I have a 2 month old computer that's connected to the internet by a
cable modem. Somehow, I am guessing one of the users of this computer
downloaded some kind of embedded file and now my computer runs all
screwy. I have downloaded Norton Anti-Virus, SpyBot, Yahoo Anti-Virus
and Ad-aware and still can't seem to remedey the problem. I also tried
clearing my temporary internet files and cookies. I also keep getting
pop-ups for things saying that my computer is in danger. I can't keep
a start-up homepage and it always resets to either
http://win-eto.com/hp.htm?id=32729 or
http://t.swapx.cc/h.php?aid=20009. If anyone knows anything about
these symptoms, please post something so it can be remedied. All help
is appreciated. Thanks
If you have a hijack or other spyware problem, you need HijackThis and expert
advice. And when you run HJT, please post the URLs of your forum post(s).
Start by downloading each of the following additional free tools:
CWShredder <
http://www.majorgeeks.com/download4086.html>
HijackThis <
http://www.majorgeeks.com/download.php?det=3155>
LSP-Fix <
http://www.cexx.org/lspfix.htm>
WinsockXPFix <
http://www.spychecker.com/program/winsockxpfix.html>
Stinger <
http://us.mcafee.com/virusInfo/default.asp?id=stinger>
TrendMicro Engine <
http://www.trendmicro.com/download/dcs.asp>
TrendMicro Signatures <
http://www.trendmicro.com/download/pattern.asp>
TrendMicro Instructions <
http://www.trendmicro.com/ftp/products/tsc/readme.txt>
Create a separate folder for HijackThis, such as C:\HijackThis - copy the
downloaded file there. Create a separate folder for the two TrendMicro files,
such as C:\TrendMicro - copy the downloaded files there (unzipped if necessary).
CWShredder has an install routine - run it. The other downloaded programs can
be copied into, and run from, any convenient folder.
First, run Stinger. Have it remove any problems found.
Next, close all Internet Explorer and Outlook windows, and run CWShredder. Have
it fix all problems found.
Next, disable System Restore.
<
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm>
Boot your computer into Safe Mode.
http://support.microsoft.com/?id=315222
Run C:\TrendMicro\Sysclean.com. Delete any infectors found. Reboot your
computer, and re enable System Restore.
Next, run AdAware again. First update it, configure for full scan
(<
http://forums.spywareinfo.com/index.php?showtopic=11150>), then scan. When
scanning finishes, remove all Critical Objects found.
Next, run Spybot S&D again. First update it, then run a scan. Trust Spybot,
and delete everything ("Fix Problems") that is displayed in Red.
Then, run HijackThis ("Scan"). Do NOT make any changes immediately. Save the
HJT Log.
<
http://forums.spywareinfo.com/index.php?showtopic=227>
<
http://forums.spywareinfo.com/index.php?showtopic=11150>
Finally, have your HJT log interpreted by experts at one or more of the
following security forums (and PLEASE post a link to your forum posts, here):
Aumha: <
http://forum.aumha.org/index.php>
Net-Integration: <
http://forums.net-integration.net/>
Spyware Info: <
http://forums.spywareinfo.com/>
Spyware Warrior: <
http://spywarewarrior.com/index.php>
Tom Coyote: <
http://forums.tomcoyote.org/>
If removal of any spyware affects your ability to access the internet (some
spyware builds itself into the network software, and its removal may damage your
network), run LSP-Fix and / or WinsockXPFIx.