I Got Spyware In My Pc!

[zeromike22]

mga sir help naman po .....kase nag download po ako ng software dito sa mtc and kung hinde ako nagkakamale dun ko din nakuha un mga virus na to:

 

adware.agent.bn

trojan.vapsup

 

naginstall na po ako ng spyware doctor and meron po cya nadetect pero bumabalik pa din po..un mcaffee ko hinde naman din madetect...kase po binabago nya un buong settings ng pc ko e ...mga sir any software panggtanggal neto..one more thing meron parate ie na ang name is virusremover2008 w/c is alam ko din na virus...help naman po sa software or kung ano dapat kong gawin

 

thanks and more power mga boss

 

You have downloaded trojan files from rapidshare i think.

 

2 lang na detect nang antivirus mo but it could be more..

 

try spybot search and destroy 1.6 . download it..

 

nod32 3.0 is also great. and superantispyware. Both of this programs got rave reviews. Been using nod32 for 2 years already without any hitches..Get the cracked version for this 2 at www.mininova.org. .

 

try using hijackthis if you know how to do it.

 

You have said that the virus has change the computer settings already thereby hijacking your unit. The problem in this scenario is that the virus can detect if you are attempting to remove it.If it is a lethal virus then it can disable the command prompt and access to the registry. It will also prohibit updates to existing antivirus and antispyware . It also prohibits downloads of antivirus and antispyware software. It monitors your every move. I have encountered this one already.

 

Lucky for you if you can still update and download files. If not then your only option is to download nod32 3.0 and superantispyware from an uninfected computer. Also manually update this 2.. Simple lang naman if you are familiar with the update files.

 

If you trust me I can help you out. We will install pcanywhere in your computer and let me access it. I will put nod32 3.0 and superantispyware in your system and will remove the virus.

[sir_boss_master]

mga sirs, my laptop is currently protected only by spybot, avg and windows defender (na walang kwenta according sa isang post). is my laptop safe enough? i do downloads on limewire and cnet palagi. also whenever i enter yahoo, nagpoprompt ang spybot ko kung allow or deny entry. hindi ba niya nababasang safe site ang yahoo? do i still need nod32 sa laptop ko?

 

pasensya na ha but gaano ka importante ang hijackthis? how do i use it?

 

lastly sa mga acer users, have you tried uninstalling the Empowering Technology feature ng laptop niyo? parang bumabagal laptop ko because of this eh.

 

thanks you mga sir.

[zeromike22]

mga sirs, my laptop is currently protected only by spybot, avg and windows defender (na walang kwenta according sa isang post). is my laptop safe enough? i do downloads on limewire and cnet palagi. also whenever i enter yahoo, nagpoprompt ang spybot ko kung allow or deny entry. hindi ba niya nababasang safe site ang yahoo? do i still need nod32 sa laptop ko?

 

pasensya na ha but gaano ka importante ang hijackthis? how do i use it?

 

lastly sa mga acer users, have you tried uninstalling the Empowering Technology feature ng laptop niyo? parang bumabagal laptop ko because of this eh.

 

thanks you mga sir.

 

They are right. Windows defender is useless. :thumbsdownsmiley: :thumbsdownsmiley: ..Avg is kinda average . Spybot is already a good program but you gotta have an antivirus software.

 

My recommendation is NOD 32 3.0 . VEry effective with a small footprint. KAspersky is also worth mentioning.

 

Hijackthis is neither an antivirus or antispyware but a crafty program that looks inside the heart of your system like registry, memory, running programs, and other locations in windows where viruses and malwares are known to hide. You can then submit a logfile to www.hijackthis.de for analysis and terminate the process which you think were harmful.. Usually a clean logfile means a clean system.

 

Regarding Acer Empowering Technology. It is just a hype up utility software by acer. You can live without it.

Edited September 3, 2008 by zeromike22

[sir_boss_master]

They are right. Windows defender is useless. :thumbsdownsmiley: :thumbsdownsmiley: ..Avg is kinda average . Spybot is already a good program but you gotta have an antivirus software.

 

My recommendation is NOD 32 3.0 . VEry effective with a small footprint. KAspersky is also worth mentioning.

 

Hijackthis is neither an antivirus or antispyware but a crafty program that looks inside the heart of your system like registry, memory, running programs, and other locations in windows where viruses and malwares are known to hide. You can then submit a logfile to www.hijackthis.de for analysis and terminate the process which you think were harmful.. Usually a clean logfile means a clean system.

 

Regarding Acer Empowering Technology. It is just a hype up utility software by acer. You can live without it.

 

appreciate the reply sir. so among nod32, kaspersky or avast, highly recommended mo nod32 kapalit ng avg? or retain ko pa rin avg ko? also, should i disable windows defender kung may spybot naman ako and another antivirus?

 

thanks again sir.

[nyepet]

You have downloaded trojan files from rapidshare i think.

 

2 lang na detect nang antivirus mo but it could be more..

 

try spybot search and destroy 1.6 . download it..

 

nod32 3.0 is also great. and superantispyware. Both of this programs got rave reviews. Been using nod32 for 2 years already without any hitches..Get the cracked version for this 2 at www.mininova.org. .

 

try using hijackthis if you know how to do it.

 

You have said that the virus has change the computer settings already thereby hijacking your unit. The problem in this scenario is that the virus can detect if you are attempting to remove it.If it is a lethal virus then it can disable the command prompt and access to the registry. It will also prohibit updates to existing antivirus and antispyware . It also prohibits downloads of antivirus and antispyware software. It monitors your every move. I have encountered this one already.

 

Lucky for you if you can still update and download files. If not then your only option is to download nod32 3.0 and superantispyware from an uninfected computer. Also manually update this 2.. Simple lang naman if you are familiar with the update files.

 

If you trust me I can help you out. We will install pcanywhere in your computer and let me access it. I will put nod32 3.0 and superantispyware in your system and will remove the virus.

 

actually sir yan nga nagyayare saken..nadedetect pero after scan ng spywaredoc bumabalik pa din e...minsan nawawala din un mga hard drives ko and pati un task manager etc... so download ko lang un nod 32 then un superantispyware? kase medyo napipikon na ko dito pag ayaw umayos to format ko na to hehehe

[rc36]

MTC bros, pls help me:

 

as I http:www.iyottube.com, ang pumapalit na website ay un hyperfrenzy.com. pls give advice to remove this hyper... & return the www.iyottube.com website. tnx. Pls PM me.

[kaitaro]

spyware = to anti spyware // or disable it msconfig / change some settings

I use adaware se but safest way to avoid spyware is to avoid going to unapproved websites, downloading exe files and running them.

[rc36]

MTC bros, pls help. before, i enjoy surfing the iyottube.com. later, after I accidentally clicked a wedsite., a certain hyperfrency.com site displays instead of the iyottube.com. Pls advice if how can I bring back the said site. TIA

[darth_johnnie_walker]

MTC bros, pls help. before, i enjoy surfing the iyottube.com. later, after I accidentally clicked a wedsite., a certain hyperfrency.com site displays instead of the iyottube.com. Pls advice if how can I bring back the said site. TIA

 

1. Try deleting your cookies and history..

 

2. Try scanning your PC for malwares that might have infected your

 

PC.. PORN SITES ARE THE NEST OF MOST MALWARES.. Next time

 

be careful on the sites where you watch porns.. :hypocritesmiley:

 

*USE updated AVs for scanning.. :goatee:

Edited January 4, 2009 by darth_johnnie_walker

[firsthorseman]

worst scenario.. format you pc and don't use admin account.

also don't surf porn sites unless your pc is regularly patched and have AV

[Silent Partner]

NEED HELP PO !! EVERYTIME na i try to open my INTERNET

 

GANITO PO ANG MESSAGE

 

 

Internet Explorer has detected a problem and must shut down.

 

And another that says there's an error with AVGsnx.exe.

 

PAANO PO BA MAWALA ITO ??

[SamanthaJones]

NEED HELP PO !! EVERYTIME na i try to open my INTERNET

 

GANITO PO ANG MESSAGE

 

 

Internet Explorer has detected a problem and must shut down.

 

And another that says there's an error with AVGsnx.exe.

 

PAANO PO BA MAWALA ITO ??

Disable 3rd Party browser extensions in Internet Explorer. Run any malware removal too, uninstall IE 8 if you have recently installed it and uninstall and reinstall avg.

[wizard23]

i don't know where to post this. is this spyware? everytime i open my gmail account i get this banner on top saying -

 

Hey, this is important: If you ever lose access to your account, you can send password reset info to myname@hotmail.com. This address is correct |Update this address

 

it asks me to click whether my address is correct or to update my address.

 

i have no hotmail account. so what is this? is this phishing? how do i disable this kind of banner? tnx a lot for the advance help/advice.

[SamanthaJones]

i don't know where to post this. is this spyware? everytime i open my gmail account i get this banner on top saying -

 

Hey, this is important: If you ever lose access to your account, you can send password reset info to myname@hotmail.com. This address is correct |Update this address

 

it asks me to click whether my address is correct or to update my address.

 

i have no hotmail account. so what is this? is this phishing? how do i disable this kind of banner? tnx a lot for the advance help/advice.

I don't think there's nothing much you can do to remove it but its better you check you IE settings, run Spyware removal tools, and don't click on the link, definitely seems Phishing to me but I'm more concerned that somebody can used the information you enter on this link to hack into your Gmail account.

[sohryu]

NEED HELP PO !! EVERYTIME na i try to open my INTERNET

 

GANITO PO ANG MESSAGE

 

 

Internet Explorer has detected a problem and must shut down.

 

And another that says there's an error with AVGsnx.exe.

 

PAANO PO BA MAWALA ITO ??

 

RESET YOUR IE!! tools>internet options>advanced>reset :thumbsupsmiley:

[SamanthaJones]

uninstall IE 8 if you updated your internet explorer....

[rockchic]

what is phishing? any more infor about spyware?

[SamanthaJones]

what is phishing? any more infor about spyware?

source: wikipedia

 

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging,[1] and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users,[2] and exploits the poor usability of current web security technologies.[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

[pussyeater]

I need help with my 2 usb flash drives. They got infected by a virus that hides folders. I think it's the recycler virus. Whenever I browse my usb drives I often see a folder named Recycler or some folder I did not create. I delete it but it keeps coming back. I asked someone to try and remove it he was afraid to clean/quarantine it for fear that all my folders (which are hidden) might get deleted. That certain someone already has McAffee, Norton, and Sophos all running at the same time on his computer. Does anyone here know how to remove this troublesome virus or worm without compromising my folders and files?

 

Thanks in advance!

[SamanthaJones]

I need help with my 2 usb flash drives. They got infected by a virus that hides folders. I think it's the recycler virus. Whenever I browse my usb drives I often see a folder named Recycler or some folder I did not create. I delete it but it keeps coming back. I asked someone to try and remove it he was afraid to clean/quarantine it for fear that all my folders (which are hidden) might get deleted. That certain someone already has McAffee, Norton, and Sophos all running at the same time on his computer. Does anyone here know how to remove this troublesome virus or worm without compromising my folders and files?

 

Thanks in advance!

These virus can be removed by AVG Free edition. If AVG is not finding or hanging in normal run, perform the scan in safe mode. (Press F8 While booting, select Safe mode).

 

Another solution is RegRun Reanimator from www.greatis.com. ( Use it carefully because it suggest many files as suspected).

 

After the removal by antivirus package, remove the autorun.inf file from your flash drive. [This .inf file hides the Explore and Open lines from the contextmenu.]. You have to use attrib -s -r -h to remove the protection of the .inf file. Otherwise you can use the k*ll option in RegRun Reanimator.

 

-----------------------

 

1st: Go to Tools>Folder Options>View>unckeck this items below:

1>display the contets of system folders

2>hide extensions for known file types

3>hide protected operating system files(Recomended)

 

2nd:check all other options in VIEW

 

3rd:APPLY>OK.

 

4th:Download unlocker 1.87 ,install it after that enter any drive (C:\,D:\,........) and delete the recycler folder >then a error message will appar and shows that " can not delete RECYCLER:access is denied." it's in use.>click "OK">after that the "unlocker 1.87" will appears automatically and will give options "noaction","delete","rename","move" at down-left corner and there you can select " delete" optinon by scrolling down and after that you can success fully delete the virus,RECYCLER,from that drive.

 

-----------------------------

 

Use a batch file (Example.bat) to change it from to a non hidden and a non read only file. It will convert it to a deletable folder and delete it. Do not delete the Autorun file because I found that the virus changed one of my documents to the autorun.

 

@Echo off

 

ATTRIB -S -A -H -R

 

Pause

 

Then if no errors come up after running the batch right click on RECYCLER folder and click delete.

 

Make sure the Batch is in the drive not the subdirectry.

 

(Example) - DriveLeter>Example.bat

 

Hope this helps : )

 

 

 

Please note that the following advice if taken will absolve me from any responsibility. I am only reporting what I did to get rid of the virus installed on my hard drive.

 

1. You should be able to see your root drive root drive which is c: or d: etc.

 

2. Ensure that you are able to see hidden files by going to Tool>Folder Option>view and checking off hidden files.

 

3. System Volume Information and Recycler should be visible in your root drive (c: d: or whatever drive you use)

4. Right Click on Recycler folder and go to Properties.

 

5. Go to the tab labeled Security, If your user name is not there then add your username that you use for XP . Give yourself all security rights as well as the SYSTEM user. Then press okay. If you cannot see the security tab and you are using XP professional then go to Tool>Folder Option>View uncheck box "Use simple File sharing" then select Apply.

 

6. Right Click on System volume information folder and go to Properties. Repeat step 5.

 

7. Go to the garbage icon on the desktop and right click. Choose properties then check the box " Do not move files to the recycle bin. Remove files immediately when deleted." Press Apply.

 

8. Go back to the root drive and delete Recycler folder.

 

9. Go to the System Information folder and delete the last folder. These folders are where Xp has taken a snapshot of your system in order to restore it. The virus is hiding here in the event that you restore it is also restored.

 

10. You should now open the registry editor and remove the virus from here so that when you restart the virus is not recreated.

 

11. Open the registry editor. Start >Run> then type regedit in the box and select OK The registry will now open.

 

12. Hit Ctrl+F Type Recycler in the search box . Delete the entry when found. press F3 to find the next occurrance of Recycler and delete.

 

13. Close regedit.

 

14. Go to all installed harddrives and so steps 2- steps 6, steps 8 and steps 9.

 

15. Run your virus software. You should be able to update any virus software that was previously unupdatable.

 

16. Reboot your computer

 

17. Verify that that the reycler folder is deleted from you root drive.

 

18. Then you can uncheck the box in the garbage that you checked in step 7. To keep all you deleted files in case you need to restore a file that was accidentally deleted.

[ElRey]

help! i got this trojan horse generic14.DBI that keeps popping up on my AVG free, but everytime i remove it or move it to the vault, it keeps coming back!

 

What can I do please help

[pussyeater]

These virus can be removed by AVG Free edition. If AVG is not finding or hanging in normal run, perform the scan in safe mode. (Press F8 While booting, select Safe mode).

 

Another solution is RegRun Reanimator from www.greatis.com. ( Use it carefully because it suggest many files as suspected).

 

After the removal by antivirus package, remove the autorun.inf file from your flash drive. [This .inf file hides the Explore and Open lines from the contextmenu.]. You have to use attrib -s -r -h to remove the protection of the .inf file. Otherwise you can use the k*ll option in RegRun Reanimator.

 

-----------------------

 

1st: Go to Tools>Folder Options>View>unckeck this items below:

1>display the contets of system folders

2>hide extensions for known file types

3>hide protected operating system files(Recomended)

 

2nd:check all other options in VIEW

 

3rd:APPLY>OK.

 

4th:Download unlocker 1.87 ,install it after that enter any drive (C:\,D:\,........) and delete the recycler folder >then a error message will appar and shows that " can not delete RECYCLER:access is denied." it's in use.>click "OK">after that the "unlocker 1.87" will appears automatically and will give options "noaction","delete","rename","move" at down-left corner and there you can select " delete" optinon by scrolling down and after that you can success fully delete the virus,RECYCLER,from that drive.

 

-----------------------------

 

Use a batch file (Example.bat) to change it from to a non hidden and a non read only file. It will convert it to a deletable folder and delete it. Do not delete the Autorun file because I found that the virus changed one of my documents to the autorun.

 

@Echo off

 

ATTRIB -S -A -H -R

 

Pause

 

Then if no errors come up after running the batch right click on RECYCLER folder and click delete.

 

Make sure the Batch is in the drive not the subdirectry.

 

(Example) - DriveLeter>Example.bat

 

Hope this helps : )

 

 

 

Please note that the following advice if taken will absolve me from any responsibility. I am only reporting what I did to get rid of the virus installed on my hard drive.

 

1. You should be able to see your root drive root drive which is c: or d: etc.

 

2. Ensure that you are able to see hidden files by going to Tool>Folder Option>view and checking off hidden files.

 

3. System Volume Information and Recycler should be visible in your root drive (c: d: or whatever drive you use)

4. Right Click on Recycler folder and go to Properties.

 

5. Go to the tab labeled Security, If your user name is not there then add your username that you use for XP . Give yourself all security rights as well as the SYSTEM user. Then press okay. If you cannot see the security tab and you are using XP professional then go to Tool>Folder Option>View uncheck box "Use simple File sharing" then select Apply.

 

6. Right Click on System volume information folder and go to Properties. Repeat step 5.

 

7. Go to the garbage icon on the desktop and right click. Choose properties then check the box " Do not move files to the recycle bin. Remove files immediately when deleted." Press Apply.

 

8. Go back to the root drive and delete Recycler folder.

 

9. Go to the System Information folder and delete the last folder. These folders are where Xp has taken a snapshot of your system in order to restore it. The virus is hiding here in the event that you restore it is also restored.

 

10. You should now open the registry editor and remove the virus from here so that when you restart the virus is not recreated.

 

11. Open the registry editor. Start >Run> then type regedit in the box and select OK The registry will now open.

 

12. Hit Ctrl+F Type Recycler in the search box . Delete the entry when found. press F3 to find the next occurrance of Recycler and delete.

 

13. Close regedit.

 

14. Go to all installed harddrives and so steps 2- steps 6, steps 8 and steps 9.

 

15. Run your virus software. You should be able to update any virus software that was previously unupdatable.

 

16. Reboot your computer

 

17. Verify that that the reycler folder is deleted from you root drive.

 

18. Then you can uncheck the box in the garbage that you checked in step 7. To keep all you deleted files in case you need to restore a file that was accidentally deleted.

 

Wow! That's quite long, but I think worth it. Thank you very much for your help

[kenji_1989]

Need your help mga master, I see this hidden files on my music files. mp3 din extension nya pero yung icon picture, here's the screenshot:

 

http://photos-g.ak.fbcdn.net/hphotos-ak-snc3/hs097.snc3/16445_1193767724659_1242410609_30544366_4334087_n.jpg

 

what could possibly be the reason? Any way to remove this? Sa mp3 ko meron din nito eh and Im not sure kung music lang tinitira niya, so far sa music files ko palang nakikita to

[jerpau]

mga boss help po..

d ko alam kung spyware to o anu pero p help nmn..

ung task manager disabled tapos my mga foler un itsura pero .exe pala..

example my folder aq na "a" un file name.. tapos pag click mo un folder n un magkakaroon ng folder ng itsura tpos "a.exe"

tapos un ym ko login ng login kahit inayus ko na yung settings ng ym..

at sobrang bagal na ng PC ko..HELP NAMAN!

[dRkNiGhT]

naku..mahabang manual removal yan...

 

can u try running malwarebytes...