TranceAddict Forums (www.tranceaddict.com/forums)
- Canada - Toronto & Southern Ont.
-- Spyware Removal
Pages (2): [1] 2 »

Spyware Removal

I am currently running Spybot S&D, Superantispyware and Spywareblaster on my machine for prevent and cleanup, and HiJackThis ontop of that to see what's really going on. Now I don't have any spyware that is detectable by these anymore but I keep having spyware installed on my system even when I am not running any applications, I'd see a random exe run in the processess list and it generally adds a file to run at startup. Just a few hours ago my system was totally hijacked by these rogue exes that seemingly come out of nowhere. The only reason I even noticed something odd is becuase the mouse pointer changed to an hour glass icon, i checked processes and there was a whole bunch of new exes. This is a re-occuring process and I can't seem to get rid of it. Ontop of that, something is disabling me from downloading the latest windows update patches.

On my 2nd machine, the removal of certain spyware has caused Outlook, Internet Explorer, Netscape and Netscape mail to cease working, they just crash as soon as you run them. Only way I can run internet explorer is through the explorer shell. I ran all sorts of possible checks but i cannot find anything, there were a few remnants of the spyware left which completely disabled inet access, i've fixed that but normal browsing apps don't run.

Any hints, tips, suggestions is welcome.

Use Ad aware?

google.trend micro they have both free online anti spyware + anti virus scanners for free..

i recommend running those.. spybot or adaware wont help sometimes..

give those a shot

I ran the online scanner from TrendMicro and it found a bunch of stuff and promptly removed it, but it hasn't solved the problem. There's something else running somewhere that isn't being detected... I am at a loss, seems like the only viable solution is a complete re-install but I'd rather not resort to that just yet.

You know, I haven't gotten any spyware in a few years now, and the only protection I have against it is a firewall and common sense. So my suggestions would be:

1) Use Firefox or anything else other than IE.

2) Stop visiting the asshole of the Internet. Think before clicking.

That said, some spyware can be so nasty you can't get rid of it without a reinstall of the OS.

Oh, and Adaware is shit - they've been caught getting paid by spyware companies to remove some of their spyware definitions from their database.

quote:

Originally posted by Cosmic Fur Oh, and Adaware is shit - they've been caught getting paid by spyware companies to remove some of their spyware definitions from their database.

Didn't know. Thanks for the info

1. Boot up in safe mode, and then run the scans all over again...including ur virus scan

2. Restart and see what processes are still running. Search for them all. Once u find them, kill the process and delete the files.

3. go to your registry,
type in regedit in run....
then go to LOCAL MACHINE=>Software=>Microsoft=>Windows=>Current Version=> then check the RUN and RUN ONCE folders....if there is any processes there that souldnt be running go search for them and once found delete them from the RUN or RUN ONCE folder and also delete them from the folder you found them in.

4. reboot and rerun all your spyware and virus scans..

5. You should be fine.

6. OH YEAH AS STATED PREVIOUSLY...DO NOT USE IE...USE FIREFOX!!!

quote:

Originally posted by EvilTree Didn't know. Thanks for the info

Yeah, and just to show I'm not talking out of my ass, here is when they got busted:
http://www.broadbandreports.com/for...65642~mode=flat

And here is a review of spyware programs by CNET:
http://www.zdnet.com.au/reviews/sof...25147-13,00.htm
notable quote:

quote:

The biggest disappointment of the testing was Lavasoft, which only managed to pick up one out of the nine items. The second last, surprisingly, was Trend Micro with three detections only. Microsoft, Webroot, and McAfee all came in with four detections each.

quote:

Originally posted by Cosmic Fur Oh, and Adaware is shit - they've been caught getting paid by spyware companies to remove some of their spyware definitions from their database.

Actually this was true, but since it was acquired by Google's team it was defunked.

My best option is Ad-Aware and Spybot running Avast! as your virus scanner as it has a built-in spyware prevention detector on it as well.

Lavasoft - Ad-Aware

SpyBot Search and Destroy

Avast! Antivirus Software

Arney, I would also recommend running C-Cleaner on your system as I would bet money it will clean things up quite nicely. It removes bad registry files and extra files left scattered on your system from install/uninstalls. It's completely free-ware but does a fantastic job. First time I ran it it removed nearly 3Gb of unnecessary files and commands.

C-Cleaner

quote:

Originally posted by Cro_Addict 1. Boot up in safe mode, and then run the scans all over again...including ur virus scan 2. Restart and see what processes are still running. Search for them all. Once u find them, kill the process and delete the files. 3. go to your registry, type in regedit in run.... then go to LOCAL MACHINE=>Software=>Microsoft=>Windows=>Current Version=> then check the RUN and RUN ONCE folders....if there is any processes there that souldnt be running go search for them and once found delete them from the RUN or RUN ONCE folder and also delete them from the folder you found them in. 4. reboot and rerun all your spyware and virus scans.. 5. You should be fine. 6. OH YEAH AS STATED PREVIOUSLY...DO NOT USE IE...USE FIREFOX!!!

I've done all that!

quote:

Originally posted by 8Wonders I've done all that!

hmmm interesting..

I use uninstalled all my ant-spyware apps (had several too) when Microsoft AntiSpyware came out. It cleaned everything up and solved all spyware related problems. It's been about 2 years and it's still keeping my system clean. It's now called Windows Defender, still free. It does use up some resources, but that's up to you.

I have been having major problems with my comupter lately, to the point where my connection does not even work anymore. I run ad-aware, sysmantic, xoftspy, registy booster, registry mechanic, a bunch of online scanners, etc. I ran these programs multiple times a day and nothing was working. I was ready to call it quits and redo the OS. I called time warner (my cable provider as a last resort). This is what they told me to do(I have XP). Clicked start in bottom left and then right clicked on my computer and hit properties. I can remeber which tab it was (there were only 8), but one had an option to delete all prior restore points. The guy told me that spyware and virus like to hide in restore points and when you delete them the virus and spyware "come out." I checked the box and hit apply and then he told me run the online scanner bitdefender (bitdefender.com). I was schocked! The scan took about an hour but i found over 15 viruses and 100+ damaged files that none of the other programs found!!! He told me re-run all my other spyware appilcations as well and I did. Every single program found something new!! My computer is working great now! Let me know if this helps. (i dont know it was deleting the restore points or the Bitdefender program).

Re: Spyware Removal

quote:

Originally posted by 8Wonders I am currently running Spybot S&D, Superantispyware and Spywareblaster on my machine for prevent and cleanup, and HiJackThis ontop of that to see what's really going on. Now I don't have any spyware that is detectable by these anymore but I keep having spyware installed on my system even when I am not running any applications, I'd see a random exe run in the processess list and it generally adds a file to run at startup. Just a few hours ago my system was totally hijacked by these rogue exes that seemingly come out of nowhere. The only reason I even noticed something odd is becuase the mouse pointer changed to an hour glass icon, i checked processes and there was a whole bunch of new exes. This is a re-occuring process and I can't seem to get rid of it. Ontop of that, something is disabling me from downloading the latest windows update patches. On my 2nd machine, the removal of certain spyware has caused Outlook, Internet Explorer, Netscape and Netscape mail to cease working, they just crash as soon as you run them. Only way I can run internet explorer is through the explorer shell. I ran all sorts of possible checks but i cannot find anything, there were a few remnants of the spyware left which completely disabled inet access, i've fixed that but normal browsing apps don't run. Any hints, tips, suggestions is welcome.

This is MALWARE!
you cannot remove it by those applications, you will need to manually remedy your problem depending on what problem you have..

A good place to find out is -

http://www.malwarecomplaints.info/

also check

http://forums.spywareinfo.com/index.php?

try useing windows defender, rougescan fix and removeIT pro XT2 SE in safe mode.

these three have killed everything I can throw at them!

download the mcafee siteadvisor add on for firefox ... its just a box tht shows up at the bottom right corner of you browser telling you whether the site you are about to visit is safe or not ... mozilla has testers continuously testing as many websites as they can and adding them to siteadvisor ... even when you run a google search you get safety ratings next to each result telling you if the site is safe to visit and for sites marked in red, it gives a list of the reasons not to visit it.. i think its quite helpful

http://www.siteadvisor.com/download/ff.html

http://www.geekstogo.com/forum/You_..._Log-t2852.html

I'm far from a tech nerd, but the above is, by far, the best resource I've found and used.

running too many apps is not productive. I have Norton AV installed, along with Spybot S&D, and Hijack This...no problems (after having *major* ones before).

Most people may know this, but the *essential* tool, IMHO, is to have Spybot's registry protection enabled after using Hijack This to cleanup the registry programs run at startup so that you're prompted to allow or deny all attempts to amend the registry by 3rd party software.

anyway...follow the above instructions and you should be good.

IE is not *that* bad...if you're smart when using it and have the necessary safeguards in place to mitigate the additional risks vs. using Firefox

quote:

Originally posted by EvilTree Use Ad aware?

I have ad aware and spybot
and trend micro pc cillon

Get Webroot Spy Sweeper...by far the best one I've had yet.

I just scanned my computer a few minutes ago and it found tons of shit and my comp already runs quite a bit faster without the extra weight.

quote:

Originally posted by Chris Allen Arney, I would also recommend running C-Cleaner on your system as I would bet money it will clean things up quite nicely. It removes bad registry files and extra files left scattered on your system from install/uninstalls. It's completely free-ware but does a fantastic job. First time I ran it it removed nearly 3Gb of unnecessary files and commands. C-Cleaner

Cheers for the link.

quote:

Originally posted by Chris Allen C-Cleaner

Great little utility; use it all the time!

Yea pretty much what everyone else said except you could look into Windows Defender as well which I've found does a pretty good job and is much more granular and customizable.

I believe it's going to be standard with VISTA anyways.

http://www.microsoft.com/athome/sec...re/default.mspx

Cheers...

Ok. I seem to be consistently getting spyware installed on my computer. Something called NSIS media.

Ran every spyware remover suggested here. It gets detected and removed, but it keeps coming back.

How do I stop this?

quote:

Originally posted by EvilTree How do I stop this?

Flatten and reinstall

quote:

Originally posted by VERTiG0 Flatten and reinstall

Oh bloody hell

quote:

Originally posted by EvilTree Ok. I seem to be consistently getting spyware installed on my computer. Something called NSIS media. Ran every spyware remover suggested here. It gets detected and removed, but it keeps coming back. How do I stop this?

it's definitely either in your registry or your start up log if it keeps re-installing after being removed.

the problem is when a cleaning utility only removes the installed files and doesn't clean the registry entry/entries as well. If this is the case, it's going to keep re-istalling, likely on startup.

I know you've said that you've used all utilities here...but have you used "Hijack This" to see your startup log? If there's anything obviously suspicious in there, delete it (be careful what you delete though, lol).

Spybot's registry protection is excellent, I find...anything trying to make a registry change or jack your browser results in your being prompted to approve or deny the change.

failing all of this...post something on that geekstogo site or google your particular virus/worm/whatever and I'm sure there are specific cleaning instruction available.

edit: http://www.google.ca/search?hl=en&q=NSIS+media&meta=

lots of info...but try a reliable source...I wouldn't be surprised if these ******s intentionall put out b.s. cleaning utilities that do more harm

Powered by: vBulletin
Copyright © 2000-2021, Jelsoft Enterprises Ltd.