Unremovable Spyware?

May I first say that I know very little about computers. I am running Win XP & IE ver 6.0.2900.xpsp_sp2_gdr.050301-1519. I have Norton Anti virus running and a software product called Spy Sweeper by Webroot for spyware. This Spy Sweeper picked up about 85 files that are trying to open when I start IE and about 40 files it says are trying to attach themselves to my Favorites Folder. When I ask it to remove these files, it does BUT they COME BACK in a matter of seconds. I have found a file in the temp internet file folder that won't let me delete it and looks suspicious. I can barely get on the net and the computer even has trouble shutting down. SOMEBODY HELP!?!? PLEASE

 

Please follow standard cleanup procedures as given below:

- Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps below:



http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

 

Hello again, I have followed as close as I can your instructions but have run into two snags. First, I'm at the stage where you're asking me to use my downloaded "tools" in safe mode. When I go to use any of them I get a window saying "a device attached to system is not working" and I can't run the tool. I then left safe mode to reboot to come here and during the rebooting I got error windows (20 or so, one after the other). The first window said Windows can't find C:\windows\apprk.exe make sure you typed name correctly. The second window said Windows can't find C:\windows\system32\crdd.exe. Then Windows can't find C:\windows\system32\mszl.exe Then Windows can't find C:\windows\system32\apiwe.exe and many more???? After I clicked OK to all these windows I got my desktop.

GUIDANCE PLEASE!!!!!!!!

 

Try them in normal mode, if you still cant get me a HJT log and we will go from there.

 

Re: Unremovable Spyware? No Luck

Hi, I was able to run those suggested tools in normal mode but they don't seem to alleviate the problems. I can now boot up without all those error windows and the computer seems to shut down OK but I still have "about blank" as my home page and that same list of 80 or so files that Spysweeper has detected. That list of files shows the file names, extentions & locations. Does that help us at all? Whats' next?

Thanks for your continuing help, Curt

 

http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting