• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

HELP! spyware problem

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

hanzalo

Member
Joined
Sep 28, 2005
some crap came up today about spyware and i kept getting pop ups and next thing i know my background is adware warning me about spyware. i scanned with norton and deleted 20 of the 23 files-but it doesnt let me delte the last three- and now i cant change my desktop at all!does anyone know how to fix this?
 

redwraith94

Member
Joined
Feb 17, 2005
goto www.majorgeeks.com, and then download:

Cwshredder
Ad aware SE (second edition)
Spybot S&D (Search, and Destroy) ver 1.4
hijackthis!

then goto
www.grisoft.com download avg, an awesome FREE AV scanner
www.zonelabs.com download zonealarm, learn to use it. This is helpful, because malware cannot connect to the internet, without first getting permission from zonealarm, they call it "program control"
www.ewido.net download ewido, anti-trojan, spyware.

I used to use Symantec AV corporate ver 8. I have decided to go with avg, because it is a better prog. It actually caught a virus that symantec missed.

Install those last three progs, plus spybot, and ad aware. Update all of them. Then disconnect your internet connection. run them ALL (update them individually first), run cwshredder, and hijackthis!. Save a log file, and post it here. also I like a prog called killbox, I have used it for some spyware infections succesfully.

Also if your copy of windows isn't bootleg, then download Microsoft Anti-spyware beta. It is one of the few progs, the misinformation has made well. Get rid of Crapmantec, and go with the avg. Then reconnect your internet connection, and let us know how it went.

If you still can't change your desktop, then put your original windows cd in, and goto the run dialog box (hold down the window key, and hit R) then type in sfc.exe, and hit enter. That should replace your explorer.exe file if portions of it were overwritten by malware.
 
OP
H

hanzalo

Member
Joined
Sep 28, 2005
i stil have yet to download all the programs but ad aware and spy bot both find "Command Service" or "cmdservice" it says its in use so i cant delete it. does anyone know where this is on my computer? i searched but cant find it.i want to manually delete it.
 

deadlysyn

Folding Team Content Editor, Who Dolk'd my stars S
Joined
Mar 31, 2005
Location
Stealing your megahurtz at night
Try booting into Safe mode by tapping the F5 key during start up. A screen will come up asking if you want to boot into Windows in Safe mode with or without network, or boot the regular way. I would recommend booting without network, and running Ad-aware and Spybot. Safe mode disables all of the drivers, except for those that are absolutely necessary for Windows to run, and also keeps almost all of the processes from loading, again, except for the ones that Windows absolutely must have to run. Hope this helps.
 
OP
H

hanzalo

Member
Joined
Sep 28, 2005
going into safe mode helped, for i now have my background back, instaed of the adware that i couldnt change. but when i click on firefox it brings me to some website instead of my homepage, and it will randomly take me to a website at different times. thanks for the help
 

brickout

Member
Joined
Jan 7, 2005
Location
Bozeman
Try the combination of things offered here. Download the latest definitions for adaware, spybot s&d, spywareblaster, etc. Download and install AVGfree, ZoneAlarm free version, and something for trojans.

Then reboot into safe mode and repeatedly run each scan program that you have. You should also run the programs in different order. You can also do manual searches in your registry if you can figure out what spyware you've got a problem with.

Use HijackThis to figure out what is hijacking your browser, but be careful. It finds lots of stuff that ISN'T dangerous at all, so be sure what you need to get rid of. You can post HijackThis logs on this or other forums for specific help.
 

redduc900

Inactive Moderator
Joined
Dec 17, 2000
Location
Portland, OR
You downloaded and ran Spybot S&D and AdAware, but what about the rest of the programs that redwraith94 suggested? Also, we don't know the first thing about your system, including which OS you're running, if you have any SP's installed, system hardware, etc. Not only did redwraith94 offer suggestions as to which software to install and run, but he also included links to all the programs for you... I don't understand why you haven't taken his suggestions. He also suggested you run the System File Checker... did you run it, and if so what were the results?
 

deadlysyn

Folding Team Content Editor, Who Dolk'd my stars S
Joined
Mar 31, 2005
Location
Stealing your megahurtz at night
redduc900 said:
You downloaded and ran Spybot S&D and AdAware, but what about the rest of the programs that redwraith94 suggested? Also, we don't know the first thing about your system, including which OS you're running, if you have any SP's installed, system hardware, etc. Not only did redwraith94 offer suggestions as to which software to install and run, but he also included links to all the programs for you... I don't understand why you haven't taken his suggestions. He also suggested you run the System File Checker... did you run it, and if so what were the results?
Just remember safe mode is your friend here. I am sorry if I wasn't clear enough in my previous post, but you really should try all of the programs that were recommended. Run all these programs over and over until they are coming up clean. Just remember to use safe mode, as it stops MOST spyware and adware from loading when the computer starts up. There never is a guarantee that it will stop everything that loads at startup, because of all the workarounds that people are coming up with, but if you can stop most of it, then you should be able to get rid of it. Also when you are done cleaning up, remember file names or write them down. I had a peice that once copied itself into the driver backup folder and kept restoring itself every time I thought it was gone. When you are done with all your scans, search for those files. Make sure that under folder options you set it to search hidden files and folders also. Sounds like you got one mean Hijack. Just remember most freeware, warez, and porn sites are notorious for adware, spyware, and viruses. Those sites are good for only one thing, and that is staying away from them. Also we would have a much easier time helping you if we knew what OS you have, what spy/adware or viruses you are having problems with, and what steps you have taken, what programs you have used and anything else that you think might help us that you have left out. Also try searching for the things you are having problems with. There may just be someone out there that has had this same problem that you are having that has been helped and solved the problem.