Posted: 3/23/2009 1:38:15 PM EDT
|
My computer became infected with some spyware. The main symptom is some pop-up every 30 seconds or so telling me my computer is being attacked and I need to take action. Very annoying. Initially, my browser ability was screwed up as well, but I seem to have access to IE no problem no. I never did have problems with the internet connection itself though.
have McAfee installed, but somehow this snuck through. And through my own lack of paying attention, my effort to remove/quarantine it ended up restoring the junk files. Unfortunately, McAfee doesn't let you access those files again through its program, and now I can't find them on my computer. And because they are seen as "restored" by McAfee, a scan doesn't do any good either. It thinks they're okay. Do I just need to do a complete system re-set after saving all the files I dont' want to lose or is it worth the money to pay someone to come out and find it and fix it for me? Or can someone help me locate the bad files on my own? Help a gal out before I  my computer.
|
|
Quoted:
format C: and start over.. Bad Idea, try any thing else first. If you reformat you'll lose everything permanently. Save that for a last resort. Depending upon the type of infection, it may require special removal (i.e. special service) +1 for Malwarebytes. Jeremy Oh, and while your comp is infected, avoid submitting information and buying stuff online with the comp. |
|
Quoted:
And get rid of McAfee. AVG, Malwarebytes, superantispyware, spywaredr, spybot, adaware are all free and all catch different things! I bet none of them fix the problem he is having. For that one you will have to locate the name of the .exe file for the program, then go into safe mode, and from a command line mark all the files in that folder as visible, then go in and delete them, then go into the registry and remove each and every entry for that program, and there will be two or three. Once all that is done you should be clear, but you may not, it is a nasty bugger. |
|
Quoted:
Quoted:
And get rid of McAfee. AVG, Malwarebytes, superantispyware, spywaredr, spybot, adaware are all free and all catch different things! I bet none of them fix the problem she is having. For that one you will have to locate the name of the .exe file for the program, then go into safe mode, and from a command line mark all the files in that folder as visible, then go in and delete them, then go into the registry and remove each and every entry for that program, and there will be two or three. Once all that is done you should be clear, but you may not, it is a nasty bugger. In English, please. On a superficial level I understand what you're suggesting. But actually turning that into action, knowing where to do what....not going to have good results without a step-by-step specific set of directions. As far as the .exe file, I have another microsoft dialogue box that pops up and tells me that a particular .exe file is, well, I can't remember the exact verbage, but the gist was that it's a bad file. Is it possible this is the culprit? What are the chances the problem is limited to this particular file? And, yes, I do believe there is a program running in the background. Its icon shows up on my taskbar by the clock––ironically, next to the McAfee button. Poetic justice?  *rolls eyes*
Oh, yeah, fixed your pronoun too. ;) |
|
Dump McAfee and install Avast and Malwarebytes.
They will clean your system, but you do need to have a certain level of knowledge and experience to use those tools correctly, as they may have to be run more than once, in safe mode, and even in a different account. |
|
Quoted:
Quoted:
And get rid of McAfee. AVG, Malwarebytes, superantispyware, spywaredr, spybot, adaware are all free and all catch different things! I bet none of them fix the problem he is having. For that one you will have to locate the name of the .exe file for the program, then go into safe mode, and from a command line mark all the files in that folder as visible, then go in and delete them, then go into the registry and remove each and every entry for that program, and there will be two or three. Once all that is done you should be clear, but you may not, it is a nasty bugger. 
Have you ever used any of those programs he mentioned? That's pretty much what they do, and they are a whole lot smarter than you poking around in your registry looking for spyware keys, although I do agree that they should always be run from Safe Mode. To the OP, get Malwarebytes and either spybot avg or all of the above. I've had great success cleaning heavily infected computers with them. Install the program(s) first, then reboot your computer and hit the F8 key before it starts loading Windows. You'll see a text menu with boot options. Choose "Boot to Safe Mode without Networking", to boot into safe mode. Once you are logged in, run full disk scans with each program (not simultaneously), deleting/cleaning all the items they find. Reboot into safe mode and run another scan until it comes clean. Boot into normal Windows and run another scan, just to make sure it's not still on there. If your scans keep finding stuff, try another program like Ad-Aware and repeat the previous steps. Just my .02 |
|
here is your prescription:
If you have Norton, uninstall it. Its garbage unless you are running the server edition, which you are not! If you have any Spyware removal software at all, uninstall it now. Most of the Spyware removal programs are indeed spyware themselves! Download, Install and update these free Programs. Then Run Windows Update. Firefox 3 (use this to surf the net, not Internet explorer) No Script add on (follow usage instructions, this program is about PREVENTION so you dont get anymore spyware, not for beginers) CCleaner (run once a week to clear your cache and other junk) Avast! 4 free (a free and fast virus scanner) And If you must use spyware detector programs, then use these approved versions: the real MALWAREBYTES can be found here and is HIGHLY RECOMMENDED the real ADAWARE can be found here, use MALWAREBYTES instead of this the real Spybot SD can be found here, use MALWAREBYTES instead of this |
| I have used them, and I bet they don't fix it. I see this particular malware several times a week, the writers of it change it nearly weekly, so that the above mentioned tools can't remove it. To get rid of it the programs would need to know the name of the exe file that is causing the problem, and the exact text of the registry entry to remove it there, with the author changing the name and entries regularly by the time the anti malware programs are updated for the latest incarnation, there is another on the loose. |
|
Quoted:
here is your prescription: If you have Norton, uninstall it. Its garbage unless you are running the server edition, which you are not! If you have any Spyware removal software at all, uninstall it now. Most of the Spyware removal programs are indeed spyware themselves! Download, Install and update these free Programs. Then Run Windows Update. Firefox 3 (use this to surf the net, not Internet explorer) No Script add on (follow usage instructions, this program is about PREVENTION so you dont get anymore spyware, not for beginers) CCleaner (run once a week to clear your cache and other junk) Avast! 4 free (a free and fast virus scanner) And If you must use spyware detector programs, then use these approved versions: the real MALWAREBYTES can be found here and is HIGHLY RECOMMENDED the real ADAWARE can be found here, use MALWAREBYTES instead of this the real Spybot SD can be found here, use MALWAREBYTES instead of this This. This is my security solution. Save for NOD32 instead of avast. Just look at that man's avatar, he speaks truth. |
|
Definitely use this it has saved me so many times. Make sure you update before using it though |
|
It is worth a try, but don't be too disappointed if you get done, get it all cleared out, and ten minutes later get a message telling you that you have 4657 viruses trying to infect your computer. Sometimes the programs work, especially if the version she got is one that has been out for a while. I see this malware on customer computers alot, they get it, then call the cable company and blame it on us.
I have also seen versions of it that are so bad that you can't get the computer to do anything but spit out warnings and offeres to rid your computer of the nasties for $69.99. Of course going into safe mode will get you back in control even with those versions, but they are the worst to get rid of. |
|
Quoted:
Does Malwarebytes provide real time protection? Not with the free version. I seem to recall that might be one of the features you get by paying. eta: Activating the full version unlocks realtime protection, scheduled scanning, and scheduled updating. For consumers and personal use, it is a one time fee of $24.95. |
|
Quoted:
Quoted:
Quoted:
And get rid of McAfee. AVG, Malwarebytes, superantispyware, spywaredr, spybot, adaware are all free and all catch different things! I bet none of them fix the problem he is having. For that one you will have to locate the name of the .exe file for the program, then go into safe mode, and from a command line mark all the files in that folder as visible, then go in and delete them, then go into the registry and remove each and every entry for that program, and there will be two or three. Once all that is done you should be clear, but you may not, it is a nasty bugger.
Have you ever used any of those programs he mentioned? That's pretty much what they do, and they are a whole lot smarter than you poking around in your registry looking for spyware keys, although I do agree that they should always be run from Safe Mode. To the OP, get Malwarebytes and either spybot avg or all of the above. I've had great success cleaning heavily infected computers with them. Install the program(s) first, then reboot your computer and hit the F8 key before it starts loading Windows. You'll see a text menu with boot options. Choose "Boot to Safe Mode without Networking", to boot into safe mode. Once you are logged in, run full disk scans with each program (not simultaneously), deleting/cleaning all the items they find. Reboot into safe mode and run another scan until it comes clean. Boot into normal Windows and run another scan, just to make sure it's not still on there. If your scans keep finding stuff, try another program like Ad-Aware and repeat the previous steps. Just my .02 I'm going with YOUR .02. I use exactly the same programs as you listed and I run them all in SAFE MODE and have zapped out any malware that resided (g/f getting free wallpaper, don't get me started) Oh, and if it doesn't work, google "Hi-Jack this" and follow the links. |
