1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: system restore/spyware

Discussion in 'Virus & Other Malware Removal' started by adamtheaxe, Sep 27, 2008.

Thread Status:
Not open for further replies.
  1. adamtheaxe

    adamtheaxe Thread Starter

    May 29, 2004

    hope someone can help me with this one.

    I am trying to fix my brother's computer which recently has been infected with spyware. it is running Windows Xp but there is a program that keeps popping up where it supposedly is checking for spyware and then asking for $34.95 to continue. I am not in front of the computer right now but the program looks like a legit Microsoft program. it's called MS something but I cannot get it out of the computer.

    I wanted to use the system restore and that won't even work. Anyone know how I can get the system restore working and possibly remove this spyware program in the computer?

    Thanks a lot!
  2. sjpritch25


    Sep 8, 2005
    Welcome to TSG :)

    Please click Here to download HijackThis to your desktop.

    Click the Download button. When the Trend Micro HJT install box appears, double click on the HJTInstall.exe. Click on Install.

    It will be installed by default here: C:\Program Files\Trend Micro\HijackThis

    A shortcut to the application will also be placed on your Desktop.

    The program will open automatically after installation.

    You can double-click the icon that was placed on the Desktop to run subsequent HijackThis scans or you can use the icon inside the folder. The folder HijackThis is where you will find the HJT logs that you save. When you use the application to remove anything, you will also find the backup copies made by HJT inside this folder.

    Close all other windows except HijackThis.

    Click on "Do a system scan and save logfile" When the log pops up in Notepad, copy and paste that file back here.

    Do NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.
  3. adamtheaxe

    adamtheaxe Thread Starter

    May 29, 2004
    Hi. Thanks for the response! I won't be near the computer until tomorrow so I will send it once I get to the system.

    Quick question though. Is there any kind of spyware remover or quick virus scan that I could download onto a disk to bring over to his computer? I normally use Housecall but I cannot even get it on his computer. Any site like that(Trend Micro, Norton, McAfee) all get redirected to this spyware-ish site. I've never seen anything like it.

    Thanks again!
  4. sjpritch25


    Sep 8, 2005
    There is

    Please download Malwarebytes Anti-Malware from Here or Here
    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform Quick Scan, then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply with a fresh Hijackthis log too.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer, please do so immediately.
  5. adamtheaxe

    adamtheaxe Thread Starter

    May 29, 2004
    Well, I tried that program and everything worked out ok. the computer wasn't even able to log on to techsupportguy.com so I couldn't even post the hijack this link but everything is running smoothly so I guess we'll leave it at that. Thanks for all your help!! (y)
  6. sjpritch25


    Sep 8, 2005
    Okay. Your Welcome

    Now that your system is clean you should SET A NEW RESTORE POINT to prevent future reinfection from the old restore point AFTER cleaning your system of any malware infection. Any trojans or spyware you picked up could have been saved in System Restore and are waiting to re-infect you. Since System Restore is a protected directory, your tools can not access it to delete files, trapping viruses inside. Setting a new restore point should be done to prevent any future reinfection from the old restore point and enable your computer to "roll-back" in case there is a future problem.

    1. Go to Start > Programs > Accessories > System Tools and click "System Restore".
    2. Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
    3. Then go to Start > Run and type: Cleanmgr
    4. Click "OK".
    5. Click the "More Options" Tab.
    6. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

    Graphics for doing this are in the following links if you need them.
    How to Create a Restore Point.
    How to use Cleanmgr.


    Here is some useful information on keeping your computer clean:
    1. Most important thing is to make sure Windows is kept up to date with the latest patches and updates from Windows Update.
    2. Here are two great Preventive programs
    • SpywareBlaster protects you from malicious ActiveX controls and cookies. Make sure and check for updates twice a month.
    • Surf Safe with McAfee's SiteAdisor. SiteAdisor will work with Internet Explorer and Mozilla Firefox. SiteAdisor is a browser plugin that assigns a safety rating to domains listed in your search engine. SiteAdvisor uses the following color codes to indicate the safety level of each site.
    • Red for Warning
    • Yellow for Use Caution
    • Green for Safe
    • Grey for Unknown

    Here are the link to install SiteAdisor in Internet Explorer and Firefox
    • Anti-Spyware Programs I Recommend:
    • Free Anti-Spyware Programs
    • Free Firewalls
    1. Sunbelt Personal Firewall
    2. ZoneAlarm Free Firewall by Check Point
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/753743

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice