Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Spyware removal

Posted on 2006-07-10
6
Medium Priority
?
345 Views
Last Modified: 2013-11-16
Can't change home page. Everytime I open internet explorer a windows alert pops up that says i need spyware removal and if I click ok then it takes me to a malwarwipe web page.  Also every now and then a little yellow alert will pop up in the task bar in the lower right cotner of the screen and if I click on that it takes me to a different spyware removal tool site.  What can I do beside give in and buy this spyware romoval tools.  I already have norton internet security 2005.  I try scanning my system and notta.  Please help.

-James
0
Comment
Question by:JAMES125
  • 3
  • 2
6 Comments
 
LVL 44

Accepted Solution

by:
zephyr_hex (Megan) earned 2000 total points
ID: 17077781
fyi
norton internet security does very little in the way of protecting you against spyware...

for us to help, we should start with a hijackthis log.  run hijackthis and it will produce a log.  copy/paste the log into here:
http://www.hijackthis.de .  that site will analyze the log.  at the bottom of the analysis is a link to save the analysis.  save it and post the LINK to your saved analysis here.

you can get hijackthis here: http://www.majorgeeks.com/download3155.html
0
 

Author Comment

by:JAMES125
ID: 17077796
When I click on your second link it gives me a black web page with nothing on it.
0
 
LVL 44

Expert Comment

by:zephyr_hex (Megan)
ID: 17077843
are you trying to do this from the infected computer?  if so, you will need to find another computer from which to do your download.

other resources for hijackthis:
http://www.merijn.org/downloads.html  (scroll down to the Office Downloads section)
http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/HijackThis.shtml
http://www.download.com/HijackThis/3000-8022_4-10379544.html

or google it... it's all over the place.  you'll want version 1.99
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 15

Expert Comment

by:greyknight17
ID: 17077918
Print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Download smitRem at http://noahdfear.geekstogo.com/click%20counter/click.php?id=1 and save the file to your desktop.

NOTE: If you have Windows 9x/ME, you don't need to use Ewido (skip this step).
Download and install Ewido http://www.ewido.net/en/download/
Double-click the Ewido icon on your desktop to run it.
On the top of the main screen click Shield. Click the word active to change it to inactive.
On the top of the main screen click 'Update'. Then click on 'Start update'. The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can get the manual update at http://download.ewido.net/ewido-signatures-full-current.exe
When you have finished updating, exit Ewido.

Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknight17.com/spy/CleanUp.exe ) and install it. Don't run it yet.

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.

If running CleanUp! for the first time, it will ask you if you want to run it in Demo Mode. Don't run it in Demo mode...we want to do the actual cleanup now. CleanUp! deletes EVERYTHING out of your temp/temporary folders. It will also delete the cookie files. It does not make backups. If you have any documents or programs that are saved in any Temporary Folders, make a backup of these before running CleanUp!. Run CleanUp! and click on the CleanUp! button. Let it run. After it's done, click the Close button and choose Yes to logoff.

Run the smitRem.exe tool you downloaded earlier. There should be a folder called smitrem created on your desktop. Open it and double click on the RunThis file. Follow the prompts on the screen. Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Post that log along with all others requested in your next reply.

Make sure all windows are closed. Run Ewido.
Click 'Scanner'. Then click 'Complete System Scan' to begin scanning.
When the scan is complete click 'Recommended Action' and change it to 'Quarantine'.
Then click 'Apply all actions'.
Once finished, click the 'Save report' button. Then click 'Save Report As' and save it to your desktop.

Right click on your desktop and go to Properties. Then go to the Desktop tab and click on Customize Desktop. Go to the Web tab and delete everything there except My Current Home Page (which should be unchecked). Click OK.

Restart your computer to get back to Normal Mode.

Perform an online scan with Internet Explorer at Panda ActiveScan http://www.pandasoftware.com/products/activescan.htm

* Click on 'Scan your PC' button. There should be a popup - if you have a pop-up blocker, make sure it's not blocking it.
* Click 'Check Now' & a pop-up window will appear.
* Enter your Country, State and E-mail Address & click 'Scan Now' - begin downloading Panda's ActiveX controls (8 MB size).
* Begin the scan by selecting My Computer.
* If it finds any malware, it will offer you a report. Ignore any entry it finds (since it wants you to buy the program for removal) as we will address this later.
* Click on see report. Then click Save report.
* Post that log in your next reply.

Then post the Panda log here along with the logs for smitfiles.txt, Ewido and a new HijackThis log.

You may post a link to the analyzed HijackThis log when ready.
0
 

Author Comment

by:JAMES125
ID: 17078045
Sorry I really don't have the time for all this right now.  I will try what you say later.  If you want you can check back with me but I will go ahead and give you the points anyway.

Thanks, James
0
 

Author Comment

by:JAMES125
ID: 17078297
Just for the record the first response worked perfect.

Thanks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question