I have computer that's been invaded by a spyware virus that's hijacked
my homepage, installed an auto dialer and blocked my internet option
controls. I've tried downloading spybot and spysweeper and I've even
attempted to download an alternative browser. The "bug" seems to
attack all of the downloads and I get error messages or locked up when
I go to use any of dowloads. Would I fare any better if I purchased a
spyware of hijacker removal program on c.d.?  If so which would you
recommend. My operating platform is Windows 98.

Hi!!

This will be a step by step answer, I will post this first as a first
attemp to fix your PC. Please follow the instructions:

First of all if you cannot use your computer to download go to a cyber
to download the following programs:
Ad-aware:
http://lavasoft.element5.com/support/download/#free

Then install and run it, for a guide of how to do that visit the following page:
"Ad-aware Tutorial":
http://www.fluteloop.com/Adaware6.htm


Another tool that you will need is HijackThis by Merijn; this is a
great tool for detecting and removing browser Hijacks. A browser
hijack is when spyware takes over your internet settings. To download
it:
http://www.spywareinfo.com/~merijn/files/HijackThis.exe

"HijackThis Tutorial - How to use HijackThis to remove Browser Hijackers & Spyware"
http://www.bleepingcomputer.com/forums/index.php?showtutorial=42

See in particular the following section:
http://www.bleepingcomputer.com/forums/index.php?showtutorial=42#HowToUse


Now try to install Ad-aware and run it to scan your computer, if you
cannot reboot in safe mode and try again.
"Starting your computer in Safe mode":
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406?OpenDocument&src=sec_doc_nam


Let Ad-aware fix anything that it find and then reboot your computer
in normal mode to check its behavior, finally scan your computer with
HjackThis and without fixing anything generate and post a log file
here, I will analyse it and then tell you which items must be fixed if
there are some remanents.


Remember that this answer is not ended until your problem will be
fixed, so use the clarification feature to post HJT logs and request
for further assistance and I will be glad to give you the requested
aid.

Regards.
livioflores-ga

---

Request for Answer Clarification by sean1357-ga on 07 Jun 2005 13:37 PDT

Thank you for the complete reply. I had read about hijackthis and it
was the first item I had tried to download, but it also was not
successful in downloading. It generated some text in undecipherable
characters.  I am going to try to remove the spysweeper and spybot
programs (also seemingly a problem to do) and run through your steps.
I'll let you know.

I guess I still wonder (being unsophisticated with this) if there is a
c.d. item that would do these functions and, if so,  whether that
might avoid the apparent downloading snafus?

---

Clarification of Answer by livioflores-ga on 07 Jun 2005 18:48 PDT

I live in Argentina and here the cybercafes let us download programs
to be saved in a CD, try this.
Other option is booting in safe mode and in this mode try to download,
install and run the mentioned programs. Note that in the safe mode
only essential programs and services are loaded, so the pests in your
computer probably do not work in this mode.

The krissssthesolver is good, but to avoid mistakes you can do rhe
following, make a list of the starting programs listed in MsConfig
window and I can tell you which ones can be disabled to prevent for
running at the startup.
The following page will be useful if you take this way:
"How to use MSCONFIG":
http://netsquirrel.com/msconfig/

You can also try an online antivirus scan at TRend Micro, just select
your location and click GO:
http://housecall.trendmicro.com/housecall/start_corp.asp


Note:
I do not recommend you to install propietary products like Norton
Internet Security in an infected computer, this remedy could become
worst than the illness.


Again do not hesitate to use the clarification feature to request assistance.

Regards,
livioflores-ga

I have been through this process using exactly the tools recommended. 
It was slow and difficult process, but at the end of it all I was
virus free.   And I didn't loose any data.  It was well worth the
effort.

The Best answer that i would recommend is that,
Goto Control panel, click on Add/Remove Programs... and uinstall all
the unrequired or the suspicious programs.

Then restart and try uninstalling spybot and any spyware you have..
i will recommend you to use Super Ad Blocker Software. Thats the one i
use and trust(coz its best that i used till now).

http://www.superadblocker.com/downloadfile.html?productid=SUPERADBLOCKER

It has popup blocker, spyware blocker, spyware cleaner.

Wish you good luck and have clean PC.

KrisssstheSolver

Spyware Programmers First Commandment. Thou shalt install every
spyware removal tool thoust can findeth and testeth them against your
own spyware before you releaseth it.

Having said that;

You need to backup your important files and reformat your PC's hard
drive. The integrity of your system is compromised at this point and
there's no reason you should pay for a PC and ISP just to be doing
someone elses work for them.

Ultimately, it takes less time to reformat then to bang your head
against the wall for the next few hours, days, weeks?

Seriously though, resist the urge to install ActiveX controls from
within your web browser. Try to change your monitor resolution to
1600x1200 or higher and then maximize your browser to see if you can't
see "around" the Install ActiveX flash media spam.

If you use Internet Explorer, Macromedia Flash (maybe Apple's
QuickTime) is quite possibly the only plugin you really may find
yourself ever "wanting" and it should be downloaded directly from
their site.

I keep a several hard drives but 1 in particular is very large backup
drive and has the installers and registration information for every
driver and piece of software that I use. I can quickly and easily
rebuild a fresh OS install to resemble my last system configuration.

After a few reformats you'll get quicker at it and on a modern system
you could be where you left off before the spyware came around in
under 30 minutes.

This method will always work 100% and it sure feels nice to always be
running on a very clean system.

I forgot to mention, you should shutdown your PC and unplug your
backup drive's power cable before you reformat and reinstall your OS.
Once your OS has finished installing and you have booted up the first
time, then you can shut down again and reconnect your backup drive and
proceed to reinstall your software.

Don't learn the hard way like me and find that your backup can easily
become C if you use RAID or SCSI. You could accidently reformat your
backup drive and install your OS to it! /cry

I Encountered a similar problem - the key is simply to keep your eyes
open, dont download dodgy stuff, and watch out for strange redirects
in web adresses.  Keep half an eye on the CPU light and hard disk
noise, I know it sounds stupid, but it saved me from
w32.trojan.dyfuca, powerscan.exe and optimise.exe, which were
downloaded as a packaged fly-by download, along with xxxtoolbar. I
deleted the files and their registry entrys before they could execute.
- Lucky Me !