One wrong click last week turned my computer life upside down. Since then I’ve been downloading/buying spyware killers and pop-up stoppers but there is still spyware on my computer.
So far I’ve downloaded Ad-aware, Spyware Blaster, Spyware Killer, Secretmaker, and Bazooka. All of them, except Bazooka, say there is no more spyware on my computer, but Bazooka says there are 8 detected objects and they recommend manual removal. Now, I’ve tried the manual removal thing and have been successful at almost uninstalling one file, but it says if you cannot find all the files and delete them, then it will still remain on your computer, and well, I can’t find them all.
So now what do I do? I don’t want to keep buying or downloading different programs but I am afraid to go into my online checking account or make an online purchase until the spyware is gone.
You didn’t say what specific files or spyware you are having problems with, so it is a little hard to give you a solution. However, for a start, go to Merijn.org and download CWShredder and Hijackthis. Run CWShredder, and see if you still have the same problems. If so, run Hijackthis, but don’t make any changes. Hijackthis does not distinguish between good registry entries or bad ones; save a log to a text file, and post it here. I will have a look.
Bazooka says I have the following detected objects:
2ndthought Adware
BookedSpace
Cydoor
Flingstone Bridge
HelpExpress
IGetNet
Internet Optimizer
MS Media Player GUID
I actually did try hijackthis but I had no idea what to do after the scan. Here is the log file and thank you, I really appreciate your help.
Logfile of HijackThis v1.97.7
Scan saved at 10:16:21 PM, on 5/1/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Kazaa is responsible for Cydoor and several of the other spyware programs; if you remove Cydoor, Kazaa won’t work any longer. I advise you to dump Kazaa. Download Kazaabegone, which will remove all versions of Kazaa and associated spyware.
AS for the rest of the crap in your Hijackthis log, put a checkmark next to all of the following items, and click on Fix Checked:
Sorry for the big hijack but I didn’t want to start a whole new thread on a never-ending problem.
The spyware that is attacking me sends a pop up message everytime I double click on my AIM quicklaunch. ( so if I close the AIM window, then open it again, the pop-up pops and says ALERT SPYWARE ACTIVITY DETECTED ON YOUR COMPUTER!)
Here is my log from Hijack This;
Logfile of HijackThis v1.97.7
Scan saved at 10:37:03 PM, on 5/2/2004
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP2 (5.00.2920.0000)
Spysweeper and Spybot Search & Destroy both say there is nothing in my computer, but everytime I run Ad-Aware it picks up on the same thing (CoolWebSearch).
First, download and run CWShredder to get rid of CoolWebSearch. If that doesn’t solve all your problems, check the following item in Hijackthis and hit Fix Checked :
O2 - BHO: (no name) - {F9F3004A-1161-4CC2-9C68-816046E0C5CF} - C:\WINNT\System32\phplff.dll
I have Norton Antivirus and SpyHunter scheduled to scan and delete viruses, adware, spyware and other questionable files daily, and then immediately defrag.
Here is my log. Simple things have already figured to eliminate- usually items “01” and most BHO’s. Any suggestion of what else to eliminate?
Logfile of HijackThis v1.97.7
Scan saved at 12:07:15 AM, on 5/3/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Man, I know, our work computers were shut down all day due to it. Assuming your reply was to me, I have the newest Symantec upload. Over the last few months, it has caught & “quarentined” several virii.
However, once a day or so, some bastards attempt to hijack my home page with some Spyware. Winpatrol alerts me on this. I use “Hijackthis” to get rid of the more obvious bad files. I have run “CWSShredder” and have “Spyware blaster” installed & up.
which are sometimes associated with the Win32/Parite.B virus (unless you are runnning Novell Netware?). Go to Start/Run, and type regedit, then navigate to see if the following key exists (don’t make any changes):