Spyware advise

  • Thread starter Thread starter John
  • Start date Start date
J

John

Hi

I have run the following;

ComboFix
SpyBot
SDFix
SmitfraudFix
smitRem

But the spy ware keep coming back. What else can I run?

Thanks

Regards
 
John said:
I have run the following;

ComboFix
SpyBot
SDFix
SmitfraudFix
smitRem

But the spy ware keep coming back. What else can I run?

"the spy ware" eh?

LavaSoft Ad-Aware
Spybot Search and Destroy
SuperAntiSpyware
HijackThis!

Sometimes you need to do them in safe mode.

Follow that up with Computing Common Sense to keep from being re-infested.

Also - when asking for help please give as much information as possible.
 
From: "John" <[email protected]>

| Hi
|
| I have run the following;
|
| ComboFix
| SpyBot
| SDFix
| SmitfraudFix
| smitRem
|
| But the spy ware keep coming back. What else can I run?
|
| Thanks
|
| Regards
|

Time to get expert advise!



1. Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

2. Disable Notepad's word wrap:
In Notepad.exe; Format --> uncheck; "Word wrap"

3. Download/run Deckard's System Scanner:
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post in one of the below
expert forums...


{ Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }

Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.malwarebytes.org/forums/index.php?showforum=7
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13
 
What "spy ware"?

What anti-virus application or security suite is installed? What
anti-spyware applications (other than Defender)? What third-party firewall
(if any)?

Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315

Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
 
From: "John" <[email protected]>

| Here is one (attached).
|
| Firewall: ISA server 2006 as it is connecte dto win 2003 sbs server.
| Antivirus: trend Micro CSMS
|

PC-Antisyware is a rogue application!

As I stated before... go to an expert forum.
 
Use Remove-it version 18, it's fast and free. It now has over 12500
signatures to remove All variants of Rogue scanners, Desktop/Homepage
Hijackers, Trojans, Codec's, and related Malware/Spyware. Download it here
http://pcbutts1.com/downloads/tools/tools.htm

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com, David
H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz, Beauregard T.
Shagnasty,Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell
 
Fully patch the computer.Update all your Virus/spyware programs.Go for
realtime/On Access spyware protection.Try third party firewall like Zone
alarm.You may also try Peerguardian http://phoenixlabs.org/pg2/ .
Delete the application data of uninstalled / deleted programs.
Try this free windows unwanted files cleaner Cleanup!
http://www.stevengould.org/index.php?Itemid=69&id=15&option=com_content&task=view
Protect your internet explorer and Mozilla firefox settings by tweaking your
Antivirus program.
Delete all system restore points.
 
You've got a Zlob infection, most likely accompanied by at least one
rootkit, Vundo and SDBot-variant infections. Follow the instructions
previously posted by David or myself.
 
Back
Top