Pop-ups and Toolbars and Spyware? Oh my!

Miez · Sun 09/12/2007 00:36:25

It might be a good idea to run Spybot, AdAware etc. after restarting Windows in safe mode without network access (keep F8 pressed when booting your PC). Worked for me, once...

Sylvr · Sun 09/12/2007 01:05:07

Safemode... system restore.. sounds like great ideas, but I don't know how to do that either (miez I see your post now. press f8 during startup to get to safemode? can I get to system restore from there?). I've borrowed (I'm hesitant to say 'hijacked' considering the circumstances) a different friend's computer this time, so hopefully I can get this mess sorted out before I have to return it.

I had considered reformatting the only option, I forgot about those other two. (sorry if I'm repeating myself or I'm not making sense.. I'm not thinking well at all.)

Well thanks for the help anyway :S

Miez · Sun 09/12/2007 01:11:53

Quote from: Sylvr on Sun 09/12/2007 01:05:07
can I get to system restore from there?).

Not quite sure - but with the F8 Safe Mode option you'll make sure most of the stuff that usually runs when windows starts, gets no chance to start. Does not stop any really nasty viruses etc. but might stop some ad- and spyware...

Chicky · Sun 09/12/2007 14:18:40

Just sounds like a nasty case of adware and spyware to me, so if you want this fixed:

You are best doing all of this without the computer connected to the internet. So download the latest versions of Adaware, Spybot, CCleaner and Sygate personal firewall on a seperate computer and put them on a disk or USB.

Do EXACTLY as INC has posted as there will be lots of nasty processes running on startup which you need to kill to be able to fix anything.

After you have done as INC said run both adaware, spybot and run ccleaner.

If any of the programs (namely spybot and adaware) mention that they need to be loaded on startup after a reboot then click yes, or whatever option there is to allow them to do this.

You want to make sure that there is as little programs and processes running on startup as possible.

After you have ran all the above programs (got rid of all temp files with ccleaner) then you will need to install the Sygate personal firewall. This program is a free firewall which blocks all unwanted programs and sites from accessing your computer (this will stop almost all spyware and adware from getting at you).

Once all this is complete you will need to restart the computer from 'start-shutdown', it is important that the computer shuts down and is not simply turned off by the power.

All of this should take you from half hour to an hour and fingers crossed will have your computer fixed and working as normal.

Sylvr · Sun 09/12/2007 16:22:24

Thanks for these suggestions! I'll try them right now. Uhh... probably a dumb question, but will doing this restore my sound and ability to connect to the internet?

Edit:

encountering a few problems running sypwarebot and adaware... spyware bot is asking me to register so that it can clean selected infections, but the site that it brings up is 'unavailable at the moment'. As for ad-aware, it won't let me re-install the latest version without uninstalling the previous version, but it won't let me uninstall the previous version I have in the first place "installer service could not be accessed. ....or if it's not correctly installed". What now?

Edit 2: I figured out the problem wiht the spywarebot, but as a poor university student I don't want to pay. Heck, I don't want to pay anyway. Is there another way to remove files?

LimpingFish · Sun 09/12/2007 20:13:10

Spywarebot?!? No, no, no! :o

SpyBot S+D!!!

SpyBot S+D is free to use, and shouldn't be asking you to buy it.

Please tell me you're using SpyBot S+D, and not malicious clone SpywareBot!

As for system restore, go to START > CONTROL PANEL > PERFORMANCE AND MAINTENENCE> and click on SYSTEM RESTORE in the upper corner of the screen.

You should then be presented with a window containing any system restore points you may have (if any). Choose one that's dated before you had all this trouble.

To access Safe Mode, repeatedly press F8 while the PC boots up. Once you have booted into Safe Mode, try to run a System Restore as I have detailed above.

All these errors you are getting are the result of broken or damaged registry entries, and might be fixable with a simply registry cleaning program.

CCLEANER has a function for cleaning the registry, but if you might have trouble trying to install it. Try it anyway.

Sylvr · Mon 10/12/2007 02:10:29

I must be fast here as I have hijacked roomies comp and she doesnt know it (as opposed to hijacking with permission...). I was careful to take note of the recommended programs, I'll doublecheck what it is I have. I already had S+D from last time (thought I'd update, if possible), I don't know how I couldve possibly ended up with something else.

Thanks for the new suggestions

Chicky · Tue 11/12/2007 10:30:46

Simply running spybot (or adaware) once will not fix your problem, there are files on your pc which make unwanted things happen and there are other files which run on start up which download more of the unwanted files.

You need to cut all network connections so that the files that run on start up cannot access an internet connect to download the other files. The best way of doing this is booting the computer in safe mode with network connections off.

When you boot in safe mode your computer runs only the essential system files, which allows you to delete the unwanted files that would have normally started when you started windows. This can be done with Adaware and Spybot S+D.

You will find that when these files are running you cannot delete them nor can you stop their process using task manager.

This is all speaking from experience, feel free to correct me in i'm wrong.

InCreator · Tue 11/12/2007 10:53:20

Never ever use any anti-virus software you haven't heard a word about or that came up with googling for "free anti spyware" etc. Evil antivirus software is the Trojan horse of all trojan horses.

There's sites that you can trust, and hundreds that you cannot.

Loads of free and commercial stuff that CAN be trusted are in better-known places, for example, look at this
http://www.majorgeeks.com/downloads31.html

You could get much better help if you opened msconfig>startup as I suggested and made few screenshots of your startup list.
Also, Spybot S&D has quite effective startup check tool, you can click on items and get descriptions what is what. I think you have to enable Advanced Mode in Spybot S&D to find the list.

An investment into heavily-awarded and known antivirus software (Kaspersky Antivirus, PrevX, McAfee, etc) would work much better than loading your machine with tens of free ones. All antivirus/malware programs rape CPU and RAM quite heavily, so it's better to choose one strong instead of many weak ones. I wouldn't go for Norton though, all tries to live along with it made me feel sorry afterwards and relieved after raging uninstall.

Windows reinstall is something I never do if it's a virus or spyware. Every virus infection IS treatable, damage is irreversible only when virus is evil enough to delete system files or mess with hard disk partition/tables.

Step one: give this bastard a name. You have to figure out, which infection(s) do you have.
Step two: Google for "<bastard name> removal" or something similar
Step three: Remove this/them manually or with particular remover you might find
Step four: Install few virus killers (even shareware/disabled ones) and scan with them all. You can remove most of them later. Almost all anti-malware software does a scan and gives results, even if they won't remove problems before buying the software. But having problem info, you can move on and find free things to remove those.

Also, make sure that you don't have half-crappy programs installed. Many seemingly nice little games or software pieces come with ad-support. Simplest thing to determine one of those is that it generates extra shortcuts on your desktop and start menu list. For example, you download a free puzzle game, and it also generates some shortcuts on desktop which link to some homepage and bear description like "try FREE games!", "Free music download" and other idiocy like this. Even though game is real and nice.

System Restore is a digital piece of science fiction and I find it useless, causing more problems than it would reverse. Unless it's a work computer and never gets anything new installed. I mean, Excel and Solitare machine.
---

Internet is a minefield. If you didn't know it before, please do now.
Ah, and seeing that you're female... for the love of God, keep away from unknown IM addons, like 1000 free emoticons, moving pictures and stupidity like this. My sister loaded her machine with about 100 different toolbars and instant-messaging bits (mostly stupid smileys and sound packs for MSN) and this generated over 1700 names of different malware, it took 3 nights to clean her computer up afterwards. Many trojans are not harmful by themselves, but open ports and doors to all others, installing rapidly all kind of malware via internet while you're not aware of this. After this, every popup window that jumps up might execute another dangerous script, and soon you'll be sunk in this mess.

It's good idea to use Firefox for internet browsing and fortify it with NoScript addon. It's a bit hassle to "allow" every website you casually use for it later, but it pays back really well with increased security.

Also, how did your sound go away? I totally believe the internet connection bit: Heavy infections start to burden your ports and ISP and many ISP's simply disconnect you for this automatically. Atleast, mine does. Or, virus blocks incoming signals from ISP, writes crap over hosts file and tries to take over the connection, this is another known case. But sound card, I never encountered a virus that might do that. Sounds like you messed up by yourself at some point.

Sylvr · Mon 17/12/2007 01:13:51

the sound went when I was getting rid of some tasks. I know I helped screw it up.

I don't think it much matters now, the computer's home (and I'm here home with it), and I didn't bring a monitor home (as per my dad's instructions) so I can't really work on it... I think he's just going to go for the re-install, unfortunately. Unless somehow he lets me set it up and try with the instructions from InC.

I've been 'well-trained' to stay away from downloading toolbars and smileys and the like, so that's not the cause of all this. I'm quite certain I know what I did....

Wow.. thanks for all the advice here, you guys. This has been great.

ciborium · Mon 17/12/2007 06:41:54

I use avast! on all my computers and have not had any problems since I began using it.

The trick to getting the most out of it is running a boot-time scan.

There are some options under the 'advanced' button that will prevent you having to baby-sit the program until it finds its first problem. Just make sure that you chose 'move all to chest' when it does find the first one. Then you can go back to sleep until it finishes the scan.

You have to register, but it's free for personal use. Get avast!

SSH · Mon 17/12/2007 11:58:45

This thread has inspired me to song:

Pop-ups and Toolbars and Spyware and Spambots
Viruses, and Videos of Paris fill my mailbox
Offers of money from Nigerian ex-kings
These are a few of my least favourite things...

Stupot · Thu 20/12/2007 13:05:14

Do what I do.
Assume everything that appears on your screen is malicious unless you asked it to be there.

Sometimes a message with come up saying "do you want to download this!" or something... then it will give you the standard OK CANCEL buttons... but often these buttons are put the wrong way round so that clicking cancel with download the harmful software...

If I get something I don't trust i stop everything and restart the computer.

Sylvr · Thu 27/12/2007 01:16:44

@SSH: Loved the song heh.

@All: I ended up re-installing XP.... but thanks for everything.