Virus/Spyware/Adware/Maleware. system under attack

[SamWaton]

hi Techspot

My cousin just gave me his laptop to look at, and it is seriously infected. loads of pop-ups about spyware, virus's and that this product should be downladed to get rid of it, blah blah blah

how annoying.

With all the pop-ups the laptop is getitng, its makes it seemingly difficult to do much with it. I currently have Webroot Spy sweeper runing, one that i purchased and gave to him a few months ago.
this has foudn alot of threats.

he also has various odd removal tools he has downlaoded, such as..
Spyware&maleware protection
privacy protector
error clean

he has also got and anti-virus program, Sophos antivirus
i was considering removing all thse and installing the software on your spyware/adware/malware removal instructions list.

i have had nothing but great help form this site, hope it will continiue.




tell me what you need and i will try posting it asap


greatly appreciated

Sam Watson

 

[Route44]

I'll let the experts such as Howard give the most important advice, but I can tell you that those "odd removal tools" are notorious for ADDING spyware/malware/adware. And those additions open you up for even greater infections as you testify to. Nasty, nasty, nasty.

Sophos is actually a very legitimate anti-virus program. My daughter's college utilizes this company's software for their networking. Webroot now packages a toolbar with their latest updates. Many people are having issues with their latest offerings. A shame.

I suggest following the very sound advice that this forum gives; see if your cousin has the key to Sophos because, again, it is legitimate. The only thing is is that Sophos is geared toward businesses, not for personal home use.

 

[SamWaton]

thanks for the reply

the "odd removal tools" i mentioned, arent actually installed on the system, i couldnt find any traces of them. must be links to websites.

the sophos anti-virus was given to him by his dad no doubt, he runs a large company.
he also has norton which i plan on removing and replacing with a better program, such as avast or ZA
i gave him spysweeper as i brought it but didnt use it much.

i'll wait and see what the pros have to say.
=p

thanks for the advice =)

 

[Route44]

If there are two anti-virus softwares loaded at the same time you will experience conflicts. To remove Norton fully refer to the sticky how to remove Norton completely because it leaves too much behind I like AVAST, Antivir; as for firewalls you might want to look into Comodo.

 

[SamWaton]

yeah, i hate norton

i use Avast aswell, with Kiero firewall
not had any trouble, use them both on my laptop and home pc.
commodo confused me and blocked to many things, i didnt get on with it to well

i am currently removing norton internet security of the laptop.

 

[howard_hopkinso]

Hi SamWaton:

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the Panda Antirootkit scan.

Regards Howard :wave: :wave:

This thread is for the use of SamWaton only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[SamWaton]

thanks howard, on it now

can someone post a link to the norton removal thread, i cant see it..

thanks

 

[howard_hopkinso]

Yes, no worries mate, you`ll find it HERE.

Regards Howard

This thread is for the use of SamWaton only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[SamWaton]

ok, im going to post the HJT and combo fix logs now, as i am at that point.

 

[howard_hopkinso]

So where is the AVG Antispyware log and the results of the Panda Antirootkit scan?


Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O21 - SSODL: hstsys - {6FDBF63B-182A-4FDA-867C-C50634D410E6} - C:\WINDOWS\hstsys.dll (file missing)

Click on the fix checked button.

Close HJT.

Other than the above, your log files are clean.

Can you tell me what this is?

C:\Program Files\Ozenda\WLAN\Ozenda.exe

Regards Howard

This thread is for the use of SamWaton only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[SamWaton]

my appologies

i completed step 12, with the combo fix, and it said to reply with the log and HJT log, i asumed it ment after i had done it, i have not yet done the rest.
i shall do it now

and Ozenda is a make of wireless USB adapter, that is the software for the adapter, a shop i used to wrk at sold them, rapidly.

thanks again

 

[howard_hopkinso]

Ok, no problem.

Regards Howard

This thread is for the use of SamWaton only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[SamWaton]

ok, all done

files attahced

panda anti rootkit found nothing

COULDNT UPLOAD COMBOFIX LOG, LOG PASTED BELOW (REMOVE IF YOU SEE NESECCARY)

 

[howard_hopkinso]

All clean mate.

Unless you`re still having problems, you should be good to go.

If you`re not having problems. please do the following.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.


If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of SamWaton only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[SamWaton]

thanks you very much howard
you turley are a great man!

i shall test the laptop in various ways, make sure it is working properly still.
if i find and thing else, i shall post it here.

thanks again!"

This thread is now closed: If you need this thread unlocking, please pm a moderator with a link to the thread.

Only the original thread starter can do this. Anyone else, will be ignored.