OK - i have a real problem!
I dont know when and how but i got some bad things on my PC - spyware ol malware - i dont know.
When i play games or do some things (like sitting in Photoshop) suddenly appears some popups with advertisments and all kind of craps. OUT of nowhere! And everytime i start a new page in Opera (same goes for IE5) at the same time there jumps out another advertisment! I have launched several times adaware (it finds some critical objects - i remove them but everythin is pretty the same) and antivirus full scan, but nothing helps! Can someone give some advice over this issue? Any help would be appreciated! I am really ****ed off with that crap!!!! :smash:

GrrDonDon, go to start > Run and enter msconfig

The msconfig app will start up, go to the start up tab and see what is being loaded when you boot up.

you should see something like below, look through it and see if there is anything that you dont recognize.

You can review what programs are in there at this link.

http://www.sysinfo.org/startuplist.php

It will help you identify all the programs and if they are spyware/virus. It will also help you with removal instructions.

Capitalization is importent for identification !!

GrrDonDon, go to start > Run and enter msconfig

The msconfig app will start up, go to the start up tab and see what is being loaded when you boot up.

you should see something like below, look through it and see if there is anything that you dont recognize.

Off topic a littte but Rotorhead, go to regedit, find the run folder under software for local machine, windows......zoom on cthelper.exe and delete that entry.

It is useless Creative Lab and it's audigy resource hug.

Thanks BB......hehe, I just knew some one would check out my startup apps :lol:

You guys are so predictable.......It's always about the performance isn't it :rock: :thumb:

Tahnks for advices :)

damn!!!!!! i found some matches in this database http://www.sysinfo.org/startuplist.php, but i cannot (i dont know how) shut down those procesees! for example alg.exe...

Can someone suggest ULTIMATE spyware finder?? Or soething like that! (would be nice if it would bee freeware) :)

AdwareSE
Spybot SD
MS anti spyware

I've had good luck using any combination of those three together. Some times one will miss something, but the other ones will wipe it.

okey - thanks RotorHead - i will try those ones!

I think that link is to the general list of possible files. Either that or you are majorly infected with gazzilions.

RH mentions that capitalisation is important. There is lsass.exe (with a small 'ell') and Isass.exe (with a capital 'eye'). One is normal and the other is a virus :irk:

I found recently when I got infected with PSGuard what you do depends on what's infecting your system. I had AVG, Norton, MS beta Adaware, and SB. Not one found this PITA (actually MS beta did find remnants after a definition update 2 weeks later).

To rid myself of PSGuard I had to run smitrem, Ewido, Adaware and CleanUp, based on recommendatiosn from a google search.

You can try Ewido and see if that picks up anything (when you install it under "Additional Options"..uncheck "Install Background Guard" and "Install scan via context menu".) Connect to the net and update the definitions. While you are online check for updates to the antivirus and antispyware packages.

Other helpful (?) tips. Turn off the System Restore in case WinXP is being ever so helpful and keeping a backup copy of the virus.

Also boot into Safe Mode before scanning.

Run all antivirus and antispyware apps and see whats there. Quarantine them and reboot to normal mode (just in case they removed something that makes WinXP run properly - if so then delete them after a week of running normally and a few good reboots)

If you find something that doesn't want to be removed then google the buggers that are infecting you for their removal.

Just some suggestions. Oh and don't go visiting those kinds of sites unless you got protection :lol:

Thanks Snafu - i will try using your suggestion too! Thanks!

Oh and don't go visiting those kinds of sites unless you got protection :lol:


LOL...look who's talking spyware collector himself !:deviltail

(Java/Active X people ..disable them in your browsers and start creating / using Trusted Site setup in your Security Zone, a little pain to setup at first since you have to manually enter sites that you consider Safe...but well worth the time investment)

This puppy does not allow Java or Active X to run from any page...except for sites in his Trusted Zone !

darn that damn spyware!!!!!!!!!!!!!!
God damn!!!!!!!!!
Arghhhh.......
Sorry for spamming..... i am realy ****ed off!!!!!
Sorryy...

I just installed Mozilla Firefox - lunched it and after few seconds that (i dont know how to call it) "thing" jumps out!!! DAMN!!!!! No peace.....
heh..but thanks to SpyBOT SD i can use Opera safely - but now i cannot accses few sites that i used every day :)

Hi Maris, don't know if you are using it yet if not get Spywareblaster, it is free and stops spyware from installing itself as well. :thumb:

soon my pc will be full of those remowers, but i will try - thanks a lot everyone! (This goes for Pete as well!) :)
i will fight those "darn dogs"!!! ;)

Yeah, I have about a dozen spyware/virus/malware fighters and blockers on my computer.

Part of my OC testing is running all of them at the same time. I update them almost daily and run them almost daily.

I got hijacked once, when I first got on the net. Never again I say.


BGP Spook,

GDD - do you have IE pop-up blocker running? See the pic and click where the red X is. If it is not turned on then it should give you the option to turn it on. If it is on then you might have to adjust the settings. Just a thought.


LOL...look who's talking spyware collector himself !:deviltail
:rotflmao: hey aren't those sites what the net was created for :scratch: :lol:

One thing I forgot to mention is after you run all these spyware/virus scanners and clean stuff out you can try to run "Hijackthis". Take a look at their site on how best to run it and what to look for. If you are still stumped you could always post the hijackthis log and we could take a look at it.

:thumbs:

BTW take a screen shot of what keeps popping up and post it (providing it is not too offensive :lol: ). SOmeone might recognise the culprit

okey - i eill catch that "darn dog"! :)

this one gets me off most of time :|

Starware toolbar is a nasty one, there are some instructions here for removing it:

Starware (http://forums.maddoktor2.com/index.php?showtopic=6153)

WOW!!!! this is something to do!...... damn! :(
THaNKS Pete!

No guarantee Maris. But good luck just the same!! :yup:

It may sound like a PITA but these nasty bugs need some serious steps to get rid of them. Before going through the cleaning process I copied the directions into a text file so I could read them while running the scan (so I wouldn't forget a step)

While you are scanning in safe mode itis best to run your other antivirus & antispyware apps as well (see the ones suggested here).

I like the suggestion to "Uncheck Hide protected operating system files". Sounds like a good idea. Also consider to turn off system restore before you boot to safe mode (control panel > system > system restore tab). You don't want Windows to restore the bugs from a back-up it creates (some bugs are stored there and get reinstalled).

I would run clean-up as well. It clears out anything in your temp files that may be hiding some bugs.

One other program that I use (maybe to consider later) is called MRU Blaster. It removes all saved passwords, logins and cached info about you. Running it regularly means even if spyware gets installed it can't steal as much info from your system.

Give it all a go and lets hear how it works out.

This may also help.


The Emergency Spyware Guide

Operating System : Microsoft Windows XP Home / Professional

Note : This guide should only be undertaken by those with basic knowledge of computers. Newbies may have problems with this guide.

Is your computer slowing down? Are you getting unsolicited ads? Or are you being redirected to unknown sites? If so, please continue to read on because I'm going to show you how to remove them and how to prevent it from happening again.

First off, let's get a basic definition of spyware/adware/malware. They can simply be defined as any software that covertly gathers information about a user while he/she navigates the Internet and transmits the information to an individual or company that uses it for marketing or other purposes.

There's many different variations of these software. Some are hijackers which basically mean they take over your computer. Some are the stealthy kind, which secretly operate and slow down your computer as they gather information and the like. However, the most common are adwares. This is the kind of spyware that's most annoying. It just displays unsolicited ads even when your Internet browser isn't even open. Very, very annoying.

If you have any of those symptoms - redirections to unknown websites, slowing down of your computer, unsolicited ads, etc.; then your computer is likely to have been infected by spyware.

Now that you have a basic understanding of what they are, let's get on to the steps on removing them!


http://www.rojakpot.com/default.aspx?location=3&var1=270&var2=0

Thanks BB ONe - i will try your suggestion too (i looekd through out it and i think this is good try).

By this time i had got ridd off most of spyware, but couldnt get ridd of Starware... untill yetreday.... somehow i caught some new crap...damn.....

Thanks BB ONe - i will try your suggestion too (i looekd through out it and i think this is good try).

By this time i had got ridd off most of spyware, but couldnt get ridd of Starware... untill yetreday.... somehow i caught some new crap...damn.....


Maris,

Stay away from "free" screensavers, the ones at Screensavers.com install this type of thing. Read the fine print!!! Other so called free apps also do this!!! :beat: :beat: :bonk: Careful!!

-Pete :beer:

Hope you catch the buggers. What do you have now?

BTW have you thought about downloading hijackthis and see what might be lurking on your system?

i have used hijackthis and sent an email conatining logfile to the man who wrote the manula how to clean up pc off those craps.
At this moment i am doing.. ee scan - using one of suggested online scanners (used one previusly - found 3 culprits and eliminated them - this one has found out few more and eliminated them too..still in progress)
Hope te get ridd of those damn craps forever!

bee...did all the things said in this link http://www.rojakpot.com/default.aspx?location=3&var1=270&var2=0 ; ereased thing called lsass.exe (i had 2 of them - and i deleted 35 kb one).... still no activity..... thats good...

AAARGHHHHHHHH!!!!!!!!! ****..........
http://ad.jamster.com/landingpages/html/dyn/rwp_red/?tduid=a8ee6c651c80bc3f5ca69a32a0646ad7 - trhis one jumped out!!!!! but it didnt load, just black page. Darn!!!!

Damn - used hijacking and lost DNS adress....... tahnks god my friend had my dns...phew! it seems that my only chance is to do format again..i hate that...... :(

Hello,

I think you can removed the antispyware and use a good one, I am used an anti-spyware 'Adware Alert', which I buy from adwarealert.com and this is really very bad, affect and attack on my whole system and corrupt window application and some files :(, finally I removed this from my system by formatting :(