endless wait circle icon

Status
Not open for further replies.
spybot

Hi OCD,
I have been away from this computer for a few days, so thanks for waiting. I am up for some housekeeping, including going back to browsing with Mozilla. Should I contact spybot before reinstalling it? They owe me about $14 if I can't re-install it. How would I contact them? They already prompted me for my email and were supposed to contact me as part of the de-installation process but they never responded.
Thanks!
 
Hi Samwise,

Should I contact spybot before reinstalling it? They owe me about $14 if I can't re-install it. How would I contact them? They already prompted me for my email and were supposed to contact me as part of the de-installation process but they never responded.
I would go ahead and hold off reinstalling Spybot until you can get a hold of them and see what they say about the problems you have encountered. You can go here and fill out a support ticket. Since I have no affiliation with Spybot, I can't give you any assurances as to how soon they might respond.

========================

We have a "little housekeeping" to take care of before we get to the All Clean Speech.

=========================

Clean up with OTL:
  • Right-click OTL.exe select "Run as Administrator" to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.
=========================

Removing/Uninstalling AdwCleaner:
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
=========================

You can now delete any tools and/or logs remaining on your desktop.

=========================

Delete All But the Most Recent Restore Point
  1. Open Disk Cleanup by clicking the Start button
    start.jpg
    . In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.
  2. If prompted, select the drive that you want to clean up, and then click OK.
  3. In the Disk Cleanup for (drive letter) dialog box, click Clean up system files.
    adminshield.jpg
    Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  4. If prompted, select the drive that you want to clean up, and then click OK.
  5. Click the More Options tab, under System Restore and Shadow Copies, click Clean up.
  6. In the Disk Cleanup dialog box, click Delete.
  7. Click Delete Files, and then click OK.
=========================

With the above items taken care of let's move on to the All Clean part of the process.

The following procedures are recommendations for helping to keep your system running smoothly. If you are currently satisfied with how your system is running some or all of these may not pertain to you. Implement what you need.

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:

Make your Internet Explorer more secure - This can be done by following these simple instructions:
  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.
Make your Mozilla Firefox more secure - This can be done by adding these add-ons:
Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

Free Anti-Virus
Free Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here.
Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

WOT (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place?

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.
 
okay..

I've filed a log with spybot and will begin to work on the rest of it soon and let you know. Thanks again.
 
spybot help response

Does this make sense to you?:

Hello,

If you are having issues with Internet Connnectivity then your problems are probably caused by the Spybot proxy.

Here is how to disable the proxy:

• Open the Spybot – Search & Destroy “Start Center“.


• Click on “Advanced User Mode” at the bottom left of the “Start Center”.


• Rightclick on “Settings“ and choose "Run as administrator".


• Choose the tab “Internet Protection".


• Here you can untick the checkbox in front of "Use Spybot proxy".


• Click “Apply” and then “OK”.




You can disable the Services that you currently do not need, which could be causing perfomance issues with your PC .

Please run the "Start Center" and switch to "Advanced User Mode".

Now right click on "Settings" and choose "Run as Administrator".

Under the tab "System Services" you can untick the check boxes which say "Active after every reboot".

Don't forget to click "Apply“ and "OK“ afterwards.


--
Regards,
Robert
Team Spybot

--------------------------------------------------------------------------------
Spybot-Search & Destroy Home: http://www.safer-networking.org
Spybot-Search & Destroy Forum: http://forums.spybot.info
 
Hi Samwise,

Yes, it does make sense, but that may depend on the version of Spybot you have. I believe older version don't have the Start Center. I have included some screenshots for reference.

• Open the Spybot – Search & Destroy “Start Center“.
• Click on “Advanced User Mode” at the bottom left of the “Start Center”.
• Rightclick on “Settings“ and choose "Run as administrator".
• Choose the tab “Internet Protection".
• Here you can untick the checkbox in front of "Use Spybot proxy".
• Click “Apply” and then “OK”.




  • Please run the "Start Center" and switch to "Advanced User Mode".
  • Now right click on "Settings" and choose "Run as Administrator".
  • Under the tab "System Services" you can untick the check boxes which say "Active after every reboot".
  • Don't forget to click "Apply“ and "OK“ afterwards.




Let me know if you additional questions.
 
Follow up notes

Hi OCD, Before preceding with installing and adjusting the settings on Spybot, I wanted to follow the rest of your clean up instructions. After a reboot, I got the Mcaffee security scan pop up saying it installed with recent software. I was paying attention and nowhere did I see a box checked/or unchecked to install Mcaffee. I really don't want it because of the daily pop up ads. I tried to uninstall it with revo, which is now asking for payment. Also, the uninstall function in the control panel can't uninstall it, it just sits there and when you re-click on it it says wait for the current uninstall to finish. I probably shouldn't install spybot now until Mcaffee if removed. Also, here are my notes IN CAPS on each step:

Clean up with OTL:
WORKED FINE.


=========================

Removing/Uninstalling AdwCleaner:

SEEMED TO WORK FINE.

=========================

You can now delete any tools and/or logs remaining on your desktop.

=========================
I ONLY FOUND ONE LOG AND NO TOOLS.

Delete All But the Most Recent Restore Point

Open Disk Cleanup by clicking the Start button . In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.
If prompted, select the drive that you want to clean up, and then click OK.
In the Disk Cleanup for (drive letter) dialog box, click Clean up system files. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
If prompted, select the drive that you want to clean up, and then click OK. NO OPTION TO SELECT A DRIVE.
Click the More Options tab, under System Restore and Shadow Copies, click Clean up. THIS STEP NEVER OCCURRED.
In the Disk Cleanup dialog box, click Delete.
Click Delete Files, and then click OK.
NOTHING SEEMED TO HAPPEN AT THIS POINT.

=========================


This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection. SINCE THIS WAS NOT AN INFECTION, I AM NOT CHANGING MY PASSWORDS. CORRECT?



Make your Internet Explorer more secure - This can be done by following these simple instructions:
ALL INDICATED BOXES WERE CHECKED AS INDICATED ALREADY, WE MUST HAVE DONE THIS PREVIOUSLY.


Make your Mozilla Firefox more secure - This can be done by adding these add-ons: I RE-INSTALLED FIREFOX, BUT IT WOULD ONLY INSTALL VIA RIGHT CLICKING AND RUNNING AS ADMINISTRATOR.

NoScript
AdBlockPlus
I INSTALLED BOTH OF THESE PROGRAMS. NOSCRIPT IS WORKING FINE, I HAVE NOT SEEN ADBLOCKPLUS DO ANYTHING YET.

Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
I WOULD RATHER GET THE SPYBOT WORKING, SO I DON'T HAVE TO BOTHER WITH THE ADS THAT COME WITH THE "FREE" ANTIVIRUS PROGRAMS.

Free Firewall

Online Armor Free THIS SEEMS TO BE WORKING FINE. I AM ASSUMING IT WON'T INTERFERE WITH THE WINDOWS FIREWALL?

Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open. OKAY, LAST UPDATE WAS 1-16 AND ONE IMPORTANT UPDATE WAS AVAILABLE AND WAS INSTALLED TODAY.



Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

OCD
 
Hi Samwise,

OTL - OK

AdwCleaner - OK

Other tools & logs - OTL clean up removes most of the tools & logs automatically.

Restore Points - Here is what you should have seen in this step:















All items listed after the Restore Point step is a recommendation only. Those are suggestions only.

Passwords - you should be fine, but it is always good practice to change your passwords periodically.

IE - your choice

Firefox add-ons - your choice

AV - use whatever program you prefer. If you can get Spybot to work the way you want it to then use it

Firewall - you should only have one (1) firewall installed and running at any one time. If your using a 3rd party FW, then you must disable the Windows Firewall.

Any other questions?
 
questions

I was not given the drive prompts, maybe because C is my default main drive (?), but it did otherwise seem to work as your graphics show, when I just re-did it.

How can I get rid of that Mcaffee, to make way for spybot, if the control panel can't do it?

Is the firewall you linked better than the windows firewall?

Thank you!
 
Hi Samwise,

I was not given the drive prompts, maybe because C is my default main drive (?), but it did otherwise seem to work as your graphics show, when I just re-did it.

1. - How can I get rid of that Mcaffee, to make way for spybot, if the control panel can't do it?

2. - Is the firewall you linked better than the windows firewall?

Thank you!

1. - Try this tool to remove McAfee:

Download the McAfee Consumer Product Removal tool and run it.

MCPR.exe
  • Click Save, and save the file to a folder on your computer.
  • Navigate to the folder where the file was saved.
  • Ensure that all McAfee windows are closed.
  • Double-click MCPR.exe to run the removal tool.
    • NOTE: Windows Vista , 7, 8 users must right-click MCPR.exe and select Run as Administrator.
  • Restart your computer after receiving the message CleanUp Successful.
  • Your McAfee product will not be fully removed until the system is restarted.
=========================

2. - Both are good, it boils down to user preference.
 
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
 
Status
Not open for further replies.
Back
Top