Hi,

I am using Spyware Doctor 7 on Windows XP SP3. I recently upgraded from 6 which had the same issue I describe below.

My daughter's PC is extremely infected. Spyware Doctor with Antivirus (SD) cleans the mess, but on reboot all the settings I made are gone and many infections are back. SD is no longer running, several options like searching for rootkits, etc that I checked are unchecked and SD thinks it hasn't run, though I did it moments ago before a reboot. "Intelligaurd" and "Immunization" features are off, though I turned them on. Each reboot is the same. I also can't run Windows Update from her PC. Earlier I couldn't boot to safemode, though some registry repair fixed that. I found that my SD would not run in safemode. I found fishy holes in her firewall and closed them. My recent scans and fixes have done disconnected from the Internet.

I suspect that a virus is preventing SD from running on startup or retaining the settings that might actually remove certain viruses. Does anyone have a suggestion?

Thanks!

Dan

check out the various answers to similar questions that haapy has given. Do a search under haapy's name and locate his answers on how to handle infected machines. Usually involves sequential scans with different scanners that haapy recommends. A long process but at least on this board people have reported real success

good luck

Hi Tigertheboo,

Thank you for the reply. I have been checking some of Haapy's posts and I am still searching. It appears that I lack the PC Tools Startup and Shutdown Monitor service. Is that normal? What can be done? I have two other PC Tools services and Threatfire. Right or wrong, I have set those to start automatically. They were all manual.

Dan

Dan,

There is ton of info in this post.

http://www.pctools.com/forum/showthread.php?t=56903

The following is the cliffs notes version:

I suggest that you do a systematic cleanup. You need to use multiple tools and this will take a lot of scan time.

Clean Restore Points
Manually create a new restore point
\Windows\system32\restore\rstrui.exe

Run Disk Cleanup
\windows\system32\cleanmgr.exe
and choose options , delete all but the current restore point.

Download, install and run CCleaner with Cleaner and Registry options.

If you have Spyware Doctor, perform an update and full scan. Temporarily disable it.

If you have an Antivirus program, perform an update and full scan. Temporarily disable it.

Download, install and update and scan Avira free edition antivirus.

Download, install and update and full scan Superantispyware.

Download, install and update and full scan Malwarebytes Antimalware.

Uninstall or disable the real time protection of Superantispyware (it has real time protection that may conflict with SD).

Uninstall or disable real time protection of Avira (you never want more than one AV program running).

Malwarebytes is OK to leave as is.

Enable Spyware Doctor and your antivirus program.

Re-boot.

If this does not clean up your system, then you have some really bad malware and it will take a lot more time to research and find out what it is.

When you are all done, you should have only Spyware Doctor and the Antivirus of your choice in the Information Tray.

You may have to uninstall and reinstall SD.

Wow, that was a lot of useful information. I will get to it.

I suspect that the infections will attempt to block some of those downloads. Do you have any suggests about getting the new tools on the PC as safely as possible?

Thanks again.

Try in normal mode first, if that does not work then try safe.

Do the cleanups (temp files, Registry, etc.) first, many times that helps the process. Been awhile since I read my own stuff, but also do HiJackThis early. Be careful what you delete, if you do not know, then don't. Google first. There is a HiJackTis tutorial in thes forum as well.. do a search.

Good luck.