[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

spyware removal software

Posted on 2006-11-10
10
Medium Priority
?
419 Views
Last Modified: 2010-04-12
How can I tell if a URL is a "valid" site...or one that is trying to get me to download spyware?

For example:


http://www.iesecuritybar.com/remove_spyware/



also...my home page is set to

iesecurepage.com

and I cannot change it through Internet Options in IE.



What is some VALID, FREE  software for removing spyware, adware, etc.?
0
Comment
Question by:Tom Knowlton
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 58

Assisted Solution

by:amit_g
amit_g earned 800 total points
ID: 17918994
Download and run spybot search and destroy from

http://www.safer-networking.org/en/index.html

You may have to run it a few times before it is totally clean.
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 1200 total points
ID: 17919622
Hi,
This one.

 Please download SmitfraudFix:
http://siri.geekstogo.com/SmitfraudFix.php
Extract the content (a folder named SmitfraudFix) to your Desktop.
Next, please reboot your computer in Safe Mode by rebooting the computer,
and repeatedly tapping the F8 key as the pc starts. Choose "Safe Mode" from
the options listed.
 
Once in Safe Mode, open the SmitfraudFix folder again and double-click
smitfraudfix.cmd
 
Select option #2 - Clean by typing 2 and press "Enter" to delete infected
files.
 
You will be prompted : "Registry cleaning - Do you want to clean the
registry?" answer "Yes" by typing Y and press "Enter" in order to remove
the Desktop background and clean registry keys associated with the
infection.
 
The tool will now check if wininet.dll is infected. You may be prompted to
replace the infected file (if found); answer "Yes" by typing Y and press
"Enter".
 
The tool may need to restart your computer to finish the cleaning process;
if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17919624
If problem persists, then we need to look at your hijackthis log to check for other malware in your system.

Please download HijackThis 1.99.1
http://www.cyberanswers.org/forum/uploads/HijackThis1991.exe
http://danborg.org/spy/hjt/alternativ.exe
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

Then upload the logs to any hosting sites,
or go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

OR: paste the log to either of these sites:
1. http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here.

2. or at --> http://www.hijackthis.de/ 
and click "Analyse", click "Save".  Then post the link to the saved list here.

0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17919649
It's hard to know when a url is bad or not. For example this site --> http://www.errorsafe.com 
many would think that the site is legit but in fact it is fraud.

Take a look at few of these variants of smitfraud family of infections, they all claim to be good and really convincing but they are bad bad bad.
1. http://www.spysheriff.com/
2. http://www.spywarequake.com/
3. http://www.spyaxe.com/
4. http://www.virusburst.com/
5. http://www.powercodec.com/
0
 
LVL 5

Author Comment

by:Tom Knowlton
ID: 17921211
Spybot Search and Destroy found the Smitfraud file.
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17921367
You've got to be kidding!
Spybot can not remove smitfraud infection!
0
 
LVL 5

Author Comment

by:Tom Knowlton
ID: 17921401
Huh...perhaps it was just letting me know it found it.  ;)

In the end it actually seems to be the AVG software that got rid of the Home Page redirection.
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17921440
What you described in your topic is an active smitfraud infection,
AVG(formerly Ewido) doesn't remove it either, :)

I've got to bookmark this thread to show people what AVG did for you.
0
 
LVL 5

Author Comment

by:Tom Knowlton
ID: 17922117
Okay..so the smitfraud infection is something else.

All I know is the iesecurepage.com redirection is gone.  I can now set my Home Page, and it will go to the Home Page, not to iesecurepage.

Tom
0
 
LVL 7

Expert Comment

by:dttri
ID: 17929475
Greetings,
I was infected by Smitfraud sometimes ago and Kaspersky help me remove it. Check my question on EE about my case:

http://www.experts-exchange.com/Security/Q_21415883.html
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question