1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Curing Major Spyware Infection

Discussion in 'Windows XP' started by Stacy Young, Jun 30, 2010.

  1. Stacy Young

    Stacy Young Flightless Bird

    OK so it appears I have a serious spyware infection. Redirecting web site
    page or not allowing any web sites, inability to access tools menu of IE,
    unable to run any system files or installation files. In each case it tells
    me that the file is infected and directs me to purchase thier file to "cure"
    the problem and will not allow me to do anything internet related or any
    installations. It will not allow me to start MSCONFIG either.

    I have been through this before and have downloaded the files (through a
    separate computer)I believe necessary to attempt to fix the infection
    (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
    etc.). The problem I am having is that after copying the file(s) to the
    infected computer, the virus/spyware will not allow me to run/execute any of
    these programs.

    Any ideas on how to proceed? Can I run these programs in Safe Mode or is
    there another approach to cleaning this mess up?

    The computer/laptop was running an anti-spyware and antiivirus (installed by
    my company) - I believe CA but they failed to cath this thing(s).

    Thanks in advance
     
  2. Bob

    Bob Flightless Bird

    I had a similar problem.

    I had to restore my PC to factory condition to get rid of the malware.

    "Stacy Young" <ky@aol.com> wrote in message
    news:uCHjSBIGLHA.1716@TK2MSFTNGP06.phx.gbl...
    >
    > OK so it appears I have a serious spyware infection. Redirecting web site
    > page or not allowing any web sites, inability to access tools menu of IE,
    > unable to run any system files or installation files. In each case it
    > tells me that the file is infected and directs me to purchase thier file
    > to "cure" the problem and will not allow me to do anything internet
    > related or any installations. It will not allow me to start MSCONFIG
    > either.
    >
    > I have been through this before and have downloaded the files (through a
    > separate computer)I believe necessary to attempt to fix the infection
    > (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
    > etc.). The problem I am having is that after copying the file(s) to the
    > infected computer, the virus/spyware will not allow me to run/execute any
    > of these programs.
    >
    > Any ideas on how to proceed? Can I run these programs in Safe Mode or is
    > there another approach to cleaning this mess up?
    >
    > The computer/laptop was running an anti-spyware and antiivirus (installed
    > by my company) - I believe CA but they failed to cath this thing(s).
    >
    > Thanks in advance
    >
     
  3. Arthur Shapiro

    Arthur Shapiro Flightless Bird

    In article <uCHjSBIGLHA.1716@TK2MSFTNGP06.phx.gbl>, "Stacy Young" <ky@aol.com> wrote:
    >


    >Any ideas on how to proceed? Can I run these programs in Safe Mode or is
    >there another approach to cleaning this mess up?


    Most programs of this nature can be run in Safe Mode. The two most
    frequently-cited around here are MalwareBytes and SuperAntiSpyware. You might
    even try renaming the programs in case the malware in question is keying on
    their names to prevent execution.

    Running them off a thumb drive is another convenient thing to try.

    Are you able to run MSCONFIG and uncheck any "curious" stuff show in the
    Starup pane?

    Art
     
  4. PA Bear [MS MVP]

    PA Bear [MS MVP] Flightless Bird

    Open Add/Remove Programs & make sure the SHOW UPDATES box at the top is
    checked | Now scroll down and tell me if either of the following updates are
    listed: KB982381; KB979559 ??

    Does the computer belong to you or your employer? Assuming the latter, have
    you contacted your company's IT Department about this yet?
    --
    ~Robear Dyer (PA Bear)
    MS MVP-IE, Mail, Security, Windows Client - since 2002


    Stacy Young wrote:
    > OK so it appears I have a serious spyware infection. Redirecting web site
    > page or not allowing any web sites, inability to access tools menu of IE,
    > unable to run any system files or installation files. In each case it
    > tells
    > me that the file is infected and directs me to purchase thier file to
    > "cure"
    > the problem and will not allow me to do anything internet related or any
    > installations. It will not allow me to start MSCONFIG either.
    >
    > I have been through this before and have downloaded the files (through a
    > separate computer)I believe necessary to attempt to fix the infection
    > (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
    > etc.). The problem I am having is that after copying the file(s) to the
    > infected computer, the virus/spyware will not allow me to run/execute any
    > of
    > these programs.
    >
    > Any ideas on how to proceed? Can I run these programs in Safe Mode or is
    > there another approach to cleaning this mess up?
    >
    > The computer/laptop was running an anti-spyware and antiivirus (installed
    > by
    > my company) - I believe CA but they failed to cath this thing(s).
    >
    > Thanks in advance
     
  5. Stacy Young

    Stacy Young Flightless Bird

    Thanks, will try and report back.

    No MSCONFIG is blocked by this thing

    "Arthur Shapiro" <art.shapiro@unisys.com> wrote in message
    news:i0g53m$qdm$1@USTR-NEWS.TR.UNISYS.COM...
    > In article <uCHjSBIGLHA.1716@TK2MSFTNGP06.phx.gbl>, "Stacy Young"
    > <ky@aol.com> wrote:
    >>

    >
    >>Any ideas on how to proceed? Can I run these programs in Safe Mode or is
    >>there another approach to cleaning this mess up?

    >
    > Most programs of this nature can be run in Safe Mode. The two most
    > frequently-cited around here are MalwareBytes and SuperAntiSpyware. You
    > might
    > even try renaming the programs in case the malware in question is keying
    > on
    > their names to prevent execution.
    >
    > Running them off a thumb drive is another convenient thing to try.
    >
    > Are you able to run MSCONFIG and uncheck any "curious" stuff show in the
    > Starup pane?
    >
    > Art
     
  6. Stacy Young

    Stacy Young Flightless Bird

    I will check and report back.

    It is a company computer. Very small company, no IT dept. We have a
    cosultant that could come in and take care of this but they are very slow
    and I would be without laptop for at least a week.

    "PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
    news:%235z3rpIGLHA.5448@TK2MSFTNGP06.phx.gbl...
    > Open Add/Remove Programs & make sure the SHOW UPDATES box at the top is
    > checked | Now scroll down and tell me if either of the following updates
    > are listed: KB982381; KB979559 ??
    >
    > Does the computer belong to you or your employer? Assuming the latter,
    > have you contacted your company's IT Department about this yet?
    > --
    > ~Robear Dyer (PA Bear)
    > MS MVP-IE, Mail, Security, Windows Client - since 2002
    >
    >
    > Stacy Young wrote:
    >> OK so it appears I have a serious spyware infection. Redirecting web
    >> site
    >> page or not allowing any web sites, inability to access tools menu of IE,
    >> unable to run any system files or installation files. In each case it
    >> tells
    >> me that the file is infected and directs me to purchase thier file to
    >> "cure"
    >> the problem and will not allow me to do anything internet related or any
    >> installations. It will not allow me to start MSCONFIG either.
    >>
    >> I have been through this before and have downloaded the files (through a
    >> separate computer)I believe necessary to attempt to fix the infection
    >> (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
    >> etc.). The problem I am having is that after copying the file(s) to the
    >> infected computer, the virus/spyware will not allow me to run/execute any
    >> of
    >> these programs.
    >>
    >> Any ideas on how to proceed? Can I run these programs in Safe Mode or is
    >> there another approach to cleaning this mess up?
    >>
    >> The computer/laptop was running an anti-spyware and antiivirus (installed
    >> by
    >> my company) - I believe CA but they failed to cath this thing(s).
    >>
    >> Thanks in advance

    >
     
  7. Ǝиçεl

    Ǝиçεl Flightless Bird

    Stacy,

    SUPERAntiSpyware just put up a Online Safe Scan at
    <http://www.superantispyware.com/onlinescan.html>
    if you cannot install and/or run the current SUPERAntiSpyware pÑoduct due to
    an infection.
    -=-

    "Stacy Young" wrote:

    > OK so it appears I have a serious spyware infection. Redirecting web site
    > page or not allowing any web sites, inability to access tools menu of IE,
    > unable to run any system files or installation files. In each case it tells
    > me that the file is infected and directs me to purchase thier file to "cure"
    > the problem and will not allow me to do anything internet related or any
    > installations. It will not allow me to start MSCONFIG either.
    >
    > I have been through this before and have downloaded the files (through a
    > separate computer)I believe necessary to attempt to fix the infection
    > (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
    > etc.). The problem I am having is that after copying the file(s) to the
    > infected computer, the virus/spyware will not allow me to run/execute any of
    > these programs.
    >
    > Any ideas on how to proceed? Can I run these programs in Safe Mode or is
    > there another approach to cleaning this mess up?
    >
    > The computer/laptop was running an anti-spyware and antiivirus (installed by
    > my company) - I believe CA but they failed to cath this thing(s).
    >
    > Thanks in advance
    >
    >
    > .
    >
     
  8. Randem

    Randem Flightless Bird

  9. Don Wiss

    Don Wiss Flightless Bird

    On Wed, 30 Jun 2010 14:16:02 -0400, Stacy Young <ky@aol.com> wrote:

    >Any ideas on how to proceed? Can I run these programs in Safe Mode or is
    >there another approach to cleaning this mess up?
    >
    >The computer/laptop was running an anti-spyware and antiivirus (installed by
    >my company) - I believe CA but they failed to cath this thing(s).


    Have you searched the web and learned the name of your infection. Knowing
    it can help in searching on how to remove it. Is it AV Security Suite?

    Don <www.donwiss.com> (e-mail link at home page bottom).
     

Share This Page