Pop-ups and obvious spyware or viruses

Status
Not open for further replies.
A

armychick

Posts: 9   +0
Can't d/l Malwarebytes!

First, I hope this doesn't upset anyone or go against any rules of this forum. I am actually on my parents computer (yes, I'm over 18...27, in fact). While they are aware I am trying to fix their problems, my dad is especially apprehensive about downloading any "fixes" such as HJT. But after reading for an hour or so online, I believe it will be needed to expose the root cause of the problem(s). So my first question, since there are many many copycats out there, can someone post the actual place to download authentic HJT? Please? I don't want to do any more damage to this computer than alreayd has been done. :)

Second, yesterday I was attempting to download a song on this computer. While they've been having problems lately with IE8 (ever since they updated it), problems have worsened in the last 24 hours. Before, whenever you had IE8 open and chose to manually open a new tab or window, each time that new window would close, IE came up with and error message.

Today, pop-ups are appearing out of nowhere. Sometimes they come up with messages (in broken english) that seem to elude that the browser is "infected". When you click the "x" to close the message, it pops up another window.

Also, unless a website is manually typed into the address bar, it takes you to a different website. Case in point, I Googled "C:\Program Files\SpyNoMore\SNM.exe /startup" and on the second search page, attempted to go to one of the suggested sites, but as it was going to that page, it automatically changed to some outdoor channel page or something. Typically the ones it will take me to will be sites to "rid" the PC of infected malware (definitely not to be trusted!).

Additionally, if I try to go "back" from that site, it takes me to a webpage with a bunch of symbols like this "‹ÿÌVÝnãD"

Additionally, I Googled "C:\Program Files\SpyNoMore\SNM.exe /startup" and tried to click on the link provided another link, and it took me to a "Oops! This link appears to be broken" page. Although it isn't.

Sorry if so confusing. I'm just using this as a starting point, I suppose. Any help would be greatly appreciated as my parents do not want to resort to a re-format.

Thanks!
 
Read the UPDATED 8 Step sticky in this forum. Follow it step by step; don't skip any. Then post the three required logs. The sticky will even give you the safe links you requested.

From what you are describing it certainly sounds like significant infection.
 
I went to the Control Panel...but SpyNoMore isn't there. But when I ran Windows Defender earlier, that's how I found it because it was listed as running on the computer somewhere...which is what led me to Google it because I wanted to know what it was. Would it be somewhere else?
 
I'm not trying to be a pest...I promise! Just want to make sure since it's not my PC! Lol. I downloaded CCleaner. I read the "info" provided via other links about the "tray notifications cache" and "wipe free space" and I just want to confirm before I check those boxes that it's not going to delete anything on the computer itself, and that they indeed should be checked in the first place. Am I correct on that?
 
Trust me, you are not being a pest. You are in good hands with mflyn. He is very knowlegeble (no pressure Mike!) as well as a number of others here. Since your question concerns the Advance aspect of CCleaner (excellent tool; I and many others use it) I would not check that unless Mike or someone else with advance knowledge says so.
 
Just use it in Default Mode for now!

No worry on SpyNoMore as the tools of the 8 Steps will find and handle it. Don't try to add any advanced functions yet as we will advise you after we see the logs!

Mike
 
I have tried and tried to download the Malwarebytes' Anti-Malware. But whatever is wrong with the PC, it won't let me. I click d/l, then have to click the "click here if doesn't automatically start" then it takes me to the Google search "oops link is broken" page.

Any suggestions???
 
Is there a way Malwarebytes' Anti-Malware can be sent to me as an attachment or something? I have tried everything. I even went to Google then typed in the actual website. But as soon as I go to d/l it, it comes back with the link is broken page! So frustrating!
 
OK don't let one program stop you.

BTW what OS XP Vista?

Go to the next SAS and try it, if it d/l's and installs it will likely fix the d/l for MBAM!

So move down the line of the 8 Steps and install and run any that you can and let us know what does and don't work.

Also try to do the below!

Download ComboFix

Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe

Double click combofix.exe follow the prompts.

Install Recovery Console if connected to the Internet!

When finished, it will open a log.
Attach the log and a new HJT log in your next reply.

Note: Do not click combofix's window while its running. That may cause it to stall.

Mike
 
This can't be good...

I made it thru steps 1-3.

Step 4--won't let me d/l. Just takes me to the Google Search page with the "oops link is broken"

Step 5--was able to d/l. But when I click the icon or right-click--> open, it comes up with the Data Execution message saying that "SuperAntiSpyware" has encountered a problem and needs to close..."

Step 6--currently do have the recommended version 6 update 14 installed

Step 7--was able to d/l, but didn't run automatically, nor will it open at all (clicking icon or right click--> open or start-->programs-->hjt

I'm at a loss at this point...
 
Well that's why were are here, relax and we will fix it!

Go to System Restore and go back to a date before this. We will still need to run the tools after but this will expedite.

Mike
 
It got worse

mflynn said:
OK don't let one program stop you.

BTW what OS XP Vista?

Go to the next SAS and try it, if it d/l's and installs it will likely fix the d/l for MBAM!

So move down the line of the 8 Steps and install and run any that you can and let us know what does and don't work.

Also try to do the below!

Download ComboFix

Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe

Double click combofix.exe follow the prompts.

Install Recovery Console if connected to the Internet!

When finished, it will open a log.
Attach the log and a new HJT log in your next reply.

Note: Do not click combofix's window while its running. That may cause it to stall.

Mike
Click to expand...

I tried downloading the combofix from both links you provided. I was able to download from both. But, neither launched. Instead, I received the same error message (copied below) both times:

"You cannot rename ComboFix as ComboFix[1]
Please use another name, preferbaly (sic) made up of alphanumeric characters"

**intentional spelling error in above message**
 
Try to pick a day or two before the worst of this happened. it does not bother data like My Documents.

If you go back a little too far you may lose a Windows update etc no problem.

Or pick a date when you or they thought all was working!

Mike
 
Status
Not open for further replies.

Similar threads

A
New study confirms the obvious, search results are only getting worse
2
Replies
25
Views
470
hahahanoobs
hahahanoobs
M
Virus warning popup
Replies
1
Views
539
Mark Fuller
M
Shawn Knight
Amazon now delivers more packages than FedEx and UPS in the US
Replies
20
Views
439
Jerry in WA
J

Latest posts

Back