TechSpot

I have a problem

By Rimurrow
Aug 1, 2008
  1. I believe I have some spyware on my computer.

    I get a popup that says "your system is probably infected with the latest version of spyware-x log".

    also I can't open firefox or opera, and when I open internet explorer it redirects me to a page wanting me to download spywar software.

    I am in need of some help.

    Here is hijack this log
     
  2. Rimurrow

    Rimurrow TS Rookie Topic Starter

    hijack this
     

    Attached Files:

  3. Ultiweap

    Ultiweap TS Enthusiast Posts: 606

    It seems like that your PC is hardly infected by virus and spywares.

    So for a better security download Ad-aware 2008 that will help you to remove all spyware.

    Here the link for download: Ad-aware 2008

    If the problem persist them you will need to install a good antivirus as example BitDefender Total Protection or McAfee

    And if still no change I will recommend you to make a clean re-install of your windows...
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Yes, you do have spyware. I don't do the entire malware cleaning, but I will help with the HijackThis log.
    Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

    Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis. Reboot into safe mode.
    Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):
    Please note any other programs that you don't recognize in that list in your next response.
    Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete these folders (if present):
    After that, Reboot, and post a new HijackThis log here in a reply.
    You should also run and include the logs from:
    1) MBAM or SAS log
    2)Combofix log
    You will find instructions on: http://www.techspot.com/vb/topic58138.html

    You are running some real time monitoring programs. They need to be stopped or removed and have been included in the Hijack 'fix'.
     
  5. Rimurrow

    Rimurrow TS Rookie Topic Starter

    Thank you that helped the popups stop and the computer is running better now. I still can't get online with any browser, although now IE works in safe mode.

    My browsers dont work and I can't download any other programs like MBAM.

    Here is another hijack this log. I don't know what else to do.
     

    Attached Files:

  6. SpiritWind

    SpiritWind TS Rookie Posts: 164

    Hi :

    That person should have never told you to install the currently low-quality
    Ad-Aware program .

    Since your HijackThis log indicates the presence of Spybot, I recommend you ask
    THEIR experienced, highly trained, CERTIFIED, Volunteer "Malware-Fighters" for
    Help on their Support Forums at http://forums.spybot.info , SPECIFICALLY their
    "Malware Removal" sub-forum .
     
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Close all (browser) windows & rescan with hijackthis. When the scan is finished place a check in the box to the left of the following entries & click 'fix checked':
    Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

    Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):
    Click on this link in Post #15 to TurnOffBonjour:
    http://www.neowin.net/forum/index.php?showtopic=556162&st=0
    (This can come Adobe CS3 applications. And it is a part of iTunes music sharing. just do a start> run> msconfig & disable it. Also, turn off the bonjour service (set to disabled).)

    Disable the auto-update feature on the programs:
    Please note any other programs that you don't recognize in that list in your next response.

    After that, Reboot, and post a new HijackThis log here in a reply

    Check all of your internet settings in both browsers to make sure they are correct. If you are using s router, you need to determine if it is working. Set up your cable so that it bypasses the router and goes straight into the computer instead of the router. If you can establish connection that way, it means the router has gone bad or it's settings are not correct.

    For those Services you fixed, you will need to go to the Control Panel> Administrative Tools> Services. Find each Service and right click> Properties. Change Start mode to either Manual or Disable. Stop the Service from running.
     
  8. Ultiweap

    Ultiweap TS Enthusiast Posts: 606

    I think Adaware and CCleaner will be enough but install the three that zkm1223 gave you...
     
  9. Rimurrow

    Rimurrow TS Rookie Topic Starter

    My browsers still wont work and now when I try to get on in safe mode or use the calculator as a browser it says "I need ResXX\Mcsheild.dll"

    How do I download a program if My browsers don't work?

    Here is a current hijackthis log,
     
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    The reason you're getting that message is because you have uninstalled the McAfee program but left processes loading and Services running:
    Current log:
    Original log:
    Please have HijackThis fix the remaining McAfee files as shown in the 'current log'. Then try again to boot into Safe Mode and go to the Control Panel> Administrative Tools> Services> right click on each of the McAfee/Network Associates Services> Properties> set startup to Disabled> Stop the Service> Apply> OK

    You should also run and include the logs from:
    1) MBAM or SAS log
    2)Combofix log
    You will find instructions on: http://www.techspot.com/vb/topic58138.html

    Please do not install or uninstall any other programs for now. I've got to go through the various security programs you still have and look for conflicts.
     
  11. Rimurrow

    Rimurrow TS Rookie Topic Starter

    I managed to stop the popup, I can't download any of those program for some reason. Maybe because I am in safe mode?

    I can only get ie to work and only in safe mode. other browsers don't work (they don't open up and try to conect) IE says the server can't be found when I click on the links to download the other programs.
     
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You're worse off now that when this began three weeks ago!

    All of the following are new and will need to be removed:
    And I don't know why this is going on:
    We cannot do this with HijackThis alone. You will require a full malware cleaning. Please go over tot he Security Forum and follow this:
    New malware cleaning instructions from TechSpot: http://www.techspot.com/vb/post645589-1.html

    Please reference this thread: http://www.techspot.com/vb/showthread.php?p=654003#post654003

    Someone will assist you in the cleaning after you run the programs and attach the logs.
     
  13. Rimurrow

    Rimurrow TS Rookie Topic Starter

    I have tried to download those programs but IE won't let me go to those pages. I can't figure out why. I click on the link and I get the page that says it cant find the server. can I download the programs on another computer to a flash drive and then put it on my computer? what is the best way to do that?
     
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Do you have an internet connection? If you do not, you can try loading the programs on the flash drive, then running them, but I'm not sure that's going to work. I would encourage you to switch over to the Security Forum as suggested. The good people who help out there have access to more programs than I do and may be able to help you get around the 'server' problem, if that's what it is.
     
  15. papermate

    papermate TS Rookie

    try smitfraudfix
     
  16. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    papermate the support helpers here are specifically trying to repair this issue
    You are just posting anything !
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...