my pc is on its wayu to being fuckd,spyware has attacked my pc b igtime im getting anti spyware shit popping up on my pc left right and centre my norton and avg are doing fuck all to stop itsome of the trojans say back door trojan and all kinds a wierd shit dunno what to do my pc hasnt been setting restore points like it should so that isnt an option i havnt got a windows disk to reformat

anyone got any ideas

Si do you have any anti spyware progs on your comp at all ?

sorry Si i am way tired and hab to go to bed,....my suggestion would be, d'load Spybot from here http://fileforum.betanews.com/detail/Spybot_Search_and_Destroy/1043809773/1

Install and run uppdate. Then shutdown comp and Boot into " Safe mode ",...heres how htthttp://www.computerhope.com/issues/chsafe.htmp://

Follow instructions for your operating system ,.....once in safe mode run Spybot and see what it picks up and then delete it. Reboot into normal mode and see whats left.

Good luck son,....google is your best friend provided your spyware lets you access it.

What version of windows d'ya want Si? If it comes down to wiping it all and going for a re-install I can mail you a disk.


p.s. Maybe you need to stop Tam looking at all those dodgy porn sites to stop this happening in future :msn_wink:

Know the feeling mate, I assume you can still access the web from your PC.

Try this site, I've found it to be spot on in the past (all their advice is pukka)

http://www.bleepingcomputer.com

It helps if you know what trojan, virus etc you have so try downloading "spybot search & destroy". It will probably identify the problem, even if it cant fix it, then search bleepingcomputer for the removal tool.

Good luck

sorry I should have mentioned you dont have to register with bleepingcomputer to access their site. Go to Forums, scroll down till you find "Security" and wade through the advice (plenty of it)

What version of windows d'ya want Si? If it comes down to wiping it all and going for a re-install I can mail you a disk.


p.s. Maybe you need to stop Tam looking at all those dodgy porn sites to stop this happening in future :msn_wink:

xp mate

this is one is the mainmessage im getting

System Alert: trojan-spy.win32@mx

type: spyware/trojan
Vunerable; Windows
description: sends confidentiual info to remote attacker

i aint doing any online banking till i have sorted it

scotfan i already have spybot its got rid of a few but not all

my norton 360 wont even scan now ffs

Only other suggestion.......try downloading "SUPER AntiSypyware Free Edition" and "Malwarebytes Anti Malware". When I was fooked a few weeks ago it took all 3 free programmes to rid my PC of all the shit. Also try booting up in safe mode, Norton should be able to scan then. If these dont work I think you're stuck with format and reload from scratch

should i steer clear of buying online or online banking?

Do not try online banking or using cards online until fixed, most trojans have keyloggers.

This was the original post from bleepingcomputer:
I am at my wits end. Tried Spy Bot, Ad-Aware, Zone Alarm, Norton Anti-Virus and nothing is helping with the hijacked homepage, pop-ups and System Alert: Trojan-Spy.Win32@mx with the yellow triangle warning sign on the bar. Can some one help, please?!


Try this:
Download SmitfraudFix.exe from here and save it to your desktop

http://www.bleepingcomputer.com/files/smitfraudfix.php

You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.
Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".


The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart anyway into normal Windows.

No guarantees that this will fix the problem but I do think its your best bet (it worked for the guy who sent in the question)

Good luck

I would suggest refraining from doing anything remotely tied in with personel info on the puter,just the slightest hint of a password could get you in trouble with trojans on your puter,it happened to me with just innocently putting password for just my email with personel stuff on it

hope i arnt saying this too soon but it looks like you could have done me good scotfan....watch this space

nope not all gone got this one still

System alert:maleware threats

your pc MIGHT be infected with a backdoor trojan that allows remote attacker to perform malicious actions

emphasise on the word might,could this just be an advertising thingy

Try this Si - I've been using it for years and its not bad and free to boot!

http://www.avast.com/

Move your mouse to free software at the top and then download "avast! HOME EDITION" and try that.

Good Luck!!

:sleighride:


PS I wouldn't put Norton on my PC if they paid me...

nope not all gone got this one still

System alert:maleware threats

your pc MIGHT be infected with a backdoor trojan that allows remote attacker to perform malicious actions

emphasise on the word might,could this just be an advertising thingy

Sometimes you can get these messages that ask you to do a Free system scan with their product, then you scan and they come up with a list of threats they have found on your comp. Then they say you cannot delete the little buggas until you sign up for their full version, then they infect you with trojans etc etc.

Best if you can identify who or what program is giving you these alerts. Sometimes it sounds like a legit spyware removal prog. Never click on for free spyware tests. This is how these things can start. Once you clean some of this shit up, always go to Control panel, ..Add / remove progs and look to see if theres anything you dont recognise or like, and delete it. Sometimes go into your Prog Files and look for folders still left lingering with small traces of shit after it has supposedly been removed and manually delete.

Looks like your making progress anyway,...sometimes this takes a while and you may need seveal attempts and tools, but its better that losing all your shit on a new install. Unlesss of course its only photos and stuff which you can back up to disk and then reload.

Exactly that. You must still have a registry entry giving you a popup to a "free" spyware program which is trying to con you out of cash better spent in a bar in Patts. Run ALL the legit antispyware progs I suggested and see if they can at least identify what you may or may not still have. Let me know and I should be able to find the removal tool.

a new development

none of the scans have worked that avast was ok but scared the hell out of me when it was warning me about an attempted attack,it was almost like being on a warship.

Ive now tried something new, i was using my standard packard bell browser before and everytime i logged on pop ups about spyware and maleware were rife,and windows was warning me that i was infected,ive just now downl.oaded mozilla and hey presto not one pop up,not one system alert no windows warnings etc.

I wonder if it could just have been localised to my browser and that i am not infected just my browser was,any thoughts.?

LOL! Sorry Si I forgot the KLAXON NOISE !!!!!

Have a wade through here if you have some time http://www.moneysavingexpert.com/shopping/free-anti-virus-software

Good Luck and dont forget your ear defenders next time! LOL!

Lex

si, have/had the same thing.
ok on firefox but ie caused probs.

think i got rid of it after about 3 weeks trying.

scrapped all the spyware as couldnt shift it, put new version of nod32 on it it immediatly found a few "missed" trojans.

been ok for last week (fingers crossed)

i have a version which gives 27 years trial, no patching keycodes etc.

if you want i can send you a copy (19 meg-ish)

can break it down or upload to rapidshare no probs

always worth a try if you still have probd

cant hurt MS cheers

im using google chrome ie now its flash really quick

.........

Ive now tried something new, i was using my standard packard bell browser before and everytime i logged on pop ups about spyware and maleware were rife,and windows was warning me that i was infected,ive just now downl.oaded mozilla and hey presto not one pop up,not one system alert no windows warnings etc.

I wonder if it could just have been localised to my browser and that i am not infected just my browser was,any thoughts.?

The technical stuff is way beyond me but when I was having loads of trouble with IE(or Internet Exploder as a friend nicknamed it) I was advised to use Mozilla Firefox,downloaded it and it seems to be
far better in terms of not getting virus attacks/warnings.
Very rarely crashes whereas IE used to.

Only problem I`ve found so far with Firefox is it seems to be more restrictive as to what I can access.

tried firefox and google IE`s and the google one seemed far faster the mozilla one seemed to have a delay on changing pages

here is a link

i found it loads better and should have ran it ages ago but i had mcafee free with the pc so left it on.

you will also see your machine run faster if you use norton as that takes up loads of resources to run

dont know if it will help but always a fall back and it wont expire in the near future...20+years...

http://rapidshare.com/files/166583156/ESENOD32_27_Years.rar

Remaining trial period 24540 days!?? That isn't quite the same as the read me file which says oops not 24 days as I thought but 24XXX days so I'm sorted! Cheers pal I owe you a Kamagra gel and and 2 beers when we meet up!

BTW 55 min scan and 0 anything found FWIW

Yep Si Firefox is a much more secure browser. Keep searching google for answers and checking for leftovers in prig files etc, use whateva tools you can get ya hands on to find the little beasties on ya comp.:mafia: