by really_clueless / November 30, 2007 1:11 AM PST

Currently running Windows XP.

I need help getting rid of spyware! Tried all anti virus scans and it keeps coming back. My ISP called an alerted me that my computer is sending out spam. I don't know what to do except I called Dell tech support and they were not much help. One techie said try a reformat of the hard drive and another time I called one said try a PC Restore.

I don't know which advice to follow? Any suggestions to get rid of this spyware. PC restore sounds like a much easier solution, but not sure if it will get rid of the spyware tho.

Any suggestions if PC restore works well??

THanks.

PC restore help - need to get rid of spyare
The posting of advertisements, profanity, or personal attacks is prohibited.
PC restore help - need to get rid of spyare
not yet....
by really_clueless / November 30, 2007 1:29 AM PST

thanks, I didn't see the replies at that thread ! Been fighting off the flu as well as the spywares! LOL

It appears I have major spyware as well as an unsecured router. Today AVG ran and found trojans, which where not there yesterday..a big mess I have. Sad

thanks. Happy

Major spyware is addressed with tools in our forum sticky.
by R. Proffitt Forum moderator / November 30, 2007 1:39 AM PST
In reply to: not yet....

But since you have an insecure wifi router...

Also, you never NAMED your spyware or supplied any words to make me suspect that your machine has the issue.

It would be a shame to reload the machine only to discover it was another open router.

Bob

Spyware, viruses
by bdomek / December 1, 2007 4:10 AM PST

Don't even go there regarding reformatting your hard drive. That tech through your isp doesn't know what they're talking about. You could do a Restore. Start, All Programs, Accessories, System Tools, System Restore. Pick a date before the problem began. That should take care of it. If it doesn't, then someone hijacked your browser. Download hijack this from download.com or komando.com.

Hope this helps you out.

What would help
by JonathanCase / December 1, 2007 4:55 AM PST

is to post the names of any malware found, and what program found it/them.
You say you have "tried all anti virus scans". Which programs/scanners have you used?
The quality of the help you get for this will depend on the detail you supply.
The tech's answer to "reformat the HD" is likely to get rid of it; it is also the easy option - for the tech.
Using a system restore might not get rid of it. Many trojans have no trouble at all rebuilding themselves from a restore. It needs to be correctly cleaned, and there is a procedure to follow.
The ball is in your court.

Spyware
by bdomek / December 1, 2007 5:12 AM PST

After you do the Restore, then update your anti spyware programs. Yes, PROGRAMS. You should have at least 3 free one, or, one you buy and at least one free one. You need to be protected. Then update all of those programs, and do a scan with each one, separately. If you run them together, they'll conflict with each other.

Barb

bdomek, what makes
by JonathanCase / December 1, 2007 5:20 AM PST
In reply to: Spyware

you think a restore can fix this, without knowing what the malware is first?
I do agree concerning the use of more than one scanner. Until we know exactly what the malware is, we don't know what is going to fix it. It might be easy, or it might need some specialist tools.

Good point. What I discovered is their wifi router is not..
by R. Proffitt Forum moderator / December 1, 2007 5:31 AM PST
In reply to: bdomek, what makes

It's not secure. All the trouble could be a simple issue of an open router.

Bob

Yep. That would be
by JonathanCase / December 1, 2007 5:40 AM PST

one of the first things to check. And probably the easiest.

router issue..
by really_clueless / December 4, 2007 3:26 AM PST

Bob, I tried securing my router and wound up with no wireless connection at all! The technies from the router company were useless until i figured myself how to get wireless again!!

With all the junk in my computer, i'm going to work on reformatting and then try again securing the router.

thanks again.

Spyware
by bdomek / December 1, 2007 5:32 AM PST
In reply to: bdomek, what makes

Yep. You do a restore to get the computer back to the original state of running so that you can run the antispyware programs. If the computer is running irratically it won't let you do any scans. How do I know? Been there many times with computers I've worked on, including this dinosaur (6 years old WinXP) I'm on right now.

Barb

Have you never seen
by JonathanCase / December 1, 2007 5:38 AM PST
In reply to: Spyware

a situation where, following a system restore to attempt to remove malware, it re-surfaces, just as bold and bad as ever?
I sure have!
As I said earlier, there are trojans that aren't affected by system restore. Without the combination of files they drop being rendered impotent at next bootup, they will recreate their reg entries, and just start again.

System Restore
by bdomek / December 4, 2007 3:49 AM PST
In reply to: Have you never seen

The system restore won't fix the whole problem. I'm well aware of that. The purpose of the system restore is to get the computer WORKING again. Then, after you've done that, then you update antivirus and antispyware programs, then do a complete and thorough scan with each one, separately of course.

Barb

Maybe this is what he saw
by PudgyOne / December 1, 2007 6:04 AM PST

I got an email from a CNET Forum member. He told me he got this email.

http://img138.imageshack.us/img138/687/emailscamrevisedpz6.jpg

Clip from the members email were

Recently i received a warning email from "ComCast" that that they had detected instances that my computer was sending out spam and they were going to be taking precautions to block my use. Since it looked legitimate, i could have fallen for it, and then i remembered your experience. As a mac owner, my likelihood of having a virus at all was slim to none, yet this official looking letter was saying i needed to clean out my software with some Anti-Virus assistance using the "helpful" links provided, such as "Norton", or "Symantic". The native firewall that the mac uses and the inability to install an exe file at all precludes use of Norton products.

Oddly my email client/browser (Mozilla) displayed a warning that IT thought the email might be a scam. And so it was.

If this person received this email, then it was a bogus email that was sent.


Hope this helps.


Rick

was not email....ISP sent a letter and phoned me
by really_clueless / December 4, 2007 3:17 AM PST

Yeah,I'd not trust an email myself, but it was a phone call and a letter i received from my ISP!

what AVG found:
Troj.Printspool
trojan horse Downloader.Obfuskated
and a while back Smith Fraud (I looked up this and my computer was experiencing the 'fatal blue screen' which this is supposedly responsible for.)

I scan daily and others appear, but I've just stopped taking notes! It's become too frustrating to scan anymore that I am just ready to reformat or throw my 2-year old computer in the trash bin!!

Another thing, even though my subscription to McAFee is not expired, I can't seem to activate it or update it! Only firewall is active but I am running AVG in the background.

I can't find any CD's which came with the computer I'll need for reformatting and i've called DELL to send me the resource CD as well as others, but each time I call a different technie tells me I need something different!! Any suggestions what I need to reformat??

I appreciate your help guys.

Each one of those can be removed. BUT!!!
by R. Proffitt Forum moderator / December 4, 2007 3:23 AM PST

You didn't tell if they are still there.

some are s ome are not
by really_clueless / December 4, 2007 3:30 AM PST

I know smith fraud is still around because I still get that blue screen and alot more often..

The other two supposedly were deleted by anti spyware, but if I scan tomorrow, something different shows up!!

I really don't know how this is possible??

Spyware, Viruses
by bdomek / December 4, 2007 3:56 AM PST
In reply to: some are s ome are not

Sounds to me like your computer is loaded with spyware. If you're on a home network, all the other computers attached to it will become infected along with the one you're talking about. You should disconnect from the network right away. Then do all the scans to rid the computer of spyware. And, all of the other computers on your home network should have the same done with them.

Personally, I have DSL now. Only got it less than a month ago and am glad I have it. I've heard too many horror stories from people with Comcast Broadband. Between viruses and spyware, don't know if I'd even want Comcast Broadband, sorry to say.

Barb

smith fraud is still around
by Marianna Schmudlach / December 4, 2007 7:12 AM PST
In reply to: some are s ome are not

There is a SmitfraudFix:

1. Download SmitfraudFix (by S!Ri) to your Desktop (Win2k/WinXP only!).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.

How to extract (decompress) zipped or compressed files

Spyware, Viruses
by bdomek / December 4, 2007 3:40 AM PST

Ok. For starters "Another thing, even though my subscription to McAFee is not expired, I can't seem to activate it or update it! Only firewall is active but I am running AVG in the background." That tells me you have two antivirus programs running. Go into the Control Panel & uninstall whichever one you do not see anywhere on your desktop, or in your list of programs under, Start, All Programs. You absolutely cannot have two antivirus programs running at the same time. One will cancel out the other one.

As for Formatting your hard drive without a System CD? Absolutely NOT. You'll wipe out your hard drive and won't have anything to put back onto it.

If you cannot to a System Restore (Start, All Programs, Accessories, System Tools, System Restore) back to the point before the Trojan Horse hit, then Update AVG, all of your antispyware programs, and do a complete scan. Make sure your AVG is set up to clean (destroy) that Trojan Horse. Then, and I don't know what antispyware programs you're running, but do thorough scans with them.

Heck, if you lived anywhere near me, I'd take you tower or laptop and get rid of that sucker myself. But, I know you can do it. You just have to be patient, and cover all of the steps necessary to get rid of it. And by the way. A two year old computer is, in my eyes, pretty darned new! This thing's 6 years old. I've had spyware and viruses. Just replaced the Hard drive a couple of weeks ago only because it was 80% full.

Hope I'm able to help.

Barb

thanks ...
by really_clueless / December 4, 2007 3:54 AM PST
In reply to: Spyware, Viruses

Since I'm out of warranty with DELL, they were going to send me the CD's required for formatting...for a fee, of course, but the technies had no idea what to send in the first place! LOL

One technie told me a "PC Restore" is more effective than a "System Restore" only difference is that with PC restore I'd lose personal data but it is a better chance that whatever I have will be gone. What do you know of this PC restore, how is it more effective.

Happy

PC Restore VS System Restore
by bdomek / December 4, 2007 4:05 AM PST
In reply to: thanks ...

Ok. A Full PC Restore means you put the System CD in your CD/ROM drive, then tell it to totally reinstall WindowXP. But, first of all, you need to completely Format your hard drive. The outcome of doing this? You'll have wiped (sort of. Hackers can still find your stuff) your hard drive, and all the other programs and documents on your hard drive. You'll be completely starting over again. Like a whole new computer. And, putting everything back in is very time consuming. I've done it many times on computers. Even my own.

A System Restore is simply backing your whole computer up to a date before all of this headache began. It doesn't wipe out anything except maybe some documents you wrote after that restore date, some windows updates will have to be re-downloaded and installed, and your security software will have to be re-updated. Other than that little stuff, it doesn't wipe your whole hard drive out. As I said. It just goes back to a date before this mess began.

Now, it's up to you to decide which choice you'll make. No one can make it for you, although I'm sure some people will try to push you one way or the other. Don't let anyone pressure you. You take the time to think about what is easiest and best for you. Ok? And let us know how you're doing. Ok?

Barb

thank you
by really_clueless / December 4, 2007 4:16 AM PST

FIrst I'm going to try;
a. securing my router which was recommended
b. try the system retore first..

I'm just finding it daunting how DELL techies have no clue!! I specfidically told them "I DO NOT HAVE ANY RESOURCE CD'S, I LOST THEM, ARE YOU SURE BY A PC RESTORE I CAN DO THIS?" and they tell me yes. LOL

thanks i'll update.

Thank you
by bdomek / December 4, 2007 4:34 AM PST
In reply to: thank you

You're very welcome. I do hope everything works out for you. Will look forward to finding out how things turn out for you.

God Bless,

Barb

i would suggest you read
by jonah jones / December 4, 2007 4:47 AM PST
In reply to: thank you
System Restore
by bdomek / December 4, 2007 9:52 AM PST

I realize system restore isn't a cure for a serious spyware problem. But, it's a starting point when you're at the point of beating your head against a wall trying to get your computer to stabilize enough to fix the problem. Once you do the restore, then, as I told the other person who'd dealing with the spyware problem, then you go ahead & update the spyware programs, and the antivirus program, and do all the necessary scans to get rid of the spyware. I hope this point is getting through.

You definitely cannot do a Hard Drive Format without a system CD. You'd have a dead computer if you did that.

