Chaslang...Dell Backup/ already downloaded

Re: Trojan.Clicker.Instas.A

Did you run ALL the steps in the READ ME? You only mentioned the online scanners.

After completing ALL the steps, do the exactly as the below indicates.


- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

By the way, is the same PC that you could not get to boot a few days ago.

 

Re: Trojan.Clicker.Instas.A

You do not need to run HSremove or about:buster unless you are having HSA or about:blank hijacker problems. (Which you are not having) HSremove always reports 8 items being removed even on a totally clean pc. It is a bug.

HijackThis logs must always be posted from normal boot mode unless requested otherwise. Yours was from safe mode. Please repost after you look at the rest of the stuff below.

Do you use these AIM settings:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp

Some people consider these to be problems!

Goto Add/Remove programs and uninstall: WeatherBug

You have too many Toolbars. Do you use all of them? Do really use:
- Real Toolbar
- AIM Toolbar
- MSN Toolbar
- Google Toolbar
- AdwareFilterToolBar <--- this one is malware - SpyAssasin. Look in Add/Remove programs for AdwareFilter or AdwareFilterToolBar or SpyAssasin and uninstall any of them if found.

You want to know how many toolbars I have? Zero! I do not find them necessary.

I tend to doubt that Windows Clean-Up Pro is needed or useful.

 

Re: Trojan.Clicker.Instas.A

Try using this Weather Watcher instead of the malware containing Weatherbug.

So I assume you want to keep Real Toolbar & MSN Toolbar?

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).

Please run HijackThis and click on the "Open the Misc Tools Section" button on the open page. Then select "Open process manager" on the left-hand side. Look for the following process (or processes) and one at a time kill them by selecting it and then click "Kill process". Then click yes.
C:\Program Files\AdwareFilter\adwarefilter.exe

After killing all the above processes, click "Back".
Then please click "Scan" and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ms101.mysearch.com/sa/srchlft.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
O4 - Global Startup: AdwareFilter Background Protection.lnk = C:\Program Files\AdwareFilter\adwarefilter.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/2438d7c7946c22d3c101/netzip/RdxIE601.cab

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\Program Files\AdwareFilter <--- the whole folder
C:\Program Files\AWS <--- the whole folder

Now run Ccleaner (installed while running the READ ME FIRST). Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.

Now we need to Reset Web Settings:
1) If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.
2) Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.
3) If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

Re: Trojan.Clicker.Instas.A

I'm not sure what you mean. What to you mean your "Backup Dell Installed Programs"?

What does this have to do with installing Weather Watcher?

 

Re: Trojan.Clicker.Instas.A

And are you saying this message came up when you started downloading? Or did it come up when you started installing the software for Weather Watcher?

Is it giving you any indication of what it is supposedly doing at this time. I don't know why you would need to insert this CD to install Weather Watcher. It has nothing to do with any of the Dell Software installed on your PC.

When I get PCs from Dell or Gateway, the first thing I do, is uninstall almost all the crap they put onto the PC. Most is unnecessary and unwanted/annoying and is only trial based software anyway.

 

Re: Trojan.Clicker.Instas.A

You need to be more precise in your explanation.

Is the problem when you:
- try to install the program you downloaded
- or when you try to run the program after installing it

Is that all it tells you or does it give more detail!

Does this happen for any program you try to install?

Do you have all of your Windows Updates?

 

Re: Trojan.Clicker.Instas.A

You're welcome.

 

I do not believe this is a malware problem. It sounds more like a problem with your Windows Installation or some junk that Dell has installed. You should probably ask Dell why this is happening. It could some how be related to something they have done to install software on your PC and it could be related to Windows Installer. You could also check in the Software Forum.

I doubt it has anything to do with running downloaded spyware tools. And do you mean run the installation of the downloaded tools? Or do you mean you already installed the tools and you are trying to run the programs themselves? This could happen for anything you download an install now (not just spyware tools).

Please do not start new threads for problems you have already been working. I'm moving you back to your original thread.