Spyware!!help

[TREMBER]

all of the suden i get a **** load of spyware.ive done about 4 spyware scans since last night and they keep coming up with stuff after i use them.i did a viruis scan with avg last night, but its coming up with a bunch of usless adds while im not on the net so i new it had to be spyware.im using adaware and spyware.

thanks in advance

 

[baronvongogo]

what do the ads look like? does it say messenger service at the top?

if not try these steps:

CLEANING COMPUTER OF TROJANS, SPYWARE AND VIRUSES
ALL THE FOLLOWING SOFTWARE IN THIS GUIDE IS FREE

STEP 1. Clear the system restore points (if you donÂ’t want to do this move onto the next step but be aware viruses can infect system restores and can come back or still cause problems):
• Click Start >> Run - type SYSDM.CPL & press Enter
• Select the System Restore Tab
• Tick on the checkbox - "Turn off System Restore on all drives"
• Click Apply
• Then untick the same checkbox & click OK
• This deletes ALL restore points that had the infection and creates a clean one

STEP 2 Proceed to try these spyware cleaners and rootkit finders in safe mode and full system scans (To get into safe mode reset the pc then keep pressing F8 until a menu appears in which you can select safe mode some computers use F5, F6 or F7 to get the menu up).

Ad aware SE:
http://www.download.com/Ad-Aware-SE...045910.html?part=dl-ad-aware&subj=dl&tag=top5

Ad Aware VX2 add on (To run this tool once Adaware is updated click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK"):
http://www.lavasoft.de/software/addons/vx2cleaner.shtml

Spybot:
http://www.safer-networking.org/en/mirrors/index.html

Advanced Spyware Remover:
http://www.majorgeeks.com/Advanced_...over_d4977.html

Windows Defender Beta 2 (need real copy of windows to work)
http://www.microsoft.com/downloads/...&displaylang=en

CWshredder(removes some browser hijackers):
http://www.intermute.com/spysubtract/cwshredder_download.html

Blacklight (rootkit remover)
http://www.f-secure.com/blacklight/try.shtml

STEP 3. Download this program to clean your temp files and registry:

CCleaner
http://www.ccleaner.com/ccdownload.asp

STEP 4. Download hijackthis and post a log in the forum:
http://www.majorgeeks.com/download3155.html

 

[TREMBER]

well i have a little triangle in the task bar down at the bottom right of the screen that says i have a trojan and it just wants me to buy there spyware.and there some other ones like find sex near you and some other spyware ones.

 

[TREMBER]

do you think that becasue i havent done my checks in safe mode that thats the reason the spyware is coming back

 

[TREMBER]

http://www.techist.com/showthread.php?s=&threadid=111760 hers my hijack this log

 

[baronvongogo]

ok in hijackthis these are the files which stood out to me most. check them in hijackthis and choose fix hijackthis should make a backup so if anything goes wrong it can repair or so I hope! lol.

C:\WINDOWS\system32\ff74c62a.exe
C:\WINDOWS\system32\atmclk.exe

O4 - HKLM\..\Run: [ff74c62a.exe] C:\WINDOWS\system32\ff74c62a.exe
O4 - HKCU\..\Run: [ff74c62a.exe] C:\Documents and Settings\Owner\Local Settings\Application Data\ff74c62a.exe

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\iifedee.dll
O2 - BHO: CDLPObj Object - {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - C:\WINDOWS\DLP.dll (file missing)
O2 - BHO: Nothing - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp
O2 - BHO: (no name) - {062492AF-392E-479D-BF52-A7A4BCA00307} - C:\WINDOWS\compstuic.dll (file missing)

O16 - DPF: {5D846F51-F9C7-01A3-3FE3-2B7D2710389C} - http://85.255.113.214/1/gdnUS2339.exe
O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgUS2405.exe

O20 - AppInit_DLLs: C:\WINDOWS\system32\alg.dll

 

[baronvongogo]

also make sure to run your comp in safe mode once you`ve fixed those entries, and run ALL of the programs I said before especially the vx2 add on and cwshredder. And make sure its full system scans. Also run CCleaner to clean your temp files and reg.

 

[Fuxy_Muxy]

dude...i cant even get into any of those spyware websites...except for the Lava site...but i dont have adware...and when i checked the restore box thing, it just went unreponsive after i clicked apply...then i try again and run the sysdm.cpl thing, but noting comes up..im gonna restart and try again, but should i do it in safe mode? god **** spyware wont let me get in my internet..o ya, i recently deleted these:

08:32 AM: Processing: CWS-AboutBlank
08:32 AM: Processing: CoolWebSearch (CWS)
08:32 AM: Processing: Oblivion
08:32 AM: Processing: Popuptoast.com hijacker

Oblivion i guess is a trojan, and the rest are spyware...i keep doing scans but they keep coming back...

 

[baronvongogo]

Do it in safemode, and run every program I listed, then go into msconfig by going to start then run and typing msconfig

once the window opens go to startup tab and disble everything except your firewall and antivirus. Then restart windows normally and run all the software again.

 

[Fuxy_Muxy]

i cant run the programs though!!! i cant get onto the websites....


would a reformat help the problem?