Spyware removal: Halp?
rufio:
Ok, so I logged into Windows as Administrator and tried to install malwarebytes, but it kept claiming that "the application failed to initialize." On the other hand, I went back and logged in as myself, have had no alerts from my anti-virus, and upon going back to linux discovered no new unexpected .exes or .dlls in Documents and Settings folders or in system32. Did I kill it?
Quote from: morriganrant on 2009 May 29, 01:08:22
Good to know! Oh, if after removal you end up with an error message at Windows StartUp, saying something along the lines of missing file, with the name of the Trojan .exe or one of the files associated with it, you will have to go to Start>Run>Msconfig. Then go into Startup programs and disable them from start up. If the Trojan is the kind I think that it is, it likly added itself to the programs that open at Windows Startup. Windows will throw an error when it tries to open the file that isn't there anymore. I have yet to figure out how to completely remove programs from that list, although, I haven't put a lot of effort into looking. Just disabling them will stop the error messages.
I had no problems or weirdnesses starting Windows, though I have had a couple of alerts from my anti-virus about some program trying to insinuate itself into Windows startup, which was then blocked. Yay, anti-virus?
Quote from: Rhayden on 2009 May 29, 03:21:05
Just stopping by to P&L at you, rufio, for being a complete idiot. Way to go!
How are you, Rhayden? Enjoying your new pee shtick?
morriganrant:
Quote from: rufio on 2009 May 29, 04:44:45
Ok, so I logged into Windows as Administrator and tried to install malwarebytes, but it kept claiming that "the application failed to initialize." On the other hand, I went back and logged in as myself, have had no alerts from my anti-virus, and upon going back to linux discovered no new unexpected .exes or .dlls in Documents and Settings folders or in system32. Did I kill it?
Quote from: morriganrant on 2009 May 29, 01:08:22
Good to know! Oh, if after removal you end up with an error message at Windows StartUp, saying something along the lines of missing file, with the name of the Trojan .exe or one of the files associated with it, you will have to go to Start>Run>Msconfig. Then go into Startup programs and disable them from start up. If the Trojan is the kind I think that it is, it likly added itself to the programs that open at Windows Startup. Windows will throw an error when it tries to open the file that isn't there anymore. I have yet to figure out how to completely remove programs from that list, although, I haven't put a lot of effort into looking. Just disabling them will stop the error messages.
I had no problems or weirdnesses starting Windows, though I have had a couple of alerts from my anti-virus about some program trying to insinuate itself into Windows startup, which was then blocked. Yay, anti-virus?
Sounds like at least one of the files may still be there somewhere, that is, if that is what was trying to set itself up as a startup program. They do that so that they can keep installing themselves and to hinder removal because windows rejects your trying to delete files that are "in use". Malwarebytes not installing may be cause by the Trojan ...or there could be another problem. It would have given you an error code along with the "Failed to initialize" message. I know that Windows Defender gives an similar error when something has gone wrong with an update, usually it will need reinstalling.
Without Malwarebytes I would go along to bleepingcomputers. They have another program that they use, HijackThis, and another that is SmitFraudFix. They will walk you through if you need help.
http://www.bleepingcomputer.com/forums/forum103.html
http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html
http://siri.geekstogo.com/SmitfraudFix.php
rufio:
Well, I tried installing it again to you get you the error code (I am logged in as me, not as the Administrator) and it worked this time. I guess Windoze just sucks, or something. I'll try running it in a minute and see if it comes up with anything.
Just to clarify, the message about a program trying to set itself up as a startup program happened several days ago, not after I removed all those files. I believe it was one of the Local Settings\Temp exes, which are now all gone.
ETA: Ran malwarebytes - nothing happened, does not show up in task manager. Uninstalled and reinstalled; no change. Fail program is fail.
morriganrant:
Quote from: rufio on 2009 May 29, 06:25:47
Well, I tried installing it again to you get you the error code (I am logged in as me, not as the Administrator) and it worked this time. I guess Windoze just sucks, or something. I'll try running it in a minute and see if it comes up with anything.
Just to clarify, the message about a program trying to set itself up as a startup program happened several days ago, not after I removed all those files. I believe it was one of the Local Settings\Temp exes, which are now all gone.
ETA: Ran malwarebytes - nothing happened, does not show up in task manager. Uninstalled and reinstalled; no change. Fail program is fail.
Maybe it has issues with your partition setup? Eh, you may have gotten everything if nothing else has shown. Run anti-virus as usual, any anti-spyware programs you may have, and keep an eye on your processes for the next few days.
Navigation
[0] Message Index
[*] Previous page