Pets.ca - Pet forum for dogs cats and humans 

-->

Freakin Spyware, viruses - asidfbhwerbuiu!!!!

Sneaky2006
May 13th, 2005, 09:20 PM
I am so mad I could spit. After using the computer today, doing usual stuff, email, here, other boards same old same old.. I come across some handy-dandy new icons on my desktop... casino, meeting singles, money, PORN! Very nice porn icon for my son to view and open and god knows what else. I open IE again and it's a different homepage (PORN!), has a new search toolbar... okay, I think it's some spyware crap, I redownload my google toolbar and delete all the icons and I even search my comp for anything with the name AZESearch (which is the name of the toolbar that installed itself) so everything was deleted and I put my homepage back to yahoo.com, all is good.
I restart the computer and open IE again... it's yahoo.com alright, with the top searches on the page being something about boobies (humongous even) and shlongs (they didn't use those words either :sad: ). Not the real yahoo obviously but it even says yahoo.com in my address bar, I am going crazy. :confused: I don't know what else to do... I've done spybot, adaware, superadblocker, ran McAfee, ran the scandisk from Trendmicro.... I could scream! Help meeee please!!!

Sneaky2006
May 13th, 2005, 09:28 PM
I want to add that my yahoo page, even when I type it in the address bar, looks like just the regular yahoo page, same header and everything, except on this one you can't click on mail, messenger, etc... it's like a picture. WTF?

raingirl
May 13th, 2005, 09:28 PM
Now...

Adaware should work 100% of the time. Do you have the new Adaware SE? Came out a few months ago. If you have an older one, it won't pick up the new pop-ups. If you don't have that, get the new adaware, install it, and then update it so the data file is current! Then run it from there.

The only thing adaware doesn't get is CoolWebSearch. You need a tool called CWshredder for that one.

http://www.intermute.com/spysubtract/cwshredder_download.html

Let me know how those go.

Sneaky2006
May 13th, 2005, 09:33 PM
Yeah it's adaware SE... and I update it everyday.
So this is considered a pop up?? Nothing is popping up...

Thank you!! :)

raingirl
May 13th, 2005, 09:36 PM
Well...I call everything pop-ups. It's actually a hijack.

If you really want to get technical, there is a program called "hijack this". you can download it, and there is a part you run that will tell you everything that your computer loads up. You can post that info in many places on the net, and people can tell you want to remove. Sometimes it's the only way of knowing what is wrong.

Sounds like your registry was re-written. I'm searching to see if there is any new viruses out there. How current is your Mcaffee?

I know there is a new trojan out there that blocks hijack this and cwshredder. Try downloading the CWshredder and running it. If it closes when you try and open it, then we may have found the solution.

Here is a link to download hijack this...

http://216.180.233.162/~merijn/files/HijackThis.exe

After you download it, run it. Choose the option: "do a system scan and save a log file".

After it scan, notepad should load up and have text something like this (I put it in quotes):

Logfile of HijackThis v1.99.1
Scan saved at 10:39:19 PM, on 5/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe


Copy the text here and I will scan it for the problem.

CyberKitten
May 13th, 2005, 09:44 PM
There are some so called ads that completely hijack your system and even as yours did, change your home page. Do a system restore and if that does not work (it may not), you may have to unistall it and update the registry - NOT fun!! I had a friend who had that happen and fortunately she had backed up everything so we just formatted the HD and started over. Sometimes, it is the best way!

Even AdAware and other progarms do not get rid of all of them so hence the solution of formatting. BUT make sure you have a backup disk and know how to reinstall your programs, whether from a Recovery CD or the actual programs. I personally HATE recovery CD"s!

badger
May 13th, 2005, 10:31 PM
Same thing happened to me. It's called a Trojan Spy. It hijacked my home page and dumped porn sites on my favourites list. I recommend you open NOTHING.

There's this great site where you send them your log from a HijackThis scan and someone will walk you through the process.

http://www.short-media.com/forum/forumdisplay.php?f=57

Good luck, it's a real learning experience. Thank god for all the techies out there, including you Raingrrrl!

Sneaky2006
May 14th, 2005, 08:20 AM
Well I had to reinstall Windows last night. I was able to save my pics but that's about it, it's like I'll be starting from scratch! I have to DL all my programs again, but it's like a fresh start!

Thanks to everyone who tried to help!! :)

CyberKitten
May 14th, 2005, 01:32 PM
Great to hear you managed OK Sneaky but I know that stuff can be a pain, even when you sort of think you know what you are doing, lol On the positive side, you will have all new programs! :)

I actually tracked down the guy who created the one that infected my computer. I did not have to format but had to change the registry and it was just time I did not have - and well, frustrating that this can occur!! I found this guy's IP addy thru the code in his application and then tracked him through that to an address in Montreal, grrrrrrr!!! I did report him to the Better Business Bureau and even emailed him (from a computer in the university library and a Canada.com mail addy) - not unsurprisingly, he did not respond to me, lol I think there should be legislation against this. Sort of like a Do Not Call List only this would be a Do Not Change My Settings on My Computer List!

Schwinn
May 16th, 2005, 11:17 AM
Cheryl had a particularly evil one that everytime you tried to click a link for anti-spyware software, it directed you to it's home page. Several HOURS later I managed to get it fixed. Needless to say, we've learned the value of backing up software. Unfortunatly, not before my web page that I was getting ready to put up was lost.