Solved: system restore/spyware

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

adamtheaxe

Thread Starter
Joined
May 29, 2004
Messages
15
Hi,

hope someone can help me with this one.

I am trying to fix my brother's computer which recently has been infected with spyware. it is running Windows Xp but there is a program that keeps popping up where it supposedly is checking for spyware and then asking for $34.95 to continue. I am not in front of the computer right now but the program looks like a legit Microsoft program. it's called MS something but I cannot get it out of the computer.

I wanted to use the system restore and that won't even work. Anyone know how I can get the system restore working and possibly remove this spyware program in the computer?

Thanks a lot!
Adam
 
Joined
Sep 8, 2005
Messages
9,113
Welcome to TSG :)

Please click Here to download HijackThis to your desktop.

Click the Download button. When the Trend Micro HJT install box appears, double click on the HJTInstall.exe. Click on Install.

It will be installed by default here: C:\Program Files\Trend Micro\HijackThis

A shortcut to the application will also be placed on your Desktop.

The program will open automatically after installation.

You can double-click the icon that was placed on the Desktop to run subsequent HijackThis scans or you can use the icon inside the folder. The folder HijackThis is where you will find the HJT logs that you save. When you use the application to remove anything, you will also find the backup copies made by HJT inside this folder.

Close all other windows except HijackThis.

Click on "Do a system scan and save logfile" When the log pops up in Notepad, copy and paste that file back here.

Do NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.
 

adamtheaxe

Thread Starter
Joined
May 29, 2004
Messages
15
Hi. Thanks for the response! I won't be near the computer until tomorrow so I will send it once I get to the system.

Quick question though. Is there any kind of spyware remover or quick virus scan that I could download onto a disk to bring over to his computer? I normally use Housecall but I cannot even get it on his computer. Any site like that(Trend Micro, Norton, McAfee) all get redirected to this spyware-ish site. I've never seen anything like it.

Thanks again!
 
Joined
Sep 8, 2005
Messages
9,113
There is


Please download Malwarebytes Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply with a fresh Hijackthis log too.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer, please do so immediately.
 

adamtheaxe

Thread Starter
Joined
May 29, 2004
Messages
15
Well, I tried that program and everything worked out ok. the computer wasn't even able to log on to techsupportguy.com so I couldn't even post the hijack this link but everything is running smoothly so I guess we'll leave it at that. Thanks for all your help!! (y)
 
Joined
Sep 8, 2005
Messages
9,113
Okay. Your Welcome


Now that your system is clean you should SET A NEW RESTORE POINT to prevent future reinfection from the old restore point AFTER cleaning your system of any malware infection. Any trojans or spyware you picked up could have been saved in System Restore and are waiting to re-infect you. Since System Restore is a protected directory, your tools can not access it to delete files, trapping viruses inside. Setting a new restore point should be done to prevent any future reinfection from the old restore point and enable your computer to "roll-back" in case there is a future problem.

To SET A NEW RESTORE POINT:
1. Go to Start > Programs > Accessories > System Tools and click "System Restore".
2. Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
3. Then go to Start > Run and type: Cleanmgr
4. Click "OK".
5. Click the "More Options" Tab.
6. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

Graphics for doing this are in the following links if you need them.
How to Create a Restore Point.
How to use Cleanmgr.

======================================

Here is some useful information on keeping your computer clean:
  1. Most important thing is to make sure Windows is kept up to date with the latest patches and updates from Windows Update.
  2. Here are two great Preventive programs
:
  • SpywareBlaster protects you from malicious ActiveX controls and cookies. Make sure and check for updates twice a month.
  • Surf Safe with McAfee's SiteAdisor. SiteAdisor will work with Internet Explorer and Mozilla Firefox. SiteAdisor is a browser plugin that assigns a safety rating to domains listed in your search engine. SiteAdvisor uses the following color codes to indicate the safety level of each site.
  • Red for Warning
  • Yellow for Use Caution
  • Green for Safe
  • Grey for Unknown

Here are the link to install SiteAdisor in Internet Explorer and Firefox
  • Anti-Spyware Programs I Recommend:
  • Free Anti-Spyware Programs
  • Free Firewalls
  1. Sunbelt Personal Firewall
  2. ZoneAlarm Free Firewall by Check Point
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Top