okay my pc was infected from spyware, so i got my self spyware software called spybot search and destroy and this has helped a little bit but not completly solved the problem.
i still get pop-ups and i get a warning sign in my toolbar saying that my Pc has still got spyware, so when i click on the warning it takes me to a web site telling me i need to download this spyware software, to solve the problem, what is this, why does it still show up when my spybot says it has got rid of the spyware on my Pc, It also says my Pc is running at half the speed it was this includes the internet conection, but i aint seen any diffrence, is this something to worry about, how do i get rid of that warning sign in my toolbar because it flash's non-stop.
i hope someone can understand this, because this is very frustrating
thanks in advance
2007-03-07 13:57:12 · 9 answers · asked by Anonymous in Computers & Internet ➔ Security
Ah i see okay the spyware it wants me too download is called pest capture, and spy dawn and also malware wiped
2007-03-07 14:22:50 · update #1
The main reason the adware popups are staying on your computer is the Trojan that is hidden is continuing to download the adware as soon as Spybot removes it.
I would have been very helpful if you had said the name to the AntiSpyware it want you to purchase. The reason for this is there are three basic kinds of Trojans that do this. One is a general Trojan, another is a SmitFraud Trojan and the third is a Vundo Trojan.
Here is information for removeing all three types of Trojans. The ewido and AdAware is for the general Trojan and adware. At the bottom of the procedure is two sites for removing SmitFraud Trojans and below that is the program and procedure to remove Vundo Trojans.
Download and Update Ewido (now called the AVG Antispyware). Do not run:
http://www.ewido.net/en/download/
Download AdAware SE and update. Do the setup. Do not run:
http://www.filehippo.com/download_ad-aware/
AdAware SE Setup:
1. Select "use custom scanning options" then select "customize". Make sure the following options are enabled: "scan within archives," "scan active processes," "scan registry," "deep scan registry," "scan my IE favorites for banned URLs," "scan my Hosts file."
2. Select the "tweak" option. Under "scanning engine," make sure "unload recognized processes and modules during scan" is enabled. Enable "scan registry for all users instead of current users."
3. Under "cleaning engine" turn on "always try to unload modules…," "during removal unload explorer and IE if necessary," "let windows remove files in use at next restart," and "delete quarantined items after restoring."
4. Use the "select drives and folders to scan" option to ensure that your entire hard drive is scanned (if you have more than one hard drive, scan all of them (of course, do not include floppy and CD/DVD).
TEMPORARILY SHOW HIDDEN FILES AND FOLDERS.
1. Click Start, and then click Control Panel.
2. Click Appearance and Themes, and then click Folder Options.
3. On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.
IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.
EMPTY INTERNET EXPLORER BROWSER CACHE:
1. On the Internet Explorer Tools menu, click Internet Options.
2. On the General tab, in the Temporary Internet Files section, click the Delete Files button. Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK. Click OK again.
RESTART IN SAFE MODE:
To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."
Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.
START THE SCAN WITH YOUR PROGRAM(S).
When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode.
RESET HIDDEN FILES AND FOLDERS.
The RESTORE POINTS may be infected with the Malware and cannot be used. Delete the old one(s) and make a new one.
CLEAR OLD RESTORE POINT(S). HERE'S HOW:
1. Click Start, and then click Control Panel.
2. Click Performance and Maintenance, click System, and then click on the System Restore tab.
3. Select the Turn Off System Restore check box, click Apply, then restart your computer.
4. Return to the System Restore Tab and turn System Restore back on.
TO SET A NEW RESTORE POINT:
1. Click the Start button.
2. Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.
3. Choose Create a restore point, and then click Next.
4. In the Restore point description box, type a name for your restore point, and then click Next.
5. Click OK.
NOTE: If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the box. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.
ADDITION INFORMATION ABOUT TROJANS:
There are Trojans that fall into the Smitfraud family. Smitfrauds are usually Homepage/Browser Hijackers. A Homepage Hijacker takes you to a website other than what you have set on your computer. A Browser Hijacker directs you to websites other than what you just selected. These require the use of a specialized program for removal. Here are two sites that specialize in removing these:
http://www.internetinspiration.co.uk/roguefix.htm
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
Another type of Trojan that requires a specialized removal program is Vundo Trojans.
The procedure should fix Vundo-based Winfixer(WinAntiSpyware, WinAntiVirus, Blackworm, Amaena)problems.
Please download Atribune's VundoFix.exe (version 4.2.71 [as of 21 April '06], or later), from
http://www.atribune.org/ccount/click.php?id=4
and save it to your desktop.
Double-click VundoFix.exe to run it.
Put a check next to Run VundoFix as a task.
You will receive a message saying vundofix will close and re-open in a minute or less. Click OK Note: If VundoFix does not reopen after a minute (or two), then you should skip-over the "Run as a task" step, and continue-on to the following steps to SCAN and REMOVE.
When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
2007-03-07 14:18:33 · answer #1 · answered by Anonymous · 0⤊ 2⤋
The messages you are getting are just an attempt to get you to download more spyware. A combination of Spybot and AdAware should get most spyware. Just make sure that you update both Spybot and AdAware to get the latest data. The AdAware site is www.lavasoft.de.
2007-03-07 14:06:06 · answer #2 · answered by Ranjeeh D 5 · 0⤊ 0⤋
Firstly, whatever u do, DO NOT install any software that is advertised on pop ups cuz once u click the link, ur doomed. My advice is download the 'Ad-ware personal SE by lavasoft'. You can search that on yahoo and click the link on the first page. Its a trusted and strong spyware search and destroy tool. Sometimes, this software that is creating pop ups on ur pc has installed itself in one of ur folders. It may or may not be detectable by ur adware software. but it will be detected by an anti virus software when u run a quick scan. Get down the name of the virus, and head to norton website to search and research on the effects on the virus. It will tell u the most common folders it may be installed in. I hope this helps. Cheers!
2007-03-07 14:06:22 · answer #3 · answered by Sean Lawlor 5 · 0⤊ 0⤋
Spybot is only one tool out of the many. Is not 100% effectve. It is a very good tools.U need to load the latest definitions. Another tool is the LAVASOFT AD-AWARE SE PERSONAL and the HijackThis. Need to use all these three tools to be nearly 100% safe. All are freeware.
2007-03-07 14:04:01 · answer #4 · answered by supernova 4 · 2⤊ 0⤋
i think the problem you are having is not pop ups or spyware it is the windows messenger service to disable the service goto control pannel , administrator tools , services , find the one that says messenger , right click on it goto properties and change it to disable.don't worry it as nothing to do with msn messenger it's just that microsoft advertise for alot of companies through windows. this will solve the problem
2007-03-07 14:39:24 · answer #5 · answered by Anonymous · 0⤊ 0⤋
Try downloading Adaware. It cleans up better than Spybot.
2007-03-07 13:59:36 · answer #6 · answered by GT-R 2 · 0⤊ 0⤋
DO NOT GO THERE IT IS A TROJAN. If you are running windows XP go to Windows live and download defender, it is free if you go to the link below there is a whole security section. In the meantime if you have a virus scanner then use it best of luck
2007-03-07 16:03:43 · answer #7 · answered by Anonymous · 0⤊ 0⤋
I use both Spybot and Ad-aware. I also have windows Defender. It doesn't hurt to use all three. One may catch something the others don't
2007-03-07 14:05:24 · answer #8 · answered by freckles1063 3 · 0⤊ 1⤋
You can try using Ad-Aware SE Personal from Google..actually its a bundled package from google..go to this URL
http://pack.google.com/intl/en/pack_installer.html?hl=en&gl=us&utm_source=en_US-et-more&utm_medium=et&utm_campaign=en_US
2007-03-07 14:25:31 · answer #9 · answered by asbharadwaj 5 · 0⤊ 0⤋