Curing Major Spyware Infection

[Stacy Young]

OK so it appears I have a serious spyware infection. Redirecting web site
page or not allowing any web sites, inability to access tools menu of IE,
unable to run any system files or installation files. In each case it tells
me that the file is infected and directs me to purchase thier file to "cure"
the problem and will not allow me to do anything internet related or any
installations. It will not allow me to start MSCONFIG either.

I have been through this before and have downloaded the files (through a
separate computer)I believe necessary to attempt to fix the infection
(AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
etc.). The problem I am having is that after copying the file(s) to the
infected computer, the virus/spyware will not allow me to run/execute any of
these programs.

Any ideas on how to proceed? Can I run these programs in Safe Mode or is
there another approach to cleaning this mess up?

The computer/laptop was running an anti-spyware and antiivirus (installed by
my company) - I believe CA but they failed to cath this thing(s).

Thanks in advance

 

[Bob]

I had a similar problem.

I had to restore my PC to factory condition to get rid of the malware.

"Stacy Young" <ky@aol.com> wrote in message
news:uCHjSBIGLHA.1716@TK2MSFTNGP06.phx.gbl...
>
> OK so it appears I have a serious spyware infection. Redirecting web site
> page or not allowing any web sites, inability to access tools menu of IE,
> unable to run any system files or installation files. In each case it
> tells me that the file is infected and directs me to purchase thier file
> to "cure" the problem and will not allow me to do anything internet
> related or any installations. It will not allow me to start MSCONFIG
> either.
>
> I have been through this before and have downloaded the files (through a
> separate computer)I believe necessary to attempt to fix the infection
> (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
> etc.). The problem I am having is that after copying the file(s) to the
> infected computer, the virus/spyware will not allow me to run/execute any
> of these programs.
>
> Any ideas on how to proceed? Can I run these programs in Safe Mode or is
> there another approach to cleaning this mess up?
>
> The computer/laptop was running an anti-spyware and antiivirus (installed
> by my company) - I believe CA but they failed to cath this thing(s).
>
> Thanks in advance
>

 

[Arthur Shapiro]

In article <uCHjSBIGLHA.1716@TK2MSFTNGP06.phx.gbl>, "Stacy Young" <ky@aol.com> wrote:
>

>Any ideas on how to proceed? Can I run these programs in Safe Mode or is
>there another approach to cleaning this mess up?

Most programs of this nature can be run in Safe Mode. The two most
frequently-cited around here are MalwareBytes and SuperAntiSpyware. You might
even try renaming the programs in case the malware in question is keying on
their names to prevent execution.

Running them off a thumb drive is another convenient thing to try.

Are you able to run MSCONFIG and uncheck any "curious" stuff show in the
Starup pane?

Art

 

[PA Bear [MS MVP]]

Open Add/Remove Programs & make sure the SHOW UPDATES box at the top is
checked | Now scroll down and tell me if either of the following updates are
listed: KB982381; KB979559 ??

Does the computer belong to you or your employer? Assuming the latter, have
you contacted your company's IT Department about this yet?
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002


Stacy Young wrote:
> OK so it appears I have a serious spyware infection. Redirecting web site
> page or not allowing any web sites, inability to access tools menu of IE,
> unable to run any system files or installation files. In each case it
> tells
> me that the file is infected and directs me to purchase thier file to
> "cure"
> the problem and will not allow me to do anything internet related or any
> installations. It will not allow me to start MSCONFIG either.
>
> I have been through this before and have downloaded the files (through a
> separate computer)I believe necessary to attempt to fix the infection
> (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
> etc.). The problem I am having is that after copying the file(s) to the
> infected computer, the virus/spyware will not allow me to run/execute any
> of
> these programs.
>
> Any ideas on how to proceed? Can I run these programs in Safe Mode or is
> there another approach to cleaning this mess up?
>
> The computer/laptop was running an anti-spyware and antiivirus (installed
> by
> my company) - I believe CA but they failed to cath this thing(s).
>
> Thanks in advance

 

[Stacy Young]

Thanks, will try and report back.

No MSCONFIG is blocked by this thing

"Arthur Shapiro" <art.shapiro@unisys.com> wrote in message
news:i0g53m$qdm$1@USTR-NEWS.TR.UNISYS.COM...
> In article <uCHjSBIGLHA.1716@TK2MSFTNGP06.phx.gbl>, "Stacy Young"
> <ky@aol.com> wrote:
>>
>
>>Any ideas on how to proceed? Can I run these programs in Safe Mode or is
>>there another approach to cleaning this mess up?
>
> Most programs of this nature can be run in Safe Mode. The two most
> frequently-cited around here are MalwareBytes and SuperAntiSpyware. You
> might
> even try renaming the programs in case the malware in question is keying
> on
> their names to prevent execution.
>
> Running them off a thumb drive is another convenient thing to try.
>
> Are you able to run MSCONFIG and uncheck any "curious" stuff show in the
> Starup pane?
>
> Art

 

[Stacy Young]

I will check and report back.

It is a company computer. Very small company, no IT dept. We have a
cosultant that could come in and take care of this but they are very slow
and I would be without laptop for at least a week.

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message
news:%235z3rpIGLHA.5448@TK2MSFTNGP06.phx.gbl...
> Open Add/Remove Programs & make sure the SHOW UPDATES box at the top is
> checked | Now scroll down and tell me if either of the following updates
> are listed: KB982381; KB979559 ??
>
> Does the computer belong to you or your employer? Assuming the latter,
> have you contacted your company's IT Department about this yet?
> --
> ~Robear Dyer (PA Bear)
> MS MVP-IE, Mail, Security, Windows Client - since 2002
>
>
> Stacy Young wrote:
>> OK so it appears I have a serious spyware infection. Redirecting web
>> site
>> page or not allowing any web sites, inability to access tools menu of IE,
>> unable to run any system files or installation files. In each case it
>> tells
>> me that the file is infected and directs me to purchase thier file to
>> "cure"
>> the problem and will not allow me to do anything internet related or any
>> installations. It will not allow me to start MSCONFIG either.
>>
>> I have been through this before and have downloaded the files (through a
>> separate computer)I believe necessary to attempt to fix the infection
>> (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
>> etc.). The problem I am having is that after copying the file(s) to the
>> infected computer, the virus/spyware will not allow me to run/execute any
>> of
>> these programs.
>>
>> Any ideas on how to proceed? Can I run these programs in Safe Mode or is
>> there another approach to cleaning this mess up?
>>
>> The computer/laptop was running an anti-spyware and antiivirus (installed
>> by
>> my company) - I believe CA but they failed to cath this thing(s).
>>
>> Thanks in advance
>

 

[Ǝиçεl]

Stacy,

SUPERAntiSpyware just put up a Online Safe Scan at
<http/www.superantispyware.com/onlinescan.html>
if you cannot install and/or run the current SUPERAntiSpyware pÑoduct due to
an infection.
-=-

"Stacy Young" wrote:

> OK so it appears I have a serious spyware infection. Redirecting web site
> page or not allowing any web sites, inability to access tools menu of IE,
> unable to run any system files or installation files. In each case it tells
> me that the file is infected and directs me to purchase thier file to "cure"
> the problem and will not allow me to do anything internet related or any
> installations. It will not allow me to start MSCONFIG either.
>
> I have been through this before and have downloaded the files (through a
> separate computer)I believe necessary to attempt to fix the infection
> (AdAware, CWshredder, MS Malicious Software Removal Tool, HiJack This,
> etc.). The problem I am having is that after copying the file(s) to the
> infected computer, the virus/spyware will not allow me to run/execute any of
> these programs.
>
> Any ideas on how to proceed? Can I run these programs in Safe Mode or is
> there another approach to cleaning this mess up?
>
> The computer/laptop was running an anti-spyware and antiivirus (installed by
> my company) - I believe CA but they failed to cath this thing(s).
>
> Thanks in advance
>
>
> .
>

 

[Randem]

Here is something you can try
http://www.randem.com/removingtoughinfections.html

Psssible this can help...

--
The Top Inno Setup Script Generator - http://www.randem.com/innoscript.html

 

[Don Wiss]

On Wed, 30 Jun 2010 14:16:02 -0400, Stacy Young <ky@aol.com> wrote:

>Any ideas on how to proceed? Can I run these programs in Safe Mode or is
>there another approach to cleaning this mess up?
>
>The computer/laptop was running an anti-spyware and antiivirus (installed by
>my company) - I believe CA but they failed to cath this thing(s).

Have you searched the web and learned the name of your infection. Knowing
it can help in searching on how to remove it. Is it AV Security Suite?

Don <www.donwiss.com> (e-mail link at home page bottom).