spyware and windows vista

[kmartwarrior]

OK, first of all hi!

If it were too much to ask, would anyone here verify if I still have any sort of spyware in my laptop. I have been trying to follow the steps from the "how to remove viruses, spyware and malware" but the thing is that my operating system is Windows Vista and some of the programs that are recommended here are not compatible with it, including AVG anti spyware, since the only time it runs is when it is first installed. I noticed that I had spyware because of the annoying pop ups that would show up in internet explorer every 5 seconds even though I am currently using fire fox as my main browser. I ran my anti spyware program which is Webroot spy sweeper and my anitivirus software but they didn't find anything, so after using a combination of Spyware doctor, Super Anti Spyware, plus the Anti Spyware from Trend Micro I was able to find cpvfeed, along with two browser helper objects. Although they were apparently removed from my pc I was still getting some pop ups until now that I did a second scan trying to follow the steps provided in this forum.

Note: I might had followed some of the steps incorrectly since AVG wouldn't run in safe mode and the only way I could do so was while I was using my administrator account and using the reinstalation.

Also Combo fix is not compatible with Vista and before anyone yells at me, yes I don't have a firewall ( so can anyone recommend me one)


Hopefully I am able to make any sense XP

 

[momok]

Hi kmart warrior and welcome to techspot =)

You may wish to copy and paste these instructions on notepad for easier reference later.

Boot into safe mode under your normal user name (If it can't be done then use your administrator account). See how HERE

Next turn on "Show all files and folders, including hidden and system". See how HERE

Go to start > run and type services.msc. Press the enter key.
Search for the following services(if there) double click to select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

launcher

Open your task manager by pressing holding ctrl, alt and pressing del. Alternatively, use ctrl + shift + esc. Go to the processes tab, and end the following processes, if found:

launcher.exe

After that, run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

O4 - Startup: RK Launcher.lnk = ?

O13 - Gopher Prefix:

Close HJT.


Navigate in Windows Explorer and delete the following files and folders in bold.

C:\WINDOWS\SMINST\launcher.exe

Reboot into normal mode and rehide your protected OS files.

Thereafter, please post a fresh HJT log from normal mode as an attachment into this thread.


Regards,
Your friendly Momok =)

This thread is for the use of kamrtwarrior only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.