Spyware on my computer, Help! ! ! Created 13 years ago2010-12-21 16:06:08 UTC by zeeba-G

Thats right, theres a really nasty spyware on my computer. When I turn my computer on the spyware changes my background image to a message telling me theres a spyware on my computer and "this background is obviously not from my computer" because it says stupid stuff like your friends, family and coworkers aren't safe or some bs. and the only function I am able to do is click on a thing that takes me to a link to purchase their bs antivirus product like they really expect me to hand them my credit infromation.

Anyways I can't do a system restore or go to the internet to download a free program like avast to get rid of it. WHen I click internet it goes to the internet but than freezes and x's out of it immediately. And same goes for just about any other function except conrol panel. And there's a icon on the bottom right "a shield with an x on it" but when I check in control pannel it shows that virus protection is actually on.

Btw all I had was AVG which worked for a few years...

Is there anything I could try? I want to map all of a sudden! ! ! A level inspired by desert collosus from oot mixed in with some modern lost technology.

When I switched to Avast, it picked up stuff that AVG missed. Try that?
Also, what are those two apps? SpyBotSD and Ad-Aware or something? Someone here will tell you in 5 minutes. :3

Have you tried booting in safe mode? Try that, then disable anything set to run at windows boot in msconfig (start > run > type "msconfig" > ok).

That shit's in the registry, I generally delete it straight from regedit. Some malware also hides as a windows service so I'd suggest you look for suspicious entries in services management just in case.

Finally make sure your network settings weren't changed. A few months ago I had some malware change my DNS servers to some obscure ukranian server so all my traffic was being proxied through their servers.

Yeah I forgot. Try SpyBot Search & Destroy, it does a lot of this automatically.

It took more than 5 minutes

Also download bit defender trial > scan pc > delete program.

I also recommend Spybot S&D. Download from another PC, transfer via flash drive, install in safe mode. Run a full scan and hope it works. Otherwise, it's probably best that you do a full reformat and start fresh.

I recommend Spybot as well, I use it. Be careful to click the proper download link and not the advertisements that say download. There is also an ad which poses as Spybot returned in the google search. Click the proper link.

Just run it every once in a while, takes anywhere from 5-45 minutes based on your rig.

No need to re-format and I have never, never gotten any of the spyware programs to work. Maybe it was because I didn't install in safemode; never tried that.

This is a simple virus/redirector that can easy be removed. Disco offered a few great suggestions but here are a few more to easily remove it all. In the end you may have to tweak your services that got turned on to provide you with this lovely virus.

If you can safety get into safemode then I would suggest doing so it will make things easier. Otherwise you can still do it from the desktop. Before, I say anything you should try and simply make a new user; the only thing you need to copy is your bookmarks, if you use IE and your documents. If you use your documents folder. I don't because it's a target for hackers.

As stated by DiscoStu, most spyware will edit your registry so even if you get rid of the mess it just comes right back. You will need a simple registry editor; I use "hijackthis", it's simple and straight forward and allows you to remove the entries that re-install the software. You will see the crazy entries; just delete them. You should always clean your register.

Now, pull up the task bar and locate anything that doesn't look right, i.e. some of the names from the registry. Sometimes the shell.exe process is started; you need to kill this. Locate anything that says svchost.exe and has your login name on it. Most system processes are started by the system not by your user name so any svchost.exe under your name is likely part of a spyware program. Kill these and if they are not right then you can just re-boot till you find the culprit(s).

Next, most spyware and malware programs reside in your documents and settings and are usually in 2 or 3 parts. This is why I said to simply make a new user to see if it would solve your problem. Nowadayz, any malware sitting in your actual windows folder is probably pretty serious. Concurrently, if you have a windows folder in your documents and settings->yourname then it is not supposed to be there. I am not sure how Windows 7 is set up, so I am no authority there.

You can go into documents and settings and find your user name, and right-click search on the folder and type "*" into the search bar which will bring up all the files in the folder. Next, sort by date and you should see where the malware is. It should have todays date as it's constantly modified. I usually kill anything that corresponds to the task manager and if you CAN'T delete it then it's RUNNING. You need to find it in the task manager and stop it; then re-delete.

I found this whole process entirely more easy than using a program that may or may not remove your malware. I have used spy-bot but it never really removes anything. Ad-Aware is the same way. I also know that my registry is clean and that all the tasks running are things that I actually want running. Most programs install annoying crap anyways, kill 'em all.

Like I said, your services should be looked over and tweaked to not allow things to happen in the future. Also, alot of the newer malware/redirectors will literally change your browser settings. This is probably where you are getting the deadness from. You need to go into your internet settings and change the settings so your network is automatically configured; no proxy. Well, unless you go thru a proxy server then you need to put your address info back in. I take it that this is not the case here.

I am sorry if your taskbar is toast and will not come up; lol. If it's off then search the internet for the solution. It's simple, I just forgot.

I use Mozilla and get aggravated when I get one of these pesky little malwares. And most of it comes from looking for textures on yahoo and google, thanks guys for the virus protection!

Usually only takes about 15 minutes as previously stated.

Thanks for all the help guys, i'll try them when i'm back in town from christmas. Yea starting fresh isn't an option for be being that I have tons of precious rmf.'s and other precious work.

It's amazing how many people still don't have a backup and recovery plan in place. Computers fail often, guys. Back your shit up!

Some of us can't even work out a working backup plan.

Backing up means investing money in a second portable HDD, preferably USB3.0. That's where the problem starts.

I don't back up, but honestly it would'nt be a huge deal if I lost everything. It's %90 games and would really only mean 2-3 days of downloading to get it all back.

Second portable HDD? Get a tape recorder, tapes are cheaper than HDDs.

Yea your right I have stuff that would kill me to lose. From now on i'll atleast back up the important things incase something like this happens again.

Tip: google for "hijack this"

i remember getting something like this, and i deleted it thru task manager, and then killing the registry values of it, but then I got zealous and killed windows search assistant, and eventually the computer crashes at startup. Be really careful when you delete windows registries