Help ... Desktop Changes And Pop Ups

Status
Not open for further replies.
J

JSN

Hi,

My Mum D/l this pop up and I think it messed up the computer. I have Norton and SUPERAntiSpyware which removed a few things (50 xD). I Heard about HJT and got that. I ran a scan but don't know what to do delete. I will post a Log File.

What happens is that a pop up comes from the date and time area called 'system alert'. Also the desktop changes about 30sec. after logging in saying something about a spyware threat has been dectected on my PC. Also on IE it redirects sometimes, but that doesn't really matter as I use Firefox.

Can you please help guys ?

Thanks

Jee.
 
Hi, looked through your hijack this report, the file which seems to be giving you problems is the one under blue yonder, if you remove that should be ok.
Have attached a little report on blue yonder which will tell you how to remove it from the registry, take a look at this, do as it asks ( if you have any queries let me know ) run your anti - spyware virus scans again and see what happens.

Remove the file from the registry in safe mode, that way it will not have a chance to run when you start your computer normally, just press F8 when your pc is booting up, once a second should be fine, then go to the safe mode options.

Follow the attached info from there, you might be better printing it out first so you can see it while you are working without jumping around screens.

David
How to remove blueyonder-istnotifier error

The free file information forum can help you find out if blueyonder-istnotifier.exe is a virus, trojan, spyware, adware which you can remove, or a file belonging to a Windows system or an application you can trust.

blueyonder-istnotifier.exe file information

The process blueyonder - Instant Support Tool Notifier belongs to the software blueyonder - Instant Support Tool by Motive Communications, Inc (www.motive.com.
Description: blueyonder-istnotifier.exe is located in a subfolder of "C:\Program Files". The file size on Windows XP is 438359 bytes.
The program is not visible. It is not a Windows system file. The program starts when Windows starts (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). It can change the behavior of other programs or manipulate other programs. The process uses ports to connect to LAN or Internet. blueyonder-istnotifier.exe is able to monitor applications. Therefore the technical security rating is 89% dangerous, however also read the users reviews.
Important: Some malware camouflage themselves as blueyonder-istnotifier.exe, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the blueyonder-istnotifier.exe process on your pc whether it is pest. We recommend Security Task Manager for verifying your computer's security. It is one of the Top Download Picks of 2005 of The Washington Post and PC World.

As a matter of interest, is blue yonder your firewall, I personally believe Comodo Firewall Pro ( free ) and Zone Alarm ( free ) to be better.

You could give one of those a try and see what happens instead of the one you currently have.

David
 
Hi, would also remove this as well, sorry I forgot to mention it the first time, this could be what is hi jacking your browser, it is on your log report.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2

You will find the registry entry under home key, current user, software, micosoft, internet explorer, main, and check the entries, also check the section for also check your settings in control panel, add or remove programmes, if you see an entry for this in there remove the programme, the registry entry should also be removed.

When you are there, also undernet internet exporer in the registry, check registry entry, follow it through to software, if software referall is there delete the entry, if blue yonder is there, and it is not your firewall delete it.

You should go to this site www.piiriformltd.com

download ccleaner ( this will give you options to delete programmes from your pc and over write them, also has a registry clean up option on it as well, straightforward to use.

defraggle ( better than the windows one by a mile )

recuva ( this will help you recover lost files if you have deleted them by accident and they have not been over written
 
what does this entry tell you?

O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
 
Blind Dragon
I think this is meant for me, tells me he has no control panel, will leave it to you, been reading your posts each time I see them, bit on the awesome side, thought you had missed this one, hint taken
 
feel free to help, I will just keep an eye on the thread

Also wanted to point out for you as you help that the user may not have use of task manager/ regedit/ or msconfig

Also this entry is usually added by a Trojan or Worm
 
Status
Not open for further replies.

Similar threads

M
Virus warning popup
Replies
1
Views
539
Mark Fuller
M
midian182
New DoorDash pop-up warns non-tipping customers to expect a longer wait for orders
Replies
22
Views
528
coolblue
C
midian182
Google changes Bard's name to Gemini: unveils new Android app and advanced AI model
Replies
2
Views
248
Mr Majestyk
M

Latest posts

Back