invincible spyware

ediz

Any advice much apreciated as i've just run out of ideas at this point . I'm trying to fix a laptop thoroughly jammed with various virii and spyware, I think i've gotten most of it after running fully updated adaware/microsoft antispyware/avg antivirus, disabled and wiped system restore and fixed the various host file/browser settings mess, but one malignant browser pest seems unkillable.

It seems to hijack google/yahoo etc searches and return false advert laden results, attempts to change the homepage (antispyware repeatedly stops it) and most irritatingly it seems to be filtering any html page loaded and replaces all html links with ones leading to a random advert site.

Avg/lavasoft dont seem to pick up anything, I can't see anything amiss in the active processes and the same affliction affects firefox, i've tried starting in safe mode to to no avail, and in short i'm stumped .

Gilgamesh

reinstall?

seriously is normally less timeconsuming then tryin gto fix a problem with software in the magnitude you mentioned it

Dyr

I found spysweeper ( i think) and hijackthis! cleaned the difficult to remove stains that other leading brands had failed to remove

ediz

Hehe I thought someone would point out the obvious choice , it's been in the back of my head as this evil bugger escalated and i'm probably deluding myself but i'm fairly eager to somehow miraculously avoid the scorched earth policy, how successfully i'll soon see...

I just wish explorer wasn't so integrated into Xp, reinstalling just explorer seems nigh on impossible, at best it's a case of disabling and re=enabling it.

ps cheers for the suggestion bambi, i'll go and see if they can succeed where so many others have failed :mad:

Capt'n Midnight

Download FireFox then etup a dummy proxy in IE so neither it nor all those windows services don't connect to the internet.

The use FireFox to download all the tools listed in the stickies here and on the windows forum including - if XP SP2 turn on the firewall - prob best to get zonealarm too so it tells you what is trying to connect. and M$antispy ware alerts you to stuff trying to hijack home page - do a full scan.

When finished and all clear and patched and firewalled then can consider turning IE back on by removing proxy from settings

Goldstein

Might be worth keeping an eye on the most recently accessed files in sys32 while you're using the browser (including hidden files). I remember seeing a similar one that filtered every page you go to through multiple hidden xml files in sys32. It's unlikely but it may be doing something sililar. If in doubt query any suspect files in Google, although this won't help if it's a randomly generated filename.

May be a browser helper object issue, try running BHO Demon: (Freeware)

http://www.majorgeeks.com/download3550.html

garred

Spyware is the bain of my life. You are probably best doing a clean install and then doing a ghost image on cd/dvd for future probs...it'll get you back up and running in the time it takes to do a scan.

ediz

Thanks for all the suggestions, much apreciated, i'm methodicly going through them one by one, I seem to have weeded out part of the problem and everythings running fine on safemode with networking which seems to point at some kind of system service or startup program despite there being nothing obvious in msconfig, i'll get there eventually..

As for the clean install clone hehe, good advice in a similar vein to earnest blood oaths to various pagan deities to henceforth backup religiously following hard drive death, hopefully this enjoyable little experience will give me the neccesary inspiration.

Tony H

install Firefox , NOD32 anti-vir,spybot s&d, microsoft anti spy , spyware blaster, spyware guard , lavasoft adaware ,zone alarm , i know its a lot of programmes but since i installed all of the above i have'nt has a problem ,before you run the above programmes , turn off system restore as the buggers can hide within it .

Capt'n Midnight

fitzdragon wrote:

,before you run the above programmes , turn off system restore as the buggers can hide within it .

Forgot that :rolleyes:
all your good work being undone by the OS, another trick is to take ownership of system restore folder so you can virus scan it if you need to keep it.

ediz

Just like to say thanks to everyone that helped out with suggestions, after an apocalyptic struggle my pc once again seems to be back under my control (as far as it ever is) . The next few months of computer use will no doubt consist of paranoid shivering fear with a few dozen anti-everything programs hovering in the background sucking up every MB of spare ram

mp3guy

You can always get rid of spyware without reverting to an OS reinstall. One thing i sometimes need to do, is run a 3rd party program, like enditall2, find out the rouge program, kill it, delete it through dos. Always does the trick.