Security Basics mailing list archives

Re: WToolsA / WToolsS

From: "Kenny" <kenny () codez co uk>
Date: Tue, 6 Jul 2004 20:05:21 +0100

Hi,

Manual removal in Safe Mode

I agree

Manually removing the spyware files and registry key's, while in Safe

Mode,

is the only effective way to permanently remove them.  But this does take
some investigative work.

Id probably visit www.sysinternals.com and get process explorer,
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml and make a note of
all the registry items associated with the rogue software. Using this info
i'd then
do a manual removal in safe mode, as recommended previously by LordInfidel.

-Good Luck - Kenny



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

WToolsA / WToolsS Allan (Jul 05)
- Re: WToolsA / WToolsS Brian Shaw (Jul 06)
- Re: WToolsA / WToolsS Michael Painter (Jul 06)
- RE: WToolsA / WToolsS Tony (Jul 06)
- RE: WToolsA / WToolsS Dave Dyer (Jul 06)
  - Re: WToolsA / WToolsS Ansgar -59cobalt- Wiechers (Jul 07)
  - Re: WToolsA / WToolsS Michael Painter (Jul 07)
- Re: WToolsA / WToolsS jpc (Jul 06)
- <Possible follow-ups>
- RE: WToolsA / WToolsS LordInfidel (Jul 06)
  - Re: WToolsA / WToolsS Kenny (Jul 07)
- WToolsA / WToolsS Allan (Jul 07)