Virus/spyware/ad-ware

  • Thread starter Thread starter Paul
  • Start date Start date
P

Paul

Hi Guys

Looking for a bot of advice.

My Father in-law has managed to pick up an infection of some sort on his PC.

What happend was in the middle of playing an on line game (Call of Duty 4)
(he is 75 by the way) the screan went red and a load of beatles started
crawling over the screen, then a message popped up about his computer being
infected with spy-ware. and now every time he tries to use Internet explorer
the home page has changed to show AntiSpy Spider website. Also Task Manager
has been disabled.

I have tried various anti-virus and anti spyware software to resolve this
problem but nothing is finding or fixing it.

I have searched this problem and all the articals I have found talk about
removing the Antispy spider after it has been installed. but on his machine
there is no sign of it being installed. looks like its just add ware rather
than the actual program.

I have tried Kaspersky, AVG, Superantispyware and Ad-Aware

Anyone got any thoughts

Thanks

Paul
 
On Sun, 11 May 2008 09:31:22 +0100, Paul wrote:

> Hi Guys
>
> Looking for a bot of advice.
>
> My Father in-law has managed to pick up an infection of some sort on his PC.
>
> What happend was in the middle of playing an on line game (Call of Duty 4)
> (he is 75 by the way) the screan went red and a load of beatles started
> crawling over the screen, then a message popped up about his computer being
> infected with spy-ware. and now every time he tries to use Internet explorer
> the home page has changed to show AntiSpy Spider website. Also Task Manager
> has been disabled.
>
> I have tried various anti-virus and anti spyware software to resolve this
> problem but nothing is finding or fixing it.
>
> I have searched this problem and all the articals I have found talk about
> removing the Antispy spider after it has been installed. but on his machine
> there is no sign of it being installed. looks like its just add ware rather
> than the actual program.
>
> I have tried Kaspersky, AVG, Superantispyware and Ad-Aware
>
> Anyone got any thoughts
>

After Superantispyware and Ad-Aware is *updated*, it is suggested scanning
the system in Safe Mode.
How do you boot to Safe Mode?
By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
Alternatively:
click onto Start==>Run, type "msconfig" (without quotation marks), click
OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
Restart. To go back to Normal Mode, you must access the System
Configuration utility again and click the General tab then click/check the
radio button 'Normal Startup'- load all device drivers and services'.
A description of the Safe Mode Boot options in Windows XP
http://support.microsoft.com/default.aspx?scid=315222

Unsuccessful?

Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

Please, do not post HJT logs to this newsgroup.
Fora where you can get expert advice for HiJack This! (HJT) logs.

NOTE: Registration is required in any of the below before posting a log

http://www.theeldergeek.com/forum/index.php?s=2e9ea4e19d3289dd877ab75a8220bff6&showforum=29
http://www.thespykiller.co.uk/index.php?board=3.0
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://forums.tomcoyote.org/index.php?showforum=27
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.spywarewarrior.com/viewforum.php?f=5
 
Paul wrote:

> Hi Guys
>
> Looking for a bot of advice.
>
> My Father in-law has managed to pick up an infection of some sort on his
> PC.
>
> What happend was in the middle of playing an on line game (Call of Duty 4)
> (he is 75 by the way) the screan went red and a load of beatles started
> crawling over the screen, then a message popped up about his computer
> being infected with spy-ware. and now every time he tries to use Internet
> explorer
> the home page has changed to show AntiSpy Spider website. Also Task
> Manager has been disabled.
>
> I have tried various anti-virus and anti spyware software to resolve this
> problem but nothing is finding or fixing it.
>
> I have searched this problem and all the articals I have found talk about
> removing the Antispy spider after it has been installed. but on his
> machine there is no sign of it being installed. looks like its just add
> ware rather than the actual program.
>
> I have tried Kaspersky, AVG, Superantispyware and Ad-Aware

At this point, you or your father-in-law should go here to find a removal
tutorial:

Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, get guided help at Bleeping Computer or choose one of
the specialty forums listed below in no particular order. Register and read
its posting FAQ. You will generally be asked to:

1. Download and execute HiJack This! (HJT) -
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

2. Disable Notepad's word wrap - In Notepad.exe Format --> uncheck "Word
wrap"

3. Download/run Deckard's System Scanner -
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post at the
forum you chose. DO NOT POST LOGS IN THE MS NEWSGROUPS.

http://aumha.org/downloads/hijackthis.zip
http://aumha.net/ - Click on the HijackThis forum. Read the announcement and
the stickies *first*.
http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarewarrior.com/viewforum.php?f=5
http://forums.techguy.org/54-security/

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!
 
Back
Top