Removal

[redfox45]

I have been using S&D for years and recently found this video on how to configure it.

http://uk.youtube.com/watch?v=xdKqwN61BJY

One of the most famous problems with spybot that people somtimes say is that it doesnt actually remove some malware somtimes and when you scan again it is still being detected. I recently came across this, spybot isnt getting rid of it.

I suppose what I want to know is, is the configuration in the video the best way to set it and is there a way for me to change somthing in the program so that S&D will remove the malware?

I frequently update it and immunise whenever need be and press the hosts list button about once a month (I dont know if that is neccacary)

(I did take a quick look in FAQ but did not find this problem, if it has been posted somwhere else I apologize)

 

[md usa spybot fan]

Are there any specific problems that your Spybot scan is detecting that are not being resolved? If so, please post a log of the actual detections you are getting. To do that:

• Run another scan.
• When the scan completes, right click on the results list, select "Copy results to clipboard".
• Then paste (Ctrl+V) those results to a new post in this thread.

_______________________

Stubborn malware removal in general:

There are two things that you can try to get rid of the things that Spybot-S&D is having difficulty removing:

1. Try to run it the next time you reboot.
   • Go into Spybot > Mode > Advanced mode > Settings > Settings > look for "System start" (located half way down the page).
   • Check the option: "Run program once at next system startup".
   • Reboot the system.
2. Run it in Safe mode.
   • Reboot your system in Safe mode and run Spybot-S&D.

If Spybot-S&D still fails to remove the problems you can request assistance in the Malware Removal forum and have someone help you remove the problems. To that, follow the instructions here:

• "BEFORE you POST"(READ this Procedure before Requesting Assistance)
  http://forums.spybot.info/showthread.php?t=288

 

[redfox45]

Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

FastClick: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


DoubleClick: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


Statcounter: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


Advertising.com: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


CPXinteractive: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-02-07 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-07-11 Includes\Cookies.sbi (*)
2007-05-30 Includes\Dialer.sbi (*)
2007-07-11 Includes\DialerC.sbi (*)
2007-07-11 Includes\Hijackers.sbi (*)
2007-07-11 Includes\HijackersC.sbi (*)
2007-07-11 Includes\Keyloggers.sbi (*)
2007-07-11 Includes\KeyloggersC.sbi (*)
2007-07-11 Includes\Malware.sbi (*)
2007-07-11 Includes\MalwareC.sbi (*)
2007-07-11 Includes\PUPS.sbi (*)
2007-07-11 Includes\PUPSC.sbi (*)
2007-07-11 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-07-11 Includes\SecurityC.sbi (*)
2007-07-11 Includes\Spybots.sbi (*)
2007-07-11 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-07-03 Includes\Trojans.sbi (*)
2007-07-11 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll



Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

FastClick: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


DoubleClick: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


Statcounter: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


Advertising.com: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


CPXinteractive: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: Andy) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-02-07 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-07-11 Includes\Cookies.sbi (*)
2007-05-30 Includes\Dialer.sbi (*)
2007-07-11 Includes\DialerC.sbi (*)
2007-07-11 Includes\Hijackers.sbi (*)
2007-07-11 Includes\HijackersC.sbi (*)
2007-07-11 Includes\Keyloggers.sbi (*)
2007-07-11 Includes\KeyloggersC.sbi (*)
2007-07-11 Includes\Malware.sbi (*)
2007-07-11 Includes\MalwareC.sbi (*)
2007-07-11 Includes\PUPS.sbi (*)
2007-07-11 Includes\PUPSC.sbi (*)
2007-07-11 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-07-11 Includes\SecurityC.sbi (*)
2007-07-11 Includes\Spybots.sbi (*)
2007-07-11 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-07-03 Includes\Trojans.sbi (*)
2007-07-11 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll

 

[redfox45]

Sorry just realised same thing and cant delete

 

[redfox45]

Is safe mode default mode?

(dont you have a edit button or a delete button?)

 

[md usa spybot fan]

If you go into Start > Control Panel > Security Center > Resources (on the left hand side of the window – expand if necessary) > click "Change the way Security Center alerts me". This brings up an "Alert Setting" window.

There are three possible alerts:

• Firewall
  Alert me if my computer might be at risk because of my firewall settings
• Automatic Updates
  Alert me if my computer might be at risk because of my Automatic Updates settings
• Virus Protection
  Alert me if my computer might be at risk because of my virus protection software settings

I believe that you will find that the first and third items are unchecked. This is the cause of the following Spybot detections:

Windows Security Center.FirewallDisableNotify: Settings
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

Windows Security Center.AntiVirusDisableNotify: Settings
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

These alerts could have been turned off manually, by some security solution (see Note #1) or by malware. Spybot-S&D is alerting that there is an abnormal setting in the Windows Security Center that requires your attention.

For more information see:

• Spybot & Windows Security Centre.....warning
  http://forums.spybot.info/showthread.php?t=75

Also see:

• Why does Spybot-S&D flag changes in the Windows Security Center?
  http://www.safer-networking.org/en/faq/46.html

Note #1: Some security solutions such as McAfee SecurityCenter (if you set it as your default Security Center) or Norton Internet Security turn off these alerts and handle alerts themselves.

______________________

Tracking cookies – blocking

Advertising.com and ClickAgents are Tracking Cookies. Tracking Cookies are cookies stored on your computer by a 3rd party not directly related to the web site you're currently viewing. The intention of this cookie is to track your movement as you surf between sites.

If you are running Internet Explorer the storing of these particular Tracking Cookies can be prevented by enabling Spybot's Browser Helper Object (BHO). To do this go into Spybot-S&D > Immunize. Look in the last section labeled "Permanently running bad download blocker for Internet Explorer". Check the following:

• "Enable permanent blocking of bad addresses in Internet Explorer"

In the pull-down below "Enable permanent blocking of bad addresses in Internet Explorer" there are three options:

• Block all pages silently
• Display dialog when blocking
• Ask for blocking confirmation

Many people find the messages that this facility can produce annoying. If you would like to keep the messages from popping and still block the tracking cookies, you can do that by selecting "Block all pages silently".

There is another way to prevent the downloading of Tracking Cookies in Internet Explorer (even those not blocked by Spybot's resident BHO) as well as the storing of Tracking Cookies in other WEB browsers. See:

• Why do other anti-spyware applications detect so many more tracking cookies?
  http://www.safer-networking.org/index.php?page=faq&detail=37

______________________

From the following article:

• How Do I Boot Into Safe Mode?
  http://www.laplink.com/support/kb/article.asp?ID=102

SUMMARY

Safe Mode is a special diagnostic mode that bypasses Windows startup files, allowing you to fix problems that are keeping your computer from functioning normally. Only the keyboard, mouse, and VGA display drivers are loaded when running in Safe Mode. Other devices, including the CD-ROM, parallel ports, and serial ports may not be available.