Please help ive got loads of spyware

nosey --- I've just been thru the same mincer as you. I picked up some of the stuff you've got. But I got rid of them all in one Big Hit.
I used a little number called Spy Sweeper, I got it from www.webroot.com. It's very good & you can get it on a free 14 day trial.

Let me know how you get on. If you need more help, I'll see what I've got.

If you want to take some time and effort to clean your system and to protect it from future infestations, you might wanna try this - its specifically for Win XP/Media Edition/2003, if your operating system is something else, lemme know, adjustments and alternates will be required for pre-XP operating systems.


The following proceedure is an up-to-date, integrated series of steps designed to preliminarily clean your system (though it is quite likely some cleanup will remain to be done after the first runthrough, which is why the follow-up logs and reports are requested) and to harden it against future infestations. It should be implemented in the order and manner listed. Its tedious, nit-picky, and time-consuming, but it is proven safe, effective, and reliable. Getting rid of yuckware is much more hassle than getting it in the first place, and taking the time and effort to prevent it once you've managed to get rid of it is time and effort well invested.

If you choose to give this method a shot, you should print out these instructions, as the proceedure will require that your machine be offline for several of the steps. Be certain you understand what to do, and how and in what order to do it. If you're unsure of, or have trouble with, anything here, please ask before going on. Also, if any of the supplied links don't work, please let me know.


Again - Print out and fully understand these intructions, and gather all listed downloads before begining

1. First, gather the downloads and perform the installations and updates as recommended. Just download, install, update and configure these applications, DO NOT RUN ANY OF THEM YET, unless specifically directed otherwise.
   
   
2. Configure Windows Explorer to Show All Files
   
   
   
3. Be certain you have the latest version of HiJackThis, and that it is installed to a folder of its own either in your Programs file or directly on your root drive (the drive on which Windows is installed, usually "Drive C:\"). If you have already installed HiJackThis, be certain its in its own correctly placed folder, not a user-specific, temporary or desktop folder (to place HJT in its own folder, open Windows Explorer - Windows key + E - locate and select your root drive, the drive on which Windows is installed, and open that folder, right-clicking anywhere in that folder's blank space, select "New">"Folder", name the new folder "HJT", then download and extract, or if you already have the latest version somewhere else move, HJT into that folder). Launch the application, then, from its splash screen, choose "Miscellaneous Tools", or from the main start page, select "Config", then select "Search for updates online", confirm, and be sure your's is the latest version. Don't run a scan or fix anything yet. When running HiJackThis to scan or fix things, run it from its own folder, WITH NO OTHER BROWSERS, WINDOWS, FILESHARING, EMAIL, OR MESSAGING APPLICATIONS OPEN OR RUNNING
   
   
4. Go to Windows Update and check to make certain there are no outstanding Service Packs or High-Priority Updates for your operating system and/or Internet Explorer.
   
   
5. Run the online version of the Microsoft Windows Malicious Software Removal Tool.
   
   
6. Download, install, and update Windows Defender (Beta 2) (this is the successor to Microsoft Antispyware). Be sure to read, understand, and follow the download, installation, and update instructions available on the download page. Do not run the application's scan yet, just download, install, and update it.
   
   
7. Download, install, and update Ewido Anti-malware (the successor to Ewido Security Suite). Again, read, understand, and follow the download, installation, and update instructions available on the download page, and don't run the application's scan yet, just download, install, and update it. Note: when installing/configuring the trial version, do not select the automatic update or real-time protection options.
   
   
   
8. Download, install, and update Ad-Aware SE Personal. Just install and update it (when the program has installed, click the blue-green "Planet" icon, second from the right at the top of the screen, to run the auto-update function, and follow the prompts to update the application); don't run a scan yet.
   
   
   • When it has updated, click on the orange-ish "Gear Icon" (second-from the left at the top right-hand side of the window) to open the Ad-Aware configuration utility.
     
     
   • Under the "General" tab, all radio buttons should be green; if not, click to activate them.
     
     
   • Click the "Scanning" bar at the left of the page. Under "Drivers, Folders & Files", only the "Scan within archives" button should be green. Under "Memory & Registry", all buttons should be green.
     
     
   • Click the "Advanced" bar. Under "Shell Integration", "Move deleted files to Recycle Bin" should be green, and its your call whether you want to add "Scan with Ad-Aware to Explorer".
     
     
   • Under "Logfile Detail Level", all 3 buttons should be green.
     
     
   • Under "Alternate Data Streams", both buttons should be red.
     
     
   • Skip the "Startup", "Default", and "Interface" bars for now.
     
     
   • Click the "Tweak" bar. Click the plus-sign to open "Scanning Engine". "Unload recognized processes ... ", "Obtain command line ... ", and ""Scan registry for all users ... " should be green, "Run scan as background ...", "Ignore spanned files ...", and "Use permanent ... " may be left red.
     
     
   • Click to open "Cleaning Engine". The first 5 buttons should be green ("Automatically check ...", "Always try ...", "During removal ... ", "Let Windows remove ... ", and "Delete quarantined ..."} should be green, the remaining 3 ("Suppress warning ...", "Suppress progress ..." and "Disable manual ...") should be red.
     
     
   • Skip the remaining bars, click "Proceed", then close Ad-Aware WITHOUT RUNNING A SCAN.
     
     
   • With Ad-Aware closed, download LavaSoft's VX2 Cleaner Plugin, and install it per instructions found on the download page. read the instructions carefully so you'll know how to run the plugin when required. Do not run it, or Ad-Aware SE Personal, yet; just exit back to your desktop.
   
   
   
   
9. Download LSP-Fix. Just download it to a convenient-to-find place on your machine (A suitably named new folder your desktop is fine for now); it may or may not be needed, but if it is needed, you'll want to find it easily. Sometimes removal of yuckware will result in your not being able to connect to the internet. If this happens, LSP-Fix should take care of the problem. Be sure to read and understand (good idea to print out) the application's DOCUMENTATION so you know what to do if it becomes necessary.
   
   
10. Download, install, and update Spybot S&D. Just install and update it (when it installs, the program will give you the option to "Download all updates" - let it do so), don't run it yet.
    
    When it installs, the program will give you the option to "Download all updates" - let it do so. It will also step you through a Restore Point/Registry Backup process - follow through with each step Spybot wants you to do when it first installs.
    
    • When the program has been installed and updated, select "Immunize", click the green "+" plus-sign symbol at the top of the page to install Spybot's immunization, and follow any prompts.
      
      
    • On that same page, click to place a checkmark in the "Browser Helper to block bad downloads ..." button, then, from the dropdown below that, select "Block all bad pages silently".
      
      
    • At the top left of the main page, click "Mode", then select "Advanced"
      
      
    • Click "Tools", and make sure everything in the right-hand panel EXCEPT "View Report" and "Bug Report" is checkmarked.
      
      
    • Select "Resident" and on that page's right-hand panel, make sure only "Resident SD Helper" is checked, do not activate "Tea Timer"
      
      NOTE: DO NOT SELECT Spybot S&D's "TeaTimer" option at this time; its still sorta buggy, especially with WinXP.
      
      
    • Click "Hosts File", and at the top of that page's right-hand panel, click the green "+" plus-sign to install Spybot S&D's HOSTS list.
      
      
    • Next, click "Settings", then in that page's right-hand panel, select "File Sets"; everything in he right-hand panel under "Spybot - Search and Dstroy" should be checkmarked. "Usage Tracking" is optional and non-critical, but I recommend you select it too; doing so will help keep your machine free of Temporary File clutter.
      
      
    • Click "Ignore Products", and in that page's right-hand panel, under the "All Products" tab, make sure NOTHING is checked
      
      
    • When the configuration has been completed, just close Spybot S&D without running a scan yet.
    
    
11. Download CWShredder, and unzip it to your desktop, but don't run it yet.
    
    
12. Download, install, and update CCleaner[/i][/u] per the instructions on the download page. Just download, install, and update it, don't do anything with it yet; we'll be using it a a few times later in this process.
    
    
13. Download, install, and update Javacool Software's SpyWareBlaster. When the update has completed, select "Enable all protection", and exit back to your desktop. SpywareBlaster does not need to be running for its protection to be active, but you should should launch it at least weekly to check for updates. Read the FAQ HERE
    
    
14. Download the latest version of McAfee/AVERT Stinger - read and understand the instructions for running it, but don't run it yet, just download it to a convenient-to-find location such as an appropriately named folder on your desktop.
    
    
15. Update your own resident anti-virus application, but do not run a scan with it yet; just update it and close the application.
    
    
16. Now, per the instructions for your own resident antivirus and other security/privacy software, and with no other browsers or chat, messaging, or email clients open or running, DISABLE your resident anti-virus and other security/privacy software, then immediately go to TrendMicro HouseCall Free Online Scan and, per the instructions, run the free scan-and-clean process. If when it has finished, it reports it detected but did not remove something, please make careful, exact verbatim note of the item(s) reported - save it to report back here when the time comes.
    
    
17. When you have completed the TrendMicro scan-and-clean, locate and launch CCleaner, and have it run a full cleanup only (do not do anything with "Issues" or "Tools" at this time).
    
    
18. When that has completed, reboot your machine, and, with your resident antivirus and other security/privacy software disabled and no other browsers or chat, messaging, or email clients open or running, go to Panda Free Online Scan, and run the free online scan-and-clean available there. Please save the report it will generate when it has completed; we'll want to see that when the time comes.
    
    IMPORTANT: DISABLE ANY OTHER ANTIVIRUS YOU MAY HAVE ON YOUR MACHINE BEFORE RUNNING ANY OF THE ONLINE SCANS. Also, if you have any popup blocking, adblocking, or actively running antispyware application, disable those as well; they can interfere with online virus scans. Should an online scan report it has detected something it cannot repair or remove, please copy the exact message received, being sure to note the entire name and path of any file mentioned, and save it to post here at the appropriate time.
    
    
19. When that has been done, locate and launch CCleaner once more, again running a full scan-and-clean only.
    
    
20. When that has completed, Boot Into Safe Mode. The following steps are to be carried out in safe mode until the series is completed, and you are advised to reboot normally. If at any time during the process you do reboot, boot back into safemode before proceding with the next step.
    
    
21. Locate and launch Stinger; have it scan-and-clean your system per its instructions. When it has completed, reboot into Safe Mode and run it again. Do not reboot.
    
    
22. While in Safe Mode, locate and launch your own resident antivirus and run a full system scan-and-clean with it. When that has completed, do not reboot.
    
    
23. Next, while still in Safe Mode, locate, launch, and run CWShredder. Select "Fix" and let it run to completion. When it has completed, regardless what it reports, run it in its "Fix Mode" again. Do not reboot.
    
    
24. When that has completed, and while in Safe Mode, locate and launch Ewido Anti-malware, and run a full system scan-and-clean. Have it "Fix" whatever it finds. Please save the report it will generate when it has completed; we will want to see that when the time comes.
    
    
25. When that has completed, and while in Safe Mode, locate and launch Windows Defender, and run a full system scan-and clean with it, having it "Fix" whatever it finds. Again, when it has completed, and while in safe mode, run it a second time.
    
    
26. When that has completed, locate and launch Ad-Aware SE, select and run the VX2 Cleaner Plugin per instructions. When the plugin has completed, run it again. Now, again without rebooting, or if you have rebooted, while running in Safe Mode, run a full-system scan-and-clean with Ad-Aware SE, directing it to remove everything it finds. Once again, without rebooting, run a second full-system scan-and-clean with Ad-Aware SE.
    
    
27. Following the second run of Ad-Aware SE, locate and launch CCleaner once more, and again run a full scan-and-cleanup only.
    
    
28. Now, reboot normally, but DO NOT ALLOW YOUR MACHINE TO CONNECT TO THE INTERNET. If necessary, physically disconnect the cable between your machine and your internet access device or shut off your Wireless Gateway.
    
    
29. When your machine has rebooted, and not connected to the internet, be certain your own resident anti-virus and any other security/privacy software is disabled, then run full system scan and clean proceedures with, in this order:
    
    
    • CWShredder
      
    • Ewido Anti-malware (Note: Again please save the report generated when the application has completed)
      
    • Windows Defender
      
    • Ad-Aware SE (Note: Please also run Ad-Aware SE's VX2 Cleaner pluigin once more as well)
      
    • Spybot S&D (Note: Have Spybot S&D "Fix" everything it reports found which it lists in RED, items listed in GREEN are non-critical and your call)
      
    • CCleaner
    
    
    
30. Now, reboot normally once more, and without allowing your machine to connect to the internet, locate and launch HiJackThis. Before running a scan, please have it generate a Startup List by going to the "Miscellaneous Tools" page, placing a checkmark in each of the 2 boxes next to the "Generate StartupList Log" button, then click the button and save the generated report. When that has completed, WITH NO OTHER BROWSERS, WINDOWS, FILESHARING, EMAIL, OR MESSAGING APPLICATIONS OPEN OR RUNNING, click the "Back" button, and have HiJackThis run a scan-and-save-log only - DO NOT "FIX" anything yet.
    
    
31. When that has completed, make sure your resident anti-virus and other security/privacy software are enabled, connect to the internet, navigate back to this thread, and post
    
    • The Panda ActiveScan Report
      
    • Both the 1st and 2nd Ewido Anti-Malware reports
      
    • Any error messages or "Could not remove" reports you may have encountered, if any - please report these verbatim, exactly as they appeared.
      
    • The HiJackThis StartupList Log
      
    • The HiJackThis Scan Log

You may find it convenient to click "Turn on email updates" down at the bottom right of this page; doing so will cause a notification to be sent to the address you registered with A2K whenever this topic receives a reply.

hi guys,
just a quick update
tried the spysweeper and it got rid of it then it came back again, tried adaware and same thing again.
Just installed Mozilla Firefox as my internet connection instead of internet explorer and finally ive had no more problems.
Heard about this firefox connection before and so far so good.
Thanks for all your help

While it appears that the problem is solved you still have some unwanted crapware on your system, Installing and using FireFox is a temp soluation to the problem, should one of the kids click to open Internet Explorer they will see the adult material, You will want to get rid of the infections that are on your system,

I would suggest you follow Timbers advise and post the logs he requested he will get you sorted out :wink:

Thanks don but its ok as ive removed internet explorer from my desktop and launch bar. The only internet connection i now have is firefox.

Hi, Don - long time no see; great you've dropped by again! Hope you find time to stick around band play some here, but if not, I understand.


Nosey, it ain't really "OK" - as Don says, the problems still are there, just hidden, and yuckware can and does affect more than just IE - slapping a shade over a busted window does nothing to fix the broken window, and your window - more pointedly your machine's Windows operating system - is broken.

I been popping in once in a while think I may just come visit more,


Again Fire fox is a fine browser but in order to keep Windows up to date your going to need IE,


Well said