mehr Viren/Trojaner und Malware in den PC als man denken koennte...)

4.) When the following are still active after a rerun of HiJackThis CLEAN THEM OUT using HIJackThis in Safemode...

O13 - DefaultPrefix: Nasty

O13 - Nasty

O13 - Home Prefix: Nasty

O13 - Mosaic Prefix: Nasty

O15 - Trusted Zone: *.blazefind.com (HKLM) Nasty

O15 - Trusted Zone: *.clickspring.net (HKLM) Nasty

O15 - Trusted Zone: *.flingstone.com (HKLM) Nasty

O15 - Trusted Zone: *.mt-download.com (HKLM) Nasty

O15 - Trusted Zone: *.my-internet.info (HKLM) Nasty

O15 - Trusted Zone: *.searchbarcash.com (HKLM) Nasty

O15 - Trusted Zone: *.searchmiracle.com (HKLM) Nasty

O15 - Trusted Zone: *.skoobidoo.com (HKLM) Nasty

O15 - Trusted Zone: *.slotch.com (HKLM) Nasty

O15 - Trusted Zone: *.slotchbar.com (HKLM) Nasty

O15 - Trusted Zone: *.windupdates.com (HKLM) Nasty

O15 - Trusted Zone: *.xxxtoolbar.com (HKLM) Nasty

O15 - Trusted Zone: *.ysbweb.com (HKLM) Nasty

O15 - Trusted IP range: 67.19.178.84 (HKLM) Nasty

O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - Nasty

O21 - SSODL: System - {C095DE02-F306-4546-B677-A005FCEB1EC5} - vr_sys.dll (file missing)


O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe" Nasty
PeopleonPage foistware

O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{87136014-7009-4179-8D52-C54704A63DCA}\SVCHOST.EXE Nasty
Added as a result of the HITON VIRUS! This is not the valid svchost.exe as described here. Located in a Windows directory, and not in Windows\System32

O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s Nasty
dded as a result of the TROJ/AGENT-V TROJAN!

O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" Nasty
Internet connection optimizer. Malware.

O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\GEMEIN~1\WinTools\WToolsA.exe Nasty
WinTools adware

O4 - HKLM\..\Run: [BullsEye Network] C:\Programme\BullsEye Network\bin\bargains.exe Nasty
BargainBuddy foistware

O1 - Hosts: auto.search.msn.com 127.0.0.1 Nasty
This entry should be fixed immediately! Must be fixed!

O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll Nasty
Entries found in this registry zone are potentially nasty. This application ([00000010-6F7D-442C-93E3-4A4827C2E4C8] - Result: 00000010-6F7D-442C-93E3-4A4827C2E4C8) has been checked Must be fixed!

O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Programme\CxtPls\cxtpls.dll Nasty
Entries found in this registry zone are potentially nasty. This application ([016235BE-59D4-4CEB-ADD5-E2378282A1D9] - Result: 016235BE-59D4-4CEB-ADD5-E2378282A1D9) has been checked. Must be fixed!

O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\GEMEIN~1\WinTools\WToolsB.dll Nasty
Entries found in this registry zone are potentially nasty. This application ([87766247-311C-43B4-8499-3D5FEC94A183] - Result: 87766247-311C-43B4-8499-3D5FEC94A183) has been checked. Must be fixed!

O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll Nasty
Entries found in this registry zone are potentially nasty. This application ([8F4E5661-F99E-4B3E-8D85-0EA71C0748E4] - Result: 8F4E5661-F99E-4B3E-8D85-0EA71C0748E4) has been checked. Must be fixed!

good Hunting...


Ben

If it works don't fix it! If it doesn't use a sledgehammer...
 
Upvote 0 Downvote
Oh my God!!
Do you mean I can delete all these entries you named nasty?

But, I have Sp2 here, but maybe not the absolute latest updates.
Actually I do not use this unit much.
I have developped a software application for a dentist who uses German Windows, and it did not launch there, so I had to install German Windows to be able to test it at home.

Please let me know if I should eliminate all these entries you mentioned as nasty.

Thank you very much.


_______________________________________

Eman_2005
Technical Communicator
 
Upvote 0 Downvote
If you did not put them in there, remove them, esp. the ones in the trusted zone. I suspect the virus may have had something to do with putting them there.

Also I noticed that your IE may not be fully patched.


James P. Cottingham
-----------------------------------------
I'm number 1,229!
I'm number 1,229!
 
Upvote 0 Downvote
Hi,

I would add to Ben's items and say there are more that should be fixed.

I believe all of this is bad:


R1 - HKLM\Software\Microsoft\Internet Explorer,Search = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\kernels32.exe
O1 - Hosts: auto.search.msn.com 127.0.0.1
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Programme\CxtPls\cxtpls.dll
O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\GEMEIN~1\WinTools\WToolsB.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: (no name) - {FA5C6032-A7FD-D922-D095-D10FD6E51DC8} - C:\WINDOWS\System32\dldzvd.dll
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels32.exe
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\System32\Services\{87136014-7009-4179-8D52-C54704A63DCA}\SVCHOST.EXE
O4 - HKLM\..\Run: [WindowsUpdate] C:\WINDOWS\System\svchost.exe /s
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\GEMEIN~1\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Programme\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [msxct] msxct.exe
O4 - HKLM\..\Run: [37oQ35P] odescfg.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{343390D9-6724-44AF-9A5F-90C44A385CF4}\SECURITY.EXE
O13 - DefaultPrefix: O13 - O13 - Home Prefix: O13 - Mosaic Prefix: O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - O21 - SSODL: System - {C095DE02-F306-4546-B677-A005FCEB1EC5} - vr_sys.dll (file missing)

Also I believe all of these files/folders are bad and should be deleted:
C:\WINDOWS\System32\vxh8jkdq6.exe
C:\WINDOWS\System32\kernels32.exe
C:\WINDOWS\System32\kernels32.exe
C:\WINDOWS\System32\Services\{87136014-7009-4179-8D52-C54704A63DCA} <== folder
C:\WINDOWS\System\svchost.exe
C:\Program Files\Internet Optimizer <==== folder
C:\PROGRA~1\GEMEIN~1\WinTools <== folder
C:\Programme\BullsEye Network <== folder
msxct.exe <= file, will have to locate
odescfg.exe <= file, will have to locate
C:\Program Files\AutoUpdate <== folder
C:\WINDOWS\System32\Services\{343390D9-6724-44AF-9A5F-90C44A385CF4} <== folder

Hijackthis may not fix all the trusted zone entries. If that happens try this:
DelDomains.inf:
Link: Page sub heading: To remove all the sites listed in the Restricted Zone

Additional wintools notes:

You have enough stuff here that I think you would benefit from going through the steps in faq608-4650.


-------------------------------------
It's 10 O'Clock ( somewhere! ).
Are your registry and data backed up?
 
Upvote 0 Downvote
Thank you for this addition.
Indeed, I let hijackthis fix all the entries BadBigBen recommended, but SpySherif is still there.
Strange is that it is staying as if I am going in hibernate.
I mean it was scanning my computer and I had to brutally stop the PC to make sure I stop the scanning process, then I went in safe mode, then I used hijackthis and fixed the entries and then rebooted but SpySherif was still standing. Ye ye ye. Continued scanning like he is there regardless of Windows shut down.
I have the impression that there is something specific I need to do particularly against SpySherif.
By the way, what key should I keep pressed when Windows starts to prevent startup programs from starting?
Well, it's not even starting, it is started already, it just continues. I have never seen something so persistent like this.

_______________________________________

Eman_2005
Technical Communicator
 
Upvote 0 Downvote
If you don't get it fixed with all this, thanx Diogenes10 for the additions I missed some of them, then I would suggest a totally CLEAN INSTALL...

Starting from scratch is sometimes less time consuming and will get 99.999% of all nasties out of your system...

Installing SP2 will update the IE to V6 SP2 (which is at present the latest)... if the system hooks up to the internet, then installing a FireWall and an AntiVirus Program are a must...

good hunting...

Ben

If it works don't fix it! If it doesn't use a sledgehammer...
 
Upvote 0 Downvote
Gentlemen
I got hijackthis to fix all of them, absolutely all.
This did not change the problem at all.
By the way, neither Norton anto virus nor Microsoft AntiSpyware accept to install in Safe Mode.
And now, I can ONLY be in safe mode to have windows without the SpySherif.
It is there haunting Windows like a holy spirit.
I don't understand those MS engineers who on one hand create Safe Mode to help you debug, and on the other hand prevent you from installing anything in this mode. Anything, including anti spyware and anti virus.

Of course, I can start searching the internet for whatever is there that claims to eliminate SpySherif, if there is such a thing at all. But you tell me, gentlemen, why would I trust any anti spyware, when it could be some sort of malicious software itself??

By the way, SpySherif is supposed to be an anti spyware.

Cheers



_______________________________________

Eman_2005
Technical Communicator
 
Upvote 0 Downvote
Hola, I would take another look at MSCONFIG...

there is a TAB called DIENSTE (Services) at the bottom you can blend out all MS Services, leaving only the ones that where not installed by the OS... check to see if the SPY SHERIFF is listed, if in doubt list all of them here (deactivate it (Start, Einstellungen, Systemsteurerungen, Verwaltung, Dienste)) ... also check System Start, SYSTEM.INI and/or WIN.INI (these can be start locations for troublesome software)...

Repost your New Clean HiJackThis LOG... this could help aswell...

PS: I've never tried SpySheriff, but from the trouble you mentioned, it does not seem a very good program to start with, as it hasn't caught anything on the PC at all... furthermore, when a program is de-installed it should take it's Service with it...

for Adware/malware: I suggest the use of MS AntiSpyware, Ad-Aware and SpyBot S&D... for VIRII I suggest almost anything other than Norton (have had bad experience with Norton in the past) and a Trojan Scanner as a backup to that...




Ben

If it works don't fix it! If it doesn't use a sledgehammer...
 
Upvote 0 Downvote
Two stars:
One for your advice
One for your language knowledge ;-)

_______________________________________

Eman_2005
Technical Communicator
 
Upvote 0 Downvote
Two stars:
One for your advice
One for your language knowledge
Click to expand...

I accept the first... the second, I can't help it, I am a German who grew up in the US and Europe , and I use a German version of XP that's why I know where to look... :)


Ben

If it works don't fix it! If it doesn't use a sledgehammer...
 
Upvote 0 Downvote
also download these tools and run them.

Download DelDomains.inf from here:


Rightclick DelDomains.inf and choose install.


Go here and download Microsoft Antispyware Beta. First in the top menu click File then Check for updates to download the definitons updates.

After updating look in the right side of the main window under "Run Quick Scan Now" and click Spyware scan options. In that window put a tick by Run a full system scan and then put a check by all three options below that then
click Run Scan now.

When the scan is finished, let it fix anything that it finds (have it quarantine the items that have that option rather than delete just in case. It is a beta program and there may be false positives)

Restart your computer.


All tools can be downloaded at the link below!


. Microsoft® Windows AntiSpyware
. cwshredder
. SpyBot search and destroy
. AdAware SE





* Download the trial version of Ewido Security Suite here



* Install ewido.
* During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
* Launch ewido
* It will prompt you to update click the OK button and it will go to the main screen
* On the left side of the main screen click update
* Click on Start and let it update.
* DO NOT run a scan yet. You will do that later in safe mode.



* Click here for info on how to boot to safe mode if you don't already know
how.


How to boot to safe mode



* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in
safe mode:



* Now run Ewido:

* Click on scanner
* Put a check by the following before you scan:
o Binder
o Crypter
o Archives
* Click the Start Scan button to start the scan.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop




download ccleaner and run it.





Run ActiveScan online virus scan here


When the scan is finished, anything that it cannot clean have it delete it. Make a note of the file location of anything that cannot be deleted so you can delete it yourself.
- Save the results from the scan!
 
Upvote 0 Downvote
OK, gentlemen.
Ewido has done an excellent job for me and cleaned everything.
I therefore purchased it and installed it also in my laptop to clean there too.

I have now NAV, MS AntiSpyware and Ewido all installed and active to stop malware and viruses on the fly. Would this not slow down the pc?
Would they all scan each email message I send or receive?

Thank you in advance.


_______________________________________

Eman_2005
Technical Communicator
 
Upvote 0 Downvote
Hi Eman_2005,

Yes, it can slow down the PC, but with a correctly set up OS, this can be neglected (the slow down is minimal)...

on my system, I use AntiVir and SpyBot S&D, to actively scan in the background, aswell as having a third Party Firewall (Kerio), then I do a scan with HiJackThis once a week, aswell as with AdAware SE... once every month I do a full system Scan with Ewido, AntiVir, AdAware, SpyBot S&D, and MS/Giant AntiSpyware... and I have (knock on wood) had no serious Malware/Virus/Trojan infection in about 3 years...



Ben

If it works don't fix it! If it doesn't use a sledgehammer...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

sal21
  • Locked
  • Question Question
please suggest me internet scurity antivirus
Replies
0
Views
332
sal21
sal21
ChrisOfOz
  • Locked
  • Question Question
Lenovo startup problem please any ideas?
Replies
10
Views
2K
Yoko Littner
Yoko Littner
2ffat
  • Locked
  • News News
Audacity is Spyware?
Replies
2
Views
647
2ffat
2ffat
DrB0b
  • Locked
  • Question Question
Crytowall 3.0 and How I dealt with it
Replies
7
Views
741
DrB0b
DrB0b
CCX008
  • Locked
  • Question Question
Barowwsoe2save , how can I remove this stubborn virus !!
Replies
10
Views
749
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top