Spyware ???

Discussion in 'Malware Help (A Specialist Will Reply)' started by Liissa, Dec 27, 2005.

  1. Liissa

    Liissa Private E-2

    Hi,

    Sometime last night my husband and son somehow got some spyware on my computer...Hummm....what we they look at?

    Anyway, they did some scans etc., last night in an effort to fix it so for me, but I'm not sure they have it gone. I'm not seeing any Pop-ups etc., but some of the scan showed some issues.

    This is what I've done:
    SAFE MODE
    Ran CCleaner
    Microsoft Tool - Finds Nothing
    Adware SE - Found 3 MRU's and 1 Tracking Cookee (Fixed All)
    Spybot - Found Nothing
    Microsoft ANitiSpy - Nothing

    Then booted into SAFE with Networking and ran:
    Bitedefender (Online) Log is attached
    Panda (Online) Log is attached.
    Finally ran an HiJack Log which is also attached.

    IS IT GONE....Did they fix it last Night? If so, what can I now delete of the downloaded and online stuff?

    Thanks a million for any help.

    Liissa
     

    Attached Files:

    Liissa, Dec 27, 2005
    #1
  2. Liissa

    Liissa Private E-2

    ...A couple more things????....if everything looks good....can I know turn System Restore back on?

    ....Are there any of the online programs etc., I used that can/should delete?

    Thanks so much.....so far all day has been good, so I 'think' the computer is clean...let me know if you see otherwise.:confused:
     
    Liissa, Dec 27, 2005
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You have no real malware showing in you HJT log but the below three lines can be fixed:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

    You should also look for the below files and delete them if found:
    C:\secure32.html
    C:\Documents and Settings\Lisa\My Documents\Lisa\My Stuff\Virus Test.txt
    C:\WINDOWS\soft.exe

    There is nothing from the online scans that you really need to remove. If you do delete them it would only be necessary to download them again if another malware problem occurred.

    However, you should perform the steps in this link: How to Protect yourself from malware!
     
    chaslang, Dec 27, 2005
    #3
  4. Liissa

    Liissa Private E-2

    Thank you very, very much.

    I will complete the steps you mentioned and I will also delete the files, if I can locate them on the system.

    It seems they may have deleted some of the bad stuff last night, as today seems all good, and they've had some experience with HiJack before, so they seem to have done it correctly using the tutorial.

    .....And I have done everything you've suggested to prevent this in the future!

    Thank you again---your help is truly appreciated.
    Liisa

    "Unfortunately if they go to rogue sites, I have no way to stop it, or do I?" I've warned them over and over, but sometimes they obviously don't listen...maybe I'll ban them from my computer for now!!
     
    Liissa, Dec 27, 2005
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Making sure you follow ALL the steps in the How to protect thread will help. I did not notice a firewall. Also make sure you use SpywareBlaster and enable all protections. Also use Spybot and its Immunize feature. These will help a lot.
     
    chaslang, Dec 27, 2005
    #5
  6. Liissa

    Liissa Private E-2

    I have Norton Internet Security and that has a Firewall....is it not a good one?? I have Spyware Blaster and update if frequently, including enabling all protection and I did use the Immunize feature on Spybot as well as Adware SE and MS Antispy, both of which I update and run frequently.

    I also changed all the "Active X settings", exactly to what you suggested?

    Sad to say, but I think they may have gone to a "porn" site suggested by one of the "guys" at work....I've heard porn is the worst for these things and I asked them over and over to stay away from it....Hummm!!--bad boys!

    Please let me know, if you have a better firewall suggestion. Once this subscription is up with Norton I was planning on then using Avast and Zone Alarm...as they are both "free" and highly suggested on your site.

    Thank you again....your knowledge on this stuff is remarkable and truly appreciated!
    Liisa;)
     
    Liissa, Dec 27, 2005
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I just did not notice the process for it running! Are you sure it is running? Normally there is a name with some kind of reference to a firewall in it.

    Porn sites and P2P download sites can be big spreaders of malware. Having proper protection in place can help stop problems. And being careful what you click yes or no to with various popups that may occur can be even more important.
     
    chaslang, Dec 27, 2005
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I guess maybe this is the new name for the firewall:
    C:\Program Files\Norton Internet Security\ISSVC.exe

    But it is just called: Norton Personal Firewall Assistant
     
    chaslang, Dec 27, 2005
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds