Spyware/Adware How do I get it Off?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I was about to take my computer to Best Buy and pay $189 to hopefully get
this stuff off my machine. I don't know how it got on in the first place
except my g-son downloaded some things on April 1 and thats when it began. I
get a warning that ISearch Desktop is running in memory and that WebHancer is
running in memory. I finally found two of them by a search webhdll.dll and
one called ssk.exe or surfside but when I try to delete them, I am told I
can't because the disk is full, or I am not authorized. Can I SUE these
people. I tried to download something that told me was a warning and would
get rid of it, turned out to be worse and more of the ad stuff. Then I tried
to download beta windefender and it closed my internet connection. I had to
delete it and spend an hour on the phone with a tech to get that fixed. I am
ready to throw my computer out the door. Big blobs just appear on my screen
with little tiny x to close you have to hunt for. What can I do???
 
I was about to take my computer to Best Buy and pay $189 to hopefully get
this stuff off my machine. I don't know how it got on in the first place
except my g-son downloaded some things on April 1 and thats when it began. I
get a warning that ISearch Desktop is running in memory and that WebHancer is
running in memory. I finally found two of them by a search webhdll.dll and
one called ssk.exe or surfside but when I try to delete them, I am told I
can't because the disk is full, or I am not authorized. Can I SUE these
people. I tried to download something that told me was a warning and would
get rid of it, turned out to be worse and more of the ad stuff. Then I tried
to download beta windefender and it closed my internet connection. I had to
delete it and spend an hour on the phone with a tech to get that fixed. I am
ready to throw my computer out the door. Big blobs just appear on my screen
with little tiny x to close you have to hunt for. What can I do???
Click to expand...

Lets start by removing the Malware on your computer:

Always remember - only download files from Trusted Sites.

The following links will take you to vendors sites for Spy Ware / Ad
ware removal tools and also for Antivirus tools. After you install any
of these applications and update them, run them in SAFE MODE to allow
them to properly clean your system.

First, make sure that your Java is updated to the latest version:
http://www.java.com/en/download/index.jsp

These sites are for downloading Anti-Malware and Anti-Spyware tools, in
order that I would use them myself:

Dave Lipman's tools:
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Secured2K's AntiPauper (download link/info at)
http://forums.mcafeehelp.com/viewtopic.php?t=65072

AdAwareSE can be found here:
http://www.lavasoft.de/support/download/

SpyBot Search and Destroy can be found here:
http://www.safer-networking.org/en/download/index.html

HiJack can be found here:
http://www.spywareinfo.com/~merijn/downloads.html

Ewido Security Suite Trial can be found here:
http://www.ewido.net/en/download/

CrapCleaner can be found at the vendors site here:
http://www.ccleaner.com/ccdownload.asp

CleanUp can be found at the vendors site here:
http://www.stevengould.org/software/cleanup/download.html
or from another reputable source:
http://www.tucows.com/get/405276_152071

The following are two links to Antivirus software in order that I would
use them:

You can also download Symantec Trial version of their Antivirus software
from here:
http://www.symantec.com/downloads/

Download AVG Personal Free edition from here:
http://free.grisoft.com/freeweb.php/doc/2/

These are the actual vendors sites, not some unknown or authorized no-
name site. They also don't artificially increase the hits for sites that
get paid for the amount of traffic they can generate like one poster has
admitted to in this group.

Now, once you've done that, you may need to fix several things that MAY
have been corrupted by using the built-in SCF utility:

Click Start menu, and then click the Run icon.
In the small box that Opens, type the three letters: cmd then click
the OK button.

In the command prompt window that just opened (a black background and
white text), type the following command:

SFC /scannow
and then click OK

You must be logged on as a member of the Administrators group to run
SFC..

You will need your Windows XP CD during this procedure if SFC needs to
get an original file. Please remember that Windows XP can have multiple
instances of a .DLL file and remember which version is for which
program.
 
WebHow do I log on as a member of the Administrators group - is that Me for
the computer - nothing to do with logging on to this site? Also I do NOT
have a CD of my Windows XP. When I bought the computer I was told that it
was on the computer for restore and I did not get a cd (that puzzled me also
but thats what they said). My computer is an EMachines purchased at Best Buy
one year ago. The problem is getting worse because I almost can not get to
anything - locking up. Can you recommend a reputable repair place..I know
not to go to Best buy from these posts - what about MicroCenter. I am lost
as to what to do. I have Webroot Spy Sweeper and Norton Anti Virus and have
run scan, etc but when it tries to get rid of the Spyware running in memory -
I get a message that it can not until I close all applications. I think they
are closed - reboot and still the "stuff" is there!! so Spy Sweeper isn't
handling it. Thanks for trying to help me. I think I am just hopeless to
try to do it myself.
 
From: "Granny" <[email protected]>

| I was about to take my computer to Best Buy and pay $189 to hopefully get
| this stuff off my machine. I don't know how it got on in the first place
| except my g-son downloaded some things on April 1 and thats when it began. I
| get a warning that ISearch Desktop is running in memory and that WebHancer is
| running in memory. I finally found two of them by a search webhdll.dll and
| one called ssk.exe or surfside but when I try to delete them, I am told I
| can't because the disk is full, or I am not authorized. Can I SUE these
| people. I tried to download something that told me was a warning and would
| get rid of it, turned out to be worse and more of the ad stuff. Then I tried
| to download beta windefender and it closed my internet connection. I had to
| delete it and spend an hour on the phone with a tech to get that fixed. I am
| ready to throw my computer out the door. Big blobs just appear on my screen
| with little tiny x to close you have to hunt for. What can I do???


For non-viral malware...

Please download, install and update the following software...

* Ad-aware SE v1.06
http://www.lavasoft.de/
http://www.lavasoftusa.com/
http://www.lavasoft.de/ms/index.htm

* SpyBot Search and Destroy v1.4
http://security.kolla.de/
http://www.safer-networking.org/microsoft.en.html

* SuperAntiSpyware
http://www.superantispyware.com/superantispywarefreevspro.html

After the software is updated, I suggest scanning the system in Safe Mode.

I also suggest downloading, installing and updating BHODemon for any Browser Helper Objects
that may be on the PC.

* BHODemon

http://www.majorgeeks.com/downloadget.php?id=3550&file=11&evp=245a87539eea8ed6904332b4b8b8442d

For viral malware...

* Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://harrisonrj.home.comcast.net/step_by_step_pc_cleaning_process.htm#Step_3_%96_Getting_Help


* * * Please report back your results * * *
 
Back
Top