• Please make sure you are familiar with the forum rules. You can find them here: https://forums.tripwireinteractive.com/index.php?threads/forum-rules.2334636/

Spyware

Nicholas

Grizzled Veteran
Sep 16, 2010
1,275
665
Theres this program on my PC that says its infected with spyware and virus's ETC. But the program itself is blocking me from doing anything on that PC.

I honestly think its just the program itself thats the problem, I never downloaded it, and its asking me for money, is there a way I can delete this off my PC?
 
Follow these steps for your best chance of avoiding a reformat - doesn't always work but fairly good odds. I clean this stuff off half a dozen PCs every week.

  1. Boot windows into safe mode (keep tapping F8 during the BIOS).
  2. Run system restore to before the point you got infected
  3. Start Menu > Run > Type in 'msconfig' (no inverted commas), go to the startup tab and disable anything suspcious looking
  4. Goto www.piriform.com and download ccleaner, run the cleaner and then the registry cleaner twice
  5. Download Malwarebytes, update it and run a quick scan removing any items when it finishes
  6. Update your Anti-virus and run a full scan
  7. Make sure all latest windows patches are applied and you should now be ok
 
Upvote 0
What JC said is the best chance you have to fight it.

I will back this quote, therefore JC's.
The 2nd registry fix is important, then a system restore point.
It so happens that I run the exact same programs and its not by hazard.

I do run Defender but its just to keep people in Jobs...

EDIT: I have found that the Kaspersky program is very effective but it is not something I would like to be running on a regular basis.
 
Last edited:
Upvote 0
JC is spot on. You've got about a 99% shot at getting rid of it with that method.

Some of these bastards are getting clever, though, and can actually prevent Malwarebytes from running, and may even delete it out of the archive when you download it. If this happens, then there's another link - somewhere, can't remember where - that will give you the .EXE file for Malwarebytes with a randomized filename. That will get you past most of the resistant strains.
 
Upvote 0
I say your best option is to load minixp with hiren's boot cd, back up your important stuff, and format the bastard. My sister had that problem a while ago, even task manager and safe mode were locked by the virus/trojan/whatever.

I let her suffer for a few days just to teach her not to put in her pc any pendrive that arrives to her hands from her university friends (it's amazing how many idiots doesn't care if their usb units are full of viruses)
 
Upvote 0
Follow these steps for your best chance of avoiding a reformat - doesn't always work but fairly good odds. I clean this stuff off half a dozen PCs every week.

  1. Boot windows into safe mode (keep tapping F8 during the BIOS).
  2. Run system restore to before the point you got infected
  3. Start Menu > Run > Type in 'msconfig' (no inverted commas), go to the startup tab and disable anything suspcious looking
  4. Goto [url]www.piriform.com[/URL] and download ccleaner, run the cleaner and then the registry cleaner twice
  5. Download Malwarebytes, update it and run a quick scan removing any items when it finishes
  6. Update your Anti-virus and run a full scan
  7. Make sure all latest windows patches are applied and you should now be ok

Thanks for the help, I can't get it in safe mode, I try either tapping or holding F8 while its booting, but it doesn't give me any option for safe mode.
 
Upvote 0
Thanks for the help, I can't get it in safe mode, I try either tapping or holding F8 while its booting, but it doesn't give me any option for safe mode.




Okay, then you'll need the version of Malwarebytes with the random filename. Google it, you shouldn't have any trouble finding it.

It'll probably take you several run-throughs to clear everything.



One of the funniest things ever happened at my last company ... we had this one guy that was an idiot, kept getting viruses on his computer. So the boss gets the idea to put antivirus software on them. And of course, since we're a good upstanding sort of company, we're not going to pirate anything. No sir, we're going to pay full retail price to buy a copy of this stuff for every single machine in the company.

So what do you think the boss went and bought a whole bunch of copies of, using his own personal credit card?

He was sort of a retard. The force was not with him.
 
Upvote 0
I say your best option is to load minixp with hiren's boot cd, back up your important stuff, and format the bastard. My sister had that problem a while ago, even task manager and safe mode were locked by the virus/trojan/whatever.

I let her suffer for a few days just to teach her not to put in her pc any pendrive that arrives to her hands from her university friends (it's amazing how many idiots doesn't care if their usb units are full of viruses)
Yes. Unless one knows the bowels of windows well, and has some reasonable experience ferreting out things, this is by far the best way to clean things. There is no way simple 'do these steps' advice can ensure a proper cleaning, unfortunately.

Either get help from an expert you know and trust, or via one of the couple of forums that specialize in such things (i.e., no random answer posters allowed), or just back up your data, and do a clean install.

Rob
 
Upvote 0
Avira Free, Malwarebytes, and Spybot S&D did a good job removing it for me. Get Crap Cleaner as well. Run in safe mode.


Scan with Spybot every other day or daily - it only takes me 11-16 minutes to do a full system scan with it.


Edit: Try Avira's bootable anti virus CD if you can. You download it, burn it as an image, and boot from your disc drive at start up. Never used it myself, but I've heard it is good when Windows is not bootable. Just scan with it, not sure how it works though:

http://www.avira.com/en/support-download-avira-antivir-rescue-system


When I got this (or similar virus), Spybot and Mbam where blocked from starting up in Windows. Avira was able to load, but was running extremely slow. Try renaming the .exes of Mbam and it might work.
 
Last edited:
Upvote 0
Try holding the F8 key at intervals. Press and hold. release for a second. Press and hold. release for a second, etc.

If that doesn't work and if you can do anything after booting normally... (you didn't say what O/S you had) for XP you can get your comp to safe boot without the F8 key by:

  1. Start your computer in normal mode.
  2. Go to Start >> Run
  3. Type msconfig and hit Enter.
  4. Now click the BOOT.INI tab and select the check box /SAFEBOOT
  5. Just check if MINIMAL is checked or not. If it’s not checked, check it.
  6. Click on Apply and then OK.
  7. Now you are done. Next time you reboot your computer, it will start running in Safe Mode.
Now after finishing your work in the safe mode, follow the above procedure to Uncheck /SAFEBOOT and you are done. Next time you reboot your system, it will start running in normal mode.​



Vista is similar....​
 
Last edited:
Upvote 0