Spyware

  • Please make sure you are familiar with the forum rules. You can find them here: https://forums.tripwireinteractive.com/index.php?threads/forum-rules.2334636/
  • Weve updated the Tripwire Privacy Notice under our Policies to be clearer about our use of customer information to come in line with the EU General Data Protection Regulation (GDPR) rules that come into force today (25th May 2018). The following are highlights of our changes:


    We've incorporated the relevant concepts from the GDPR including joining the EU and Swiss Privacy Shield framework. We've added explanations for why and how Tripwire processes customer data and the types of data that we process, as well as information about your data protection rights.



    For more information about our privacy practices, please review the new Privacy Policy found here: https://tripwireinteractive.com/#/privacy-notice

Nicholas

FNG / Fresh Meat
Sep 16, 2010
1,275
665
0
Theres this program on my PC that says its infected with spyware and virus's ETC. But the program itself is blocking me from doing anything on that PC.

I honestly think its just the program itself thats the problem, I never downloaded it, and its asking me for money, is there a way I can delete this off my PC?
 

Nicholas

FNG / Fresh Meat
Sep 16, 2010
1,275
665
0
What is it?

Its System Tool, I googled it on my other computer and its actually a virus itself, trying to get money out of me, theres no way I can delete it and its blocking me from doing anything else.
 

C_Gibby

FNG / Fresh Meat
Jan 18, 2010
7,275
2,716
0
Oh man, I had one of these. When trying to fix it, I came close and after that, every time I started up the PC I got a BSOD every time so I had to send it away to get fixed... :(
 

JCoquillon

FNG / Fresh Meat
Nov 21, 2005
874
134
0
38
Europe
Follow these steps for your best chance of avoiding a reformat - doesn't always work but fairly good odds. I clean this stuff off half a dozen PCs every week.

  1. Boot windows into safe mode (keep tapping F8 during the BIOS).
  2. Run system restore to before the point you got infected
  3. Start Menu > Run > Type in 'msconfig' (no inverted commas), go to the startup tab and disable anything suspcious looking
  4. Goto www.piriform.com and download ccleaner, run the cleaner and then the registry cleaner twice
  5. Download Malwarebytes, update it and run a quick scan removing any items when it finishes
  6. Update your Anti-virus and run a full scan
  7. Make sure all latest windows patches are applied and you should now be ok
 

Nicholas

FNG / Fresh Meat
Sep 16, 2010
1,275
665
0
Oh, God.... Sending it away would really suck, reformatting it would be a huge inconvenience, I'll try to fix it, I have several family members that are computer experts, I'm waiting for their response.
 

SMIFF

FNG / Fresh Meat
Sep 19, 2009
1,815
804
0
I had something similar before (Windows defender) or something.

A quick scan and remove with Malware Bytes sorted it.
 

Yoshiro

In Soviet Russia, Yoshiro is a cake
Staff member
Oct 10, 2005
13,138
3,965
113
What JC said is the best chance you have to fight it.
 

fiftyone

FNG / Fresh Meat
May 6, 2006
5,451
284
0
What JC said is the best chance you have to fight it.

I will back this quote, therefore JC's.
The 2nd registry fix is important, then a system restore point.
It so happens that I run the exact same programs and its not by hazard.

I do run Defender but its just to keep people in Jobs...

EDIT: I have found that the Kaspersky program is very effective but it is not something I would like to be running on a regular basis.
 
Last edited:

Peter.Steele

FNG / Fresh Meat
Sep 6, 2006
2,128
779
0
Chambers of the Grand Council
JC is spot on. You've got about a 99% shot at getting rid of it with that method.

Some of these bastards are getting clever, though, and can actually prevent Malwarebytes from running, and may even delete it out of the archive when you download it. If this happens, then there's another link - somewhere, can't remember where - that will give you the .EXE file for Malwarebytes with a randomized filename. That will get you past most of the resistant strains.
 

Moyako

FNG / Fresh Meat
Jan 10, 2008
2,163
636
0
Venezuela
www.xfire.com
I say your best option is to load minixp with hiren's boot cd, back up your important stuff, and format the bastard. My sister had that problem a while ago, even task manager and safe mode were locked by the virus/trojan/whatever.

I let her suffer for a few days just to teach her not to put in her pc any pendrive that arrives to her hands from her university friends (it's amazing how many idiots doesn't care if their usb units are full of viruses)
 

Nicholas

FNG / Fresh Meat
Sep 16, 2010
1,275
665
0
Follow these steps for your best chance of avoiding a reformat - doesn't always work but fairly good odds. I clean this stuff off half a dozen PCs every week.

  1. Boot windows into safe mode (keep tapping F8 during the BIOS).
  2. Run system restore to before the point you got infected
  3. Start Menu > Run > Type in 'msconfig' (no inverted commas), go to the startup tab and disable anything suspcious looking
  4. Goto [url]www.piriform.com[/URL] and download ccleaner, run the cleaner and then the registry cleaner twice
  5. Download Malwarebytes, update it and run a quick scan removing any items when it finishes
  6. Update your Anti-virus and run a full scan
  7. Make sure all latest windows patches are applied and you should now be ok

Thanks for the help, I can't get it in safe mode, I try either tapping or holding F8 while its booting, but it doesn't give me any option for safe mode.
 

Peter.Steele

FNG / Fresh Meat
Sep 6, 2006
2,128
779
0
Chambers of the Grand Council
Thanks for the help, I can't get it in safe mode, I try either tapping or holding F8 while its booting, but it doesn't give me any option for safe mode.




Okay, then you'll need the version of Malwarebytes with the random filename. Google it, you shouldn't have any trouble finding it.

It'll probably take you several run-throughs to clear everything.



One of the funniest things ever happened at my last company ... we had this one guy that was an idiot, kept getting viruses on his computer. So the boss gets the idea to put antivirus software on them. And of course, since we're a good upstanding sort of company, we're not going to pirate anything. No sir, we're going to pay full retail price to buy a copy of this stuff for every single machine in the company.

So what do you think the boss went and bought a whole bunch of copies of, using his own personal credit card?

He was sort of a retard. The force was not with him.
 
H

HeyCarnut

Guest
I say your best option is to load minixp with hiren's boot cd, back up your important stuff, and format the bastard. My sister had that problem a while ago, even task manager and safe mode were locked by the virus/trojan/whatever.

I let her suffer for a few days just to teach her not to put in her pc any pendrive that arrives to her hands from her university friends (it's amazing how many idiots doesn't care if their usb units are full of viruses)
Yes. Unless one knows the bowels of windows well, and has some reasonable experience ferreting out things, this is by far the best way to clean things. There is no way simple 'do these steps' advice can ensure a proper cleaning, unfortunately.

Either get help from an expert you know and trust, or via one of the couple of forums that specialize in such things (i.e., no random answer posters allowed), or just back up your data, and do a clean install.

Rob
 

Flogger23m

FNG / Fresh Meat
May 5, 2009
3,440
538
0
Avira Free, Malwarebytes, and Spybot S&D did a good job removing it for me. Get Crap Cleaner as well. Run in safe mode.


Scan with Spybot every other day or daily - it only takes me 11-16 minutes to do a full system scan with it.


Edit: Try Avira's bootable anti virus CD if you can. You download it, burn it as an image, and boot from your disc drive at start up. Never used it myself, but I've heard it is good when Windows is not bootable. Just scan with it, not sure how it works though:

http://www.avira.com/en/support-download-avira-antivir-rescue-system


When I got this (or similar virus), Spybot and Mbam where blocked from starting up in Windows. Avira was able to load, but was running extremely slow. Try renaming the .exes of Mbam and it might work.
 
Last edited:

BoyarPunk

FNG / Fresh Meat
May 29, 2008
33
9
0
The Zone
Oh, God.... Sending it away would really suck, reformatting it would be a huge inconvenience, I'll try to fix it, I have several family members that are computer experts, I'm waiting for their response.

Hehheh. My ears are ringing, Nick.
BTW, were you able to fix it?
 

Floyd

FNG / Fresh Meat
Feb 19, 2006
4,313
725
0
Waterproof
www.ro50pc.net
Try holding the F8 key at intervals. Press and hold. release for a second. Press and hold. release for a second, etc.

If that doesn't work and if you can do anything after booting normally... (you didn't say what O/S you had) for XP you can get your comp to safe boot without the F8 key by:

  1. Start your computer in normal mode.
  2. Go to Start >> Run
  3. Type msconfig and hit Enter.
  4. Now click the BOOT.INI tab and select the check box /SAFEBOOT
  5. Just check if MINIMAL is checked or not. If it’s not checked, check it.
  6. Click on Apply and then OK.
  7. Now you are done. Next time you reboot your computer, it will start running in Safe Mode.
Now after finishing your work in the safe mode, follow the above procedure to Uncheck /SAFEBOOT and you are done. Next time you reboot your system, it will start running in normal mode.​



Vista is similar....​
 
Last edited:

Nicholas

FNG / Fresh Meat
Sep 16, 2010
1,275
665
0
Thanks for the help guys, my PC couldn't even get into safe mode, so my cousin who is a computer expert invited me over his house for dinner to fix it, and now its fixed with free anti virus software!