Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Do I Still Have Spyware?


  • Please log in to reply
16 replies to this topic

#1 thechaoscube

thechaoscube

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 03 May 2008 - 04:47 AM

hello, i need someone's professional opinion on the status of my computer. i'm running windows vista home premium (32-bit), with an amd turion 64 X2 mobile processor. i just upgraded my ram to 1470 mb, and my computer runs fine. however, i still have little problems here and there, such as internet explorer 7 closing whenever it wants to, or when i play games, the window closes out completely, with no chance to save. i've removed a lot of spyware, adware, and viruses with avast, stopzilla, and spybot s&d, and even sometimes had to go into the registry to remove some. right now i'm running spybot s&d, norton 360, and stopzilla, i have since removed avast (i'm paying for norton, so why not?). what i want to know is, do i still have spyware traces on my computer, and if i do, how do i remove them?

BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:42 AM

Posted 03 May 2008 - 09:13 AM

Hi and welcome to BC. First having 2 AV's active at the same time will cause a lot of problems. So keep it to one.
Next download and save to desktop these 2 scanners. MalwareBytes and SUPERAntispware. These will require that they be Run as an Administrator.

Please temporarily turn off the Other tools you've mentioned during these scans and restart them after.
Scan 1,from Normal Mode

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Acan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Scan 2, from Safe Mode

Download SUPERAntiSpyware, Free Home Version. Save to desktop ..
DO NOT run yet.
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining
.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to Start Windows in Safe Mode

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Please ask any needed questions,post logs and Let us know how the PC is running now.
Turn your tools back on.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 thechaoscube

thechaoscube
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 03 May 2008 - 04:10 PM

someone told me that superantispyware is a phony antispyware program, and that it has a lot of adware packaged with it, so i am reluctant to use it. also, i know that having two AV's can do more harm than good, so that's why i uninstalled avast. could you recommend another anti-spyware program that is reliable?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:42 AM

Posted 03 May 2008 - 04:41 PM

Some one told you wrong it is actually one of the best products on the market in both free and paid versions.
Take a look thru this forum and see how well it works.

Here's one example
http://www.bleepingcomputer.com/forums/ind...mp;#entry461748
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 thechaoscube

thechaoscube
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 04 May 2008 - 03:34 AM

ok, so i followed ur advice, and here are the logs:



Malwarebytes' Anti-Malware 1.11
Database version: 714

Scan type: Quick Scan
Objects scanned: 32012
Time elapsed: 6 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/04/2008 at 03:31 AM

Application Version : 4.0.1154

Core Rules Database Version : 3432
Trace Rules Database Version: 1424

Scan type : Complete Scan
Total Scan Time : 01:24:35

Memory items scanned : 219
Memory threats detected : 0
Registry items scanned : 7106
Registry threats detected : 0
File items scanned : 157491
File threats detected : 9

Adware.Tracking Cookie
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\j1m8o@ads.revsci[1].txt
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\Low\j1m8o@247realmedia[1].txt
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\Low\j1m8o@ad.yieldmanager[1].txt
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\Low\j1m8o@ads.pointroll[1].txt
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\Low\j1m8o@ads.revsci[1].txt
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\Low\j1m8o@media6degrees[1].txt
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\Low\j1m8o@oasc09.247realmedia[2].txt
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\Low\j1m8o@paypal.112.2o7[1].txt
C:\Users\J1M8O\AppData\Roaming\Microsoft\Windows\Cookies\Low\j1m8o@trafficmp[1].txt

i ran MWAW in normal mode, and superantispyware in safe mode...

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:42 AM

Posted 04 May 2008 - 04:07 PM

You look very clesn now. How is the PC acting?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 thechaoscube

thechaoscube
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 06 May 2008 - 05:34 AM

it's acting as if i never installed more memory... two days ago it was fine, but recently it started slowing down again, like it was before i installed memory. any more suggestions?

#8 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:42 AM

Posted 06 May 2008 - 08:25 AM

Sorting out malware, software and hardware issues can be almost impossible

Please Run the PCPitstop Full Tests, here:
http://www.pcpitstop.com/pcpitstop/default.asp
Register and create a password
Accept the ActiveX component to allow your machine to run the Full Tests
Registering and accepting the ActiveX are both SAFE and FREE.
Full Tests is the first item in the left hand column of that page.

The Full Tests take less than 5 minutes for most machines.
Once you have your Results, please post the TechExpress Link back here into this thread for review.
TechExpress is the last item on the list in the yellow box in upper right area of any Results page.
Post the entire URL link information back here into this Forum thread.

Caution: During the testing of Video Adapter, a variety of patterns, shapes, colors and text are “flashed” onto the users monitor screen. In the many thousands of daily uses of the PCPitstop Full Tests over several years, two individuals who suffer epilepsy experienced discomfort and temporary dizziness when viewing the flashing patterns.
If you know that you are susceptible to photo driven seizure, look away from your screen during the Video Adapter testing sequence.


I borrowed this from a certain MS-MVP that's been around for a long long time
Chewy

No. Try not. Do... or do not. There is no try.

#9 thechaoscube

thechaoscube
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 09 May 2008 - 08:32 AM

here is the techexpress results:


http://www.pcpitstop.com/techexpress.asp?id=9KD4TWM9CUGSNQX9

my computer is getting slower by the day; i can almost send a text message before IE7 loads. sometimes IE7 will just close down, for no apparent reason. sometimes windows explorer will do the same thing, for no apparent reason. and i just noticed that my user account control had been turned off, and i didn't even do it. i think i have a bigger problem than when i started......

...jimbo

#10 thechaoscube

thechaoscube
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 09 May 2008 - 08:36 AM

also, i should mention that i cannot fully immunize spybot s&d against certain threats. there are 129 instances unprotected, and i'm running it as an admin.

#11 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:42 AM

Posted 09 May 2008 - 09:56 AM

Well there's several things you could do to speed that laptop up with vista but nothing dramatic

Your memory seems to be OK, not evough shared for the video maybe?

your malware protection looks like there are several possible conflicts, many of them are trying to perform duplicate services

I see teatimer running, was it active in your past efforts to cleanup malware?

You fully uninstalled avast?
Chewy

No. Try not. Do... or do not. There is no try.

#12 thechaoscube

thechaoscube
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 16 May 2008 - 08:15 AM

tea timer has always been active, since the time i installed spybot s&d. i'm pretty sure i fully uninstalled avast, went to control panel, add/remove programs, and uninstalled everything including quarantined files, and backups. unless i'm missing something...

sorry it took so long to get back to you, i've been busy this past week :thumbsup: i thank you for your time, patience, and assistance...

i did have a program called no trace, b/c i thought it was spyware removal tool. ironically, when i uninstalled no trace, i still see traces of it! i've seen traces in msconfig, and in folders that i cannot delete. i would have to look for them again to know exactly where they are. can you help me completely remove this program?

#13 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:42 AM

Posted 16 May 2008 - 08:53 AM

It doesn't look like your problem is malware, but too many security programs. TeaTimer and Norton's are both trying to protect system settings, if you are lucky to get a good install of a program then you might still have a problem uninstalling it later. And you had a beta trendmicro program on top of that.

Norton's seemed to unload easily and so I could clean up a friends computer a few days ago. Of course it let a rootkit and backdoor trojan run on his computer for over a year.

I would reccomend you disable teatimer permanently, uninstall everything but norton's, that's including spybot

And run Vista as a repair

http://www.bleepingcomputer.com/forums/t/78386/bleeping-computer-vista-tutorials/
Chewy

No. Try not. Do... or do not. There is no try.

#14 thechaoscube

thechaoscube
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 AM

Posted 18 May 2008 - 11:32 AM

i'm not really sure what you mean by running vista as a repair, could you be more specific?

#15 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:42 AM

Posted 18 May 2008 - 01:44 PM

Vista Repair and Recovery Tutorials


in my link down under this title are several options
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users