Calguns.net  

Home My iTrader Join the NRA Donate to CGSSA Sponsors CGN Google Search
CA Semiauto Ban(AW)ID Flowchart CA Handgun Ban ID Flowchart CA Shotgun Ban ID Flowchart
Go Back   Calguns.net > GENERAL DISCUSSION > Technology and Internet
Register FAQ Members List Calendar Mark Forums Read

Technology and Internet Emerging and current tech related issues. Internet, DRM, IP, and other technology related discussions.

Reply
 
Thread Tools Display Modes
  #1  
Old 10-23-2009, 8:58 AM
freonr22's Avatar
freonr22 freonr22 is offline
I need a LIFE!!
 
Join Date: Dec 2008
Location: San Jose
Posts: 11,813
iTrader: 28 / 100%
Default Webwatcher atww removal

Any thoughts on how to remove webwatcher atww? http://webwatchernow.com/

also was awareness technology

I can get into system32 cache? and delete the folder, but spybot s &d keeps finding it.

they will remove it for $80
__________________
<img src=http://calgunsfoundation.org/images/stories/San-Benito.jpg border=0 alt= />[IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-3.png[/IMG][IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-4.png[/IMG]
Quote:
Originally Posted by dantodd View Post
We will win. We are right. We will never stop fighting.
Quote:
Originally Posted by bwiese View Post
They don't believe it's possible, but then Alison didn't believe there'd be 350K - 400K OLLs in CA either.
Quote:
Originally Posted by louisianagirl View Post
Our fate is ours alone to decide as long as we remain armed heavily enough to dictate it.
Reply With Quote
  #2  
Old 10-23-2009, 12:08 PM
ilbob ilbob is offline
Senior Member
 
Join Date: Jul 2008
Location: Illinois
Posts: 1,780
iTrader: 0 / 0%
Default

do some googling
__________________
bob

Disclaimers: I am not a lawyer, cop, soldier, gunsmith, politician, plumber, electrician, or a professional practitioner of many of the other things I comment on in this forum.
Reply With Quote
  #3  
Old 10-23-2009, 12:14 PM
freonr22's Avatar
freonr22 freonr22 is offline
I need a LIFE!!
 
Join Date: Dec 2008
Location: San Jose
Posts: 11,813
iTrader: 28 / 100%
Default

thanks i have
__________________
<img src=http://calgunsfoundation.org/images/stories/San-Benito.jpg border=0 alt= />[IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-3.png[/IMG][IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-4.png[/IMG]
Quote:
Originally Posted by dantodd View Post
We will win. We are right. We will never stop fighting.
Quote:
Originally Posted by bwiese View Post
They don't believe it's possible, but then Alison didn't believe there'd be 350K - 400K OLLs in CA either.
Quote:
Originally Posted by louisianagirl View Post
Our fate is ours alone to decide as long as we remain armed heavily enough to dictate it.
Reply With Quote
  #4  
Old 10-23-2009, 12:45 PM
Dr Pete Dr Pete is offline
Member
 
Join Date: Oct 2009
Posts: 425
iTrader: 3 / 100%
Default

Couple of programs to try.
Bare in mind this program is listed at a "rootkit"

Freeware & other stuff that is real good:
Revo uninstaller Free and opensource (Might detect it and uninstall completely)
Malwarebytes
SUPERAntiSpyware (they have a free edition)
CrapCleaner (Freeware program that probably won't fix your problem but is a nice tool)
Last resort go here:
Code:
http://www.techsupportalert.com/best-free-rootkit-scanner-remover.htm
Be careful installing anything new especially from the gizmo site, they offer free stuff but I prefer getting directly from the source.
Use the page as information.

Post back if you have success or need more help.
Good luck

"Go slow you'll get farther ahead"
Reply With Quote
  #5  
Old 10-23-2009, 1:14 PM
freonr22's Avatar
freonr22 freonr22 is offline
I need a LIFE!!
 
Join Date: Dec 2008
Location: San Jose
Posts: 11,813
iTrader: 28 / 100%
Default

Thank you! I soo forgot to add, I have malwarebytes, ccleaner, spybot Search and destroy, microsoft security essentials, I also went to spybots forum, but didnt click well, tried the hijackthis and post, but the lag between resonses was too great
__________________
<img src=http://calgunsfoundation.org/images/stories/San-Benito.jpg border=0 alt= />[IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-3.png[/IMG][IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-4.png[/IMG]
Quote:
Originally Posted by dantodd View Post
We will win. We are right. We will never stop fighting.
Quote:
Originally Posted by bwiese View Post
They don't believe it's possible, but then Alison didn't believe there'd be 350K - 400K OLLs in CA either.
Quote:
Originally Posted by louisianagirl View Post
Our fate is ours alone to decide as long as we remain armed heavily enough to dictate it.
Reply With Quote
  #6  
Old 10-23-2009, 1:37 PM
Dr Pete Dr Pete is offline
Member
 
Join Date: Oct 2009
Posts: 425
iTrader: 3 / 100%
Default

Ya some of those "bugs" can be hard to remove.
The revo uninstaller does a good job of seeing installed programs and removing the leftover stuff which is what is giving you troubles.

Another thought, try a GOOD anti-virus program.
I personally use NOD32 & Kaspersky are both top rated.

Removing the registry entries might work also, crap cleaner has the registry cleaner.

Last resort (I have done this)
C:Format
Back up your important stuff and reinstall!!
Sometimes it's faster and you know it's clean.
Reply With Quote
  #7  
Old 10-26-2009, 1:15 PM
freonr22's Avatar
freonr22 freonr22 is offline
I need a LIFE!!
 
Join Date: Dec 2008
Location: San Jose
Posts: 11,813
iTrader: 28 / 100%
Default

Attachment 36225

by the way I know where it is, just when I delete that folder, it comes back upon reboot
__________________
<img src=http://calgunsfoundation.org/images/stories/San-Benito.jpg border=0 alt= />[IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-3.png[/IMG][IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-4.png[/IMG]
Quote:
Originally Posted by dantodd View Post
We will win. We are right. We will never stop fighting.
Quote:
Originally Posted by bwiese View Post
They don't believe it's possible, but then Alison didn't believe there'd be 350K - 400K OLLs in CA either.
Quote:
Originally Posted by louisianagirl View Post
Our fate is ours alone to decide as long as we remain armed heavily enough to dictate it.

Last edited by freonr22; 12-22-2009 at 10:39 AM..
Reply With Quote
  #8  
Old 10-26-2009, 1:24 PM
Super Spy's Avatar
Super Spy Super Spy is offline
Veteran Member
 
Join Date: Mar 2009
Location: 925
Posts: 3,476
iTrader: 5 / 100%
Default

+1 Revo
Used it before to get rid of a stubborn root kit and it worked well, did run it several times to get rid of all traces, run, boot, run, boot, until it stays clean......
Reply With Quote
  #9  
Old 10-26-2009, 1:37 PM
freonr22's Avatar
freonr22 freonr22 is offline
I need a LIFE!!
 
Join Date: Dec 2008
Location: San Jose
Posts: 11,813
iTrader: 28 / 100%
Default

revo doesnt pick it up unless im not doing it right? for unistaller anyways, when I click hunter mode, it was going to microsoft essentials, i turned realtime protection off and now when I click hunter mode it closes....btw xp pro sp3
__________________
<img src=http://calgunsfoundation.org/images/stories/San-Benito.jpg border=0 alt= />[IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-3.png[/IMG][IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-4.png[/IMG]
Quote:
Originally Posted by dantodd View Post
We will win. We are right. We will never stop fighting.
Quote:
Originally Posted by bwiese View Post
They don't believe it's possible, but then Alison didn't believe there'd be 350K - 400K OLLs in CA either.
Quote:
Originally Posted by louisianagirl View Post
Our fate is ours alone to decide as long as we remain armed heavily enough to dictate it.
Reply With Quote
  #10  
Old 10-26-2009, 1:45 PM
freonr22's Avatar
freonr22 freonr22 is offline
I need a LIFE!!
 
Join Date: Dec 2008
Location: San Jose
Posts: 11,813
iTrader: 28 / 100%
Default

Attachment 36226 notice the nomenclature on the right??
__________________
<img src=http://calgunsfoundation.org/images/stories/San-Benito.jpg border=0 alt= />[IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-3.png[/IMG][IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-4.png[/IMG]
Quote:
Originally Posted by dantodd View Post
We will win. We are right. We will never stop fighting.
Quote:
Originally Posted by bwiese View Post
They don't believe it's possible, but then Alison didn't believe there'd be 350K - 400K OLLs in CA either.
Quote:
Originally Posted by louisianagirl View Post
Our fate is ours alone to decide as long as we remain armed heavily enough to dictate it.

Last edited by freonr22; 12-22-2009 at 10:39 AM..
Reply With Quote
  #11  
Old 10-27-2009, 3:15 PM
freonr22's Avatar
freonr22 freonr22 is offline
I need a LIFE!!
 
Join Date: Dec 2008
Location: San Jose
Posts: 11,813
iTrader: 28 / 100%
Default

eee
ttt
__________________
<img src=http://calgunsfoundation.org/images/stories/San-Benito.jpg border=0 alt= />[IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-3.png[/IMG][IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-4.png[/IMG]
Quote:
Originally Posted by dantodd View Post
We will win. We are right. We will never stop fighting.
Quote:
Originally Posted by bwiese View Post
They don't believe it's possible, but then Alison didn't believe there'd be 350K - 400K OLLs in CA either.
Quote:
Originally Posted by louisianagirl View Post
Our fate is ours alone to decide as long as we remain armed heavily enough to dictate it.
Reply With Quote
  #12  
Old 10-27-2009, 4:19 PM
SmokinMr2's Avatar
SmokinMr2 SmokinMr2 is offline
Senior Member
 
Join Date: Jan 2009
Location: High Desert
Posts: 807
iTrader: 10 / 100%
Default

Rootkits are nasty...

Here's a few tools. You will need to remove the rootkit first or the files/directories will keep coming back

http://download.cnet.com/AVG-Anti-Ro...-10662685.html

Here's a link with a big list.
http://www.antirootkit.com/software/index.htm
There are download links. Make sure you only download stuff from the creator's site
__________________
NRA Pistol, Rifle, Shotgun Instructor
Utah CCW instructor
Reply With Quote
  #13  
Old 10-27-2009, 6:06 PM
Dr Pete Dr Pete is offline
Member
 
Join Date: Oct 2009
Posts: 425
iTrader: 3 / 100%
Default

Take a look at this forum.
Do your searching and post, someone will help you.
Code:
http://forums.whatthetech.com/Infections_Removal_f27.html
Reply With Quote
  #14  
Old 10-29-2009, 1:54 AM
Macadelic4's Avatar
Macadelic4 Macadelic4 is offline
Member
 
Join Date: Jul 2008
Location: The free state of Georgia
Posts: 427
iTrader: 12 / 100%
Default

Oh, the joys of DBAN holocaust, for those times when the process of conventional ethnic rootkit cleansing is too tedious.

I bet those WebWatcher guys never thought of the "atomic option" when claiming nothing could beat them. Remember to back everything up first or your precious files will become little more than shadows on the pavement from the DOD-level wipe.
__________________
Former (graduated ) Financial Officer of the Marksmanship Club at UCSD. CHECK THEM OUT!

Quote:
Originally Posted by wcnones View Post
Should I give them booze? I have Ralph's brand Kahlua and some Half and Half. Kids like chocolate milk, right?

Last edited by Macadelic4; 10-29-2009 at 1:57 AM..
Reply With Quote
  #15  
Old 10-29-2009, 8:52 AM
freonr22's Avatar
freonr22 freonr22 is offline
I need a LIFE!!
 
Join Date: Dec 2008
Location: San Jose
Posts: 11,813
iTrader: 28 / 100%
Default

Thank you guys, I will be working on it this weekend. wouldnt backing up somehow include the atww? and the dban (ill do some reading) wipe ie format everything?
__________________
<img src=http://calgunsfoundation.org/images/stories/San-Benito.jpg border=0 alt= />[IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-3.png[/IMG][IMG]file:///C:/Users/PCMECH%7E1/AppData/Local/Temp/moz-screenshot-4.png[/IMG]
Quote:
Originally Posted by dantodd View Post
We will win. We are right. We will never stop fighting.
Quote:
Originally Posted by bwiese View Post
They don't believe it's possible, but then Alison didn't believe there'd be 350K - 400K OLLs in CA either.
Quote:
Originally Posted by louisianagirl View Post
Our fate is ours alone to decide as long as we remain armed heavily enough to dictate it.
Reply With Quote
  #16  
Old 10-29-2009, 9:17 AM
Dr Pete Dr Pete is offline
Member
 
Join Date: Oct 2009
Posts: 425
iTrader: 3 / 100%
Default

If you just back up your data then wipe hard drive you will be OK.
I would sure write this co a real Nasty letter. Looks like they have enough bad reviews. Sorry you got screwed by them.
Just go through your list of things to back up.
E-mail
Browser bookmarks
Any picture and downloads you want to save.
Any other data files you need.
Take your time and back up only your data that you need or use.
Then format and reinstall o/s
I do know the people on the hijack site will be able to help, just might take a day or so plus you sending them your log files of whats running.
Your choice, if me I backup and format.
Good luck, let us know how you work things out.
Reply With Quote
  #17  
Old 11-15-2009, 3:41 AM
ThomasThompson ThomasThompson is offline
Junior Member
 
Join Date: Nov 2009
Posts: 1
iTrader: 0 / 0%
Default

Quote:
Originally Posted by freonr22 View Post
Any thoughts on how to remove webwatcher atww? http://webwatchernow.com/

also was awareness technology

I can get into system32 cache? and delete the folder, but spybot s &d keeps finding it.

they will remove it for $80
Dude,
FYI (in case you didn't already know) - Someone installed this program on your PC to monitor you. Here is what they installed to keep an eye on things:
http://www.awarenesstech.com/
Reply With Quote
  #18  
Old 11-15-2009, 5:35 AM
BB63Squid's Avatar
BB63Squid BB63Squid is offline
Veteran Member
 
Join Date: Oct 2006
Location: South Bay
Posts: 3,143
iTrader: 10 / 100%
Default

Freon...

Looks as if you have a Keylogger installed. Some keyloggers are pretty simple and others quite complicated. One technique they use is to install into a non-descript directory which the installer creates (names). At boot the system will create the directory that you are seeing but the directory that spawns the whole process is an unknown.

The reason Webwatcher will delete it is that they have a backdoor I am betting. IMHO I would save yourself the grief and the lingering doubt and flatten the drive and re-install the OS. That way you know you have a clean system.
__________________
Sir William Muir: “The sword of Muhammad and the Qur’an (Koran) are the most fatal enemies of civilization, truth, and liberty which the world has yet known.”


Frustratedinca, mojo, Rellik Remag > FU

Quote:
Originally Posted by Booshanky View Post
I've got a pretty resilient cornhole though.
Quote:
Originally Posted by Buddhabelly View Post
So take your sheeps and go home. You're not worthy.
Reply With Quote
  #19  
Old 11-15-2009, 7:01 AM
bg bg is offline
Calguns Addict
 
Join Date: Aug 2002
Location: Who cares
Posts: 5,211
iTrader: 0 / 0%
Default

Can you go "run" and disable from starting up via msconfig ?
Or go in as Admin and hunt the root down and delete that way ?

If still having probs, take a visit here. They are helpful getting nasty
bugs out. Nice folks.

www.geekstogo.com
http://www.geekstogo.com/forum/forums.html

Last edited by bg; 11-15-2009 at 7:05 AM..
Reply With Quote
  #20  
Old 11-15-2009, 11:50 PM
JDay's Avatar
JDay JDay is offline
I need a LIFE!!
 
Join Date: Nov 2008
Location: El Dorado County
Posts: 18,846
iTrader: 5 / 100%
Default

Its a rootkit, you need to reinstall the OS... its the only way to be sure.
__________________
Oppressors can tyrannize only when they achieve a standing army, an enslaved press, and a disarmed populace. -- James Madison

The Constitution shall never be construed to authorize Congress to prevent the people of the United States, who are peaceable citizens, from keeping their own arms. -- Samuel Adams, Debates and Proceedings in the Convention of the Commonwealth of Massachusetts, 86-87 (Pearce and Hale, eds., Boston, 1850)
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -8. The time now is 9:40 AM.




Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2016, vBulletin Solutions, Inc.
Proudly hosted by GeoVario the Premier 2A host.
Calguns.net, the 'Calguns' name and all associated variants and logos are ® Trademark and © Copyright 2002-2016, Calguns.net an Incorporated Company All Rights Reserved.