SPYWARE REMOVAL

Posts

Pages: first prev 12 last
author=Ephiam link=topic=3389.msg67687#msg67687 date=1237862116
What is "Safe Mode" anyway? For as long as I can remember I've been meaning to ask that question, but just never got around to it. Anyone mind answering it for me? Ha ha.

If you push F8(?) before you get the Windows booting screen you can start Windows in a variety of special modes, one of which is Safe Mode. I don't know the specifics but it only loads what Windows needs to run. Graphics drivers? Networking? Nah. To start it mash F8 (or my favorite method: Reset the computer while windows is loading
) and Windows will give you a list of how you want to boot Windows. (Please correct me Atavus Dei)

Doesn't matter in the case of real nasty viruses because they don't give a shit if you're in safe mode or not.
author=GreatRedSpirit link=topic=3389.msg67696#msg67696 date=1237865023
If you push F8(?) before you get the Windows booting screen you can start Windows in a variety of special modes, one of which is Safe Mode. I don't know the specifics but it only loads what Windows needs to run. Graphics drivers? Networking? Nah. To start it mash F8 (or my favorite method: Reset the computer while windows is loading
) and Windows will give you a list of how you want to boot Windows. (Please correct me Atavus Dei)

Doesn't matter in the case of real nasty viruses because they don't give a shit if you're in safe mode or not.

Well there are three safe modes, one which does not include networking, one which includes networking, and one which is just a command prompt. The graphics driver is actually that default driver Windows uses when your video card's own driver isn't installed. Completely sucks for anything beyond word processing, and even then... :P

F8 is the right key though. Starting spamming it when your BIOS screen disappears, and before the Windows loading bar shows up. Any of the safe modes should work, but to be safe choose the one without networking, as some viruses constantly redownload themselves from distribution points.
Okay. SO I went and exicuted ComboFix and it went and did all of the thins I suppose it should have been doing, and then it created its log. So...does that mean it's done? Did it really get rid of anything, or is this log supposed to be used for something (thought it was mentioned somewhere)?
dragonheartman
Developer, Starless Umbra / Heroes of Umbra
2879
If you're feeling a bit ballsy you can try booting into safe mode. Then just kill processes and remove any suspicious startup processes with msconfig (start->run->"msconfig").
Try SmitFraudFix or SDFix. They work fine. SmitFraudFix helped me, but it's detected as a virus.
author=Ephiam link=topic=3389.msg67798#msg67798 date=1237930866
Okay. SO I went and exicuted ComboFix and it went and did all of the thins I suppose it should have been doing, and then it created its log. So...does that mean it's done? Did it really get rid of anything, or is this log supposed to be used for something (thought it was mentioned somewhere)?

If Vundo no longer pops up, then you're in the clear. The log is just for reference, history, etc. so you know what was changed.

Do one more scan with another tool to verify, and if you want to be safe run ComboFix one more time. I think you're OK though if you haven't noticed anything. :)
author=Ephiam link=topic=3389.msg67798#msg67798 date=1237930866
Okay. SO I went and exicuted ComboFix and it went and did all of the thins I suppose it should have been doing, and then it created its log. So...does that mean it's done? Did it really get rid of anything, or is this log supposed to be used for something (thought it was mentioned somewhere)?

Yeah, that means it was done. In the log, or even when you watch the program doing the scanning, it should say stuff like "completing stage #" and after that process, it might say deleting X file, Y file, etc... there you can see it that it deleted some malicious stuff... which of course, appears in the log.

Now, I recommend you do this. Download Malwarebytes anti-malware, it's free. Run a full scan with that just in case. And download/install the FREE AVG Antivirus from now on... as well use Firefox 2.0 or 3.0 and install the No$script... with this, there is little you have to worry about much.
God I really do not recommend AVG for an antivirus. That thing has caused many, many problems, and I'd rate it as the worst of the free antivirus programs.

If you must get a free antivirus, Avast! is your best choice. (though even it has its occasional issues...) Otherwise, I recommend either Kaspersky or NOD32 if you're willing to pay money.
author=antifarea link=topic=3389.msg67669#msg67669 date=1237856020
I seriously don't understand how you guys manage to get rid of spyware with the spybot S&D, that program sucks. Use malwarebytes anti-malware, and for viruses AVG antivirus... both of them are FREE. Give it a try, also www.google.com, type Combofix download, and download and execute that program first... it is like hijackthis but automatically. After this, you're computer is 95% guaranteed to be clean. Trust me, I use this all the time, even when my computer get's ridiculously infected.

Well Spybot has saved a laptop from reformatting. All it took was a full scan in safe mode and the internet was back up and running.

As for spyware, I haven't had a problem on my own systems as I learnt from past mistakes. One is using Internet Explorer and another is adding random people on MSN.

My recommendation:

- Avast 4 Home Edition coupled with COMODO firewall (just firewall and not that Defense+ nonsense).

- Adaware Anniversary Edition

If you decide to install Avast, let it run a boot scan and fix some problems there. It tends to pick up generic trojans which are usually harmless but it also removes pops up which is nice.

I'd be careful with HijackThis. Post the log on a tech board or here (at your own risk) and let someone see if there's any suspicious and you can clean up the hard drive that way.
Pages: first prev 12 last