PDA

View Full Version : Serious Spyware Problem, Need Help



User Name
04-01-2005, 02:33 AM
Yeah, my computer got hit with some serious spyware problems and I need some help with it. I've had to use IE for the last few weeks just to view some sections of the forums because Mozilla was hit with the problem. A few key words are linked (Chat, for example), and if there are other words in the link (Serious Chat, Random Chat), the whole link will be affected. It got worse when a program called Security iGuard magically got itself onto the computer, but is useless because you have to pay for it in order to use it. I've deleted it about 7 or 8 times, but it reinstalls itself onto the computer. Now, I'm getting pop-ups and a random MS-DOS program pops up every once in a while.

Also, some shoddy search engine called DAO Search (also the site that the random words are linked to) automatically sets the homepage for IE to its main search page, even after changing it. I've had spyware problems in the past, but nowhere near this bad.

Glenn
04-01-2005, 02:48 AM
http://www.lavasoftusa.com/

Download AdAware Personal

Tomi
04-01-2005, 03:01 AM
http://www.microsoft.com/athome/security/s...re/default.mspx (http://www.microsoft.com/athome/security/spyware/software/default.mspx)

I highly recommend this. ;)

Shade
04-01-2005, 03:40 AM
Yep, Adaware is great, as is Spybot Search and Destroy, I usually use both of those when encountering spyware. More agreesive ones may require more aggressive techniques (ie. programs specific to the particular spyware, or manual removal via registry/manual deletion/safe mode etc. First things first though, run update adaware and spybot, and scan, see what you can get rid of that way.

Tomi
04-01-2005, 04:07 AM
Originally posted by Shade@Mar 31 2005, 10:58 PM
Yep, Adaware is great, as is Spybot Search and Destroy, I usually use both of those when encountering spyware. More agreesive ones may require more aggressive techniques (ie. programs specific to the particular spyware, or manual removal via registry/manual deletion/safe mode etc. First things first though, run update adaware and spybot, and scan, see what you can get rid of that way.
Ah yeah. SSD is also an awesome program.
Although I found that MSAS caught some stuff that Adaware and SSD didn't. *looks at neighbour's computer*

Todd
04-01-2005, 04:09 AM
I used MS antispyware on my parents computer, found like 20 things. Then used AdAware, and it found more than 100 more things. I wouldnt even waste my time with MSAS

Tomi
04-01-2005, 04:12 AM
Originally posted by Todd@Mar 31 2005, 11:27 PM
I used MS antispyware on my parents computer, found like 20 things. Then used AdAware, and it found more than 100 more things. I wouldnt even waste my time with MSAS
Hm, worked different for me.
*shrug*

User Name
04-01-2005, 04:43 AM
Just so you know, SDD and AdAware did not solve the problem.

Tomi
04-01-2005, 05:05 AM
Originally posted by Cameron@Apr 1 2005, 12:01 AM
Just so you know, SDD and AdAware did not solve the problem.
Try MSAS.

Neil
04-01-2005, 12:37 PM
Try googling the names of the programs you want to remove. That sometimes works.

Underworld
04-01-2005, 01:03 PM
If SDD and AdAware not work then I use :

Spyware Doctor (http://www.download.com/Spyware-Doctor/3000-8022_4-10293212.html)

Shade
04-01-2005, 02:00 PM
Originally posted by Cameron@Apr 1 2005, 06:01 AM
Just so you know, SDD and AdAware did not solve the problem.
Then you have a more serious spyware problem, and its likely that no automated program will fix it, as I said above. The next step is to get the program HijackThis, run a scan, and look for suspicious entries that it finds. 'Suspicious' can be hard to define without experience, generally people save the log of HijackThis, and post it on a tech support forum to get help on what to remove.

HijackThis (http://www.tomcoyote.org/hjt/#Top)

Neil
04-01-2005, 04:53 PM
Trend Micro has the best online virus scanner on the net. You might want to try it.

housecall.trendmicro.com/ (http://housecall.trendmicro.com/)

User Name
04-01-2005, 11:23 PM
Yeah, I've used Trend Micro before, but the last time I used it, IE froze up on me. Well, it's worth another try.

Tomi
04-01-2005, 11:50 PM
It could be a virus for all you know, not spyware..

User Name
04-01-2005, 11:51 PM
Yeah, I'm exploring that possibility as well.

*looks at Trend Micro Virus Scan*

Yup, 9 infected files so far.

Tomi
04-01-2005, 11:54 PM
Originally posted by Cameron@Apr 1 2005, 07:09 PM
Yeah, I'm exploring that possibility as well.

*looks at Trend Micro Virus Scan*

Yup, 9 infected files so far.
Don't forget to try AVG (http://www.grisoft.com). ;)

User Name
04-01-2005, 11:55 PM
Oh shit, it just jumped up to 25 files!

Tomi
04-01-2005, 11:57 PM
Originally posted by Cameron@Apr 1 2005, 07:13 PM
Oh shit, it just jumped up to 25 files!
Yep. It's a virus.

If the virus scan doesn't help, post a HijackThis log. ;)

User Name
04-02-2005, 12:09 AM
I was able to get rid of 23 of the infected files. Security iGuard hasn't popped up since I got rid of it, so I guess I don't have to worry about that anymore. DAO Search is still there, so I guess I'll see if Spyware Doctor will get rid of the last two problems.

EDIT: OMFG. Found another 546+ infections.

Second Edit: Thank you to everyone who has helped. The problem is gone and I am now once again able to use Mozilla. ^_^

Tomi
04-02-2005, 12:34 AM
Glad to hear that, Cameron.



....How many did you say!?

User Name
04-02-2005, 12:47 AM
It ended up being somewhere around 555. Oh, and the DAO Search thing was gone for a split second, but now it's back onto the computer again.

Tomi
04-02-2005, 12:52 AM
Originally posted by Cameron@Apr 1 2005, 08:05 PM
It ended up being somewhere around 555. Oh, and the DAO Search thing was gone for a split second, but now it's back onto the computer again.
Start > Run > 'msconfig' [no quotes]
Go to the Startup tab. Uncheck anything that's suspicious.
Google helps alot for checking what the program is. ;)

RX8LP
04-02-2005, 12:58 AM
ill tell ya'll what i did to fix and keep spyware off my comp.

1. Norton Anti-virus (full system scan) - delete everything that it found.

2. Scan with ad-aware (full system scan) - i used this because it detects a lot of stuff that norton doesnt.

3. Scan with webrrot spysweeper - again for the same reason as above. Scan because webroot finds some stuff that ad-aware doesnt.

4. scan with Spybot S&D - same reason as above.

5. And finally after all that i suggest using Mozilla firefox browser over Internet Explorer (IE) as IE is the most vunerable when it comes to spyware.

With that i have my comp running as good as the day i bought it.

offcourse u need to frequently scan your comp which is the annoying part.

Tomi
04-02-2005, 01:01 AM
Originally posted by RX8LP@Apr 1 2005, 08:16 PM
5. And finally after all that i suggest using Mozilla firefox browser over Internet Explorer (IE) as IE is the most vunerable when it comes to spyware.
He does already.

User Name
04-02-2005, 01:04 AM
Yeah, I don't know how many times I've been over this, because I'm using IE because it isn't affected by the problems I'm experiencing by using Mozilla. If you had happened to have read all of the original post, RX, you would have known that.

Tomi
04-02-2005, 01:11 AM
Have you tried the 'msconfig' thing I showed you?

Oh. Also try booting into safe mode [F8] and running a virus scan then.

User Name
04-02-2005, 01:14 AM
Yeah, there's this program called 'keep'. No idea what it was, so I disabled it, and restarted so I could get rid of it. Somehow managed to enable itself again.

Tomi
04-02-2005, 01:15 AM
Originally posted by Cameron@Apr 1 2005, 08:32 PM
Yeah, there's this program called 'keep'. No idea what it was, so I disabled it, and restarted so I could get rid of it. Somehow managed to enable itself again.
Hm. Go into safe mode and then delete it from there.

Paul
04-04-2005, 01:56 AM
Been visiting porn site haven't we, Cameron? :lol:

User Name
04-05-2005, 11:25 PM
So if you didn't pay attention to Random Thoughts, I just ran a scan on my registry and found over 300 infections. Unfortunately, I couldn't fix it because it wants me to buy the program, first, but does anyone have a recommendation for a free registry virus scanner?

esaul17
04-05-2005, 11:40 PM
check www.glarysoft.com

User Name
04-05-2005, 11:55 PM
1015 infections found. Thanks, Esaul!

Coldplay
04-06-2005, 12:04 AM
Originally posted by Cameron@Apr 5 2005, 06:13 PM
1015 infections found. Thanks, Esaul!
Well aren't you the infected one?

The joys of the internet. The source and solution to all computer problems worldwide.

Gluez
04-15-2005, 03:37 AM
Reformat the computer... :lol: if u had 1....

Evil Angel
04-15-2005, 05:32 PM
Gluez Posted on Apr 15 2005, 09:25 AM
Reformat the computer... if u had 1....

huh?

LinkinJunior
04-15-2005, 05:50 PM
Originally posted by Rohan@Apr 15 2005, 09:50 AM

Gluez Posted on Apr 15 2005, 09:25 AM
Reformat the computer... if u had 1....

huh?
Basically means to reinstall windows. Which is recommenced after a 2 year use of XP, because of all that crap that gets on the computer which slows it down.

Gluez
04-20-2005, 06:31 PM
I highly recommend that u set a or more firewall.... :lol:

esaul17
04-20-2005, 11:12 PM
Originally posted by Cameron@Apr 5 2005, 11:55 PM
1015 infections found. Thanks, Esaul!
No Problem. Is everything fixed now?

Tomi
04-20-2005, 11:35 PM
Originally posted by LinkinJunior+Apr 15 2005, 11:50 AM--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (LinkinJunior @ Apr 15 2005, 11:50 AM)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--Rohan@Apr 15 2005, 09:50 AM

Gluez Posted on Apr 15 2005, 09:25 AM
Reformat the computer... if u had 1....

huh?
Basically means to reinstall windows. Which is recommenced after a 2 year use of XP, because of all that crap that gets on the computer which slows it down. [/b][/quote]
That would be "reinstall". :lol:

Reformatting means to completely wipe your hard drive of all data.

.Kevin
04-21-2005, 08:57 AM
http://www.hitmanpro.nl/

this work it include alot of progrmas in one program you can just start it and every thing will go automatic