spyware or virus?

  • Thread starter Thread starter herbzee
  • Start date Start date
H

herbzee

Seems my friends kid may have answered too many questions on a
pop up because on boot up,Internet Explorer changes the home page from
Google Search to pop up ads and its own search engine. The address bar
says: "about" (blank) instead of location. No history on the down arrow.
It also comes up with a "coupons and offers" program, that seemed to
come out of nowhere. Any help please-or is it time to "format C:" ???
 
Do a virus check followed by spyware check using Ad-Aware
(www.lavasoftus.com) SpyBot S&D (www.safer-networking.org) You might also
try HiJackThis (i don't have the web address to hand so do a goole search
for this one) - be careful though with hijackthis because you may delete
something important. Just run it and go through the list of things it comes
up with to see if anything looks strange or shouldn't be on your system. The
other good one is CWshredder (again do a google search).
 
Sypwares can "hijack" your homepage.

Run:

AD Aware SE 1.05
Spybot: Search and Destroy 1.3
CWShredder

so as to remove t he most common one. Then, install SP2 and activate the
Pop-Up blocker function.
 
1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt383.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point


* * * Please report your results ! * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html




| Seems my friends kid may have answered too many questions on a
| pop up because on boot up,Internet Explorer changes the home page from
| Google Search to pop up ads and its own search engine. The address bar
| says: "about" (blank) instead of location. No history on the down arrow.
| It also comes up with a "coupons and offers" program, that seemed to
| come out of nowhere. Any help please-or is it time to "format C:" ???
|
 
herbzee said:
Seems my friends kid may have answered too many questions on a
pop up because on boot up,Internet Explorer changes the home page from
Google Search to pop up ads and its own search engine. The address bar
says: "about" (blank) instead of location. No history on the down arrow.
It also comes up with a "coupons and offers" program, that seemed to
come out of nowhere. Any help please-or is it time to "format C:" ???
Click to expand...

Run these programs to check for spyware/malware. After installing
update them, then boot into safe mode and run them. You should update
and run them weekly.

Cwshredder
http://www.intermute.com/spysubtract/cwshredder_download.html

Ad-aware SE
http://www.lavasoftusa.com

Spybot Search and Destroy
http://www.safer-networking.org

Bazooka Adware and Spyware Scanner
http://download.com.com/3000-2144-10247783.html

Pest Patrol Free Pest Scanner
http://www.pestscan.com/ScanOrTrial.asp

If you’re still having problems after running these then run HijackThis
and post the log to one of the specialty forums, _NOT_ this one.

HijackThis
http://www.majorgeeks.com/download.php?det=3155

Forums to Interpret HijackThis Logs:

http://www.spywareinfo.com/forums/
http://forum.aumha.org/viewforum.php?f=30
http://forums.tomcoyote.org/
http://www.wilderssecurity.com/

After your system is clean use these programs to help keep it clean:

Spywareblaster
www.javacoolsoftware.com/sbdownload.html

Spywareguard
http://www.javacoolsoftware.com/sgdownload.html

IE-SPYAD
http://www.staff.uiuc.edu/~ehowes/resource.htm

For viruses, start with Trend Micro’s Sysclean and McAfee’s Stinger.
Download them and the Sysclean signature file. Turn off system restore,
boot into safe mode and run them. Boot back into normal mode and run a
full AV scan with your normal AV program. Then turn system restore back
on.

Trend Micro Sysclean
http://www.trendmicro.com/download/dcs.asp

Trend Micro Signature File
http://www.trendmicro.com/download/pattern.asp

McAfee AVert Stinger Virus Removal Tool
http://vil.nai.com/vil/stinger/

You should also regularly run at least two of these online scans in
addition to your regular up to date AV program:

Online and Downloadable Virus Scanning:

Panda ActiveScan
http://www.pandasoftware.com/activescan/com/activescan_principal.htm

Bit Defender Online Virus Scan:
http://www.bitdefender.com/scan/license.php

Symantec Online Virus and Security Scan:
http://security.symantec.com/ssc/home.asp

TrendMicro:
http://housecall.trendmicro.com/housecall/start_corp.asp

McAfee Online Virus Scan:
http://www.mcafee.com/myapps/mfs/default.asp

RAV AntiVirus - Scan Online
http://www.ravantivirus.com/scan/

F-Secure:
http://support.f-secure.com/enu/home/ols.shtml
 
herbzee said:
Seems my friends kid may have answered too many questions on a
pop up because on boot up,Internet Explorer changes the home page from
Google Search to pop up ads and its own search engine. The address bar
says: "about" (blank) instead of location. No history on the down arrow.
Click to expand...

See http://aumha.org/a/parasite.htm and get and run CWShredder
 
I agree with the above, I use spybot search & destroy and adaware se
personal and I am as well now using microsoft's beta. spybot and adaware
are a good combo. Just beware of the antispyware companies who use the
software themselves. Definitely stay away from antispyware who will send
you those popups. spybot search and destroy and adaware are reputable
companies and as well do a good job and update well. The microsoft's beta
is good too though, i have been using it for a few weeks now. It has
real-time protection just like spybot does as well.
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

website ads 2
Search History 2
I.E.7, ... 'Browsing History' on Search/ Bing? 1
adware/spyware/hacker???? 14
Blank Start>Search pop-up window 7
Windows 10 "This site can't be reached" Error 5
SpyWare 4
adding search providers 10

Back
Top