... give 'Spyware Doctor' a try.
If it fails, we have to do it manually.
Spyware Doctor is exactly the program that my Cyber attack is attempting to force me to purchase. We shouldn't be held hostage to buying yet another program. I would think that most of us have already purchased programs that we thought would protect us.
Please download the McAfee Stinger from HERE by clicking on Stinger v10.0.1.624
Once you have downloaded this file, save it to your desktop and double click on it. Before clicking on "Scan Now" , click on "Preferences" and under "Scan these targets" make sure both options are ticked.
Also, under "Heuristic network check for suspicious files" there should be a drop down currently set to disabled. Change this to "Very High" and click OK. Then select "Scan Now".
Hope this helps.
Thank you. That was the final cure. Super Anti-Spyware helped for a while, but it was Stinger that really fixed the problem. I had asked a similar question (which apparently affects a lot of people as there were 222 views) and received a response to try the Super Anti-Spyware and Malware (which I already had). They helped for awhile, but it was YOUR HELP that did the trick. When I posted the other question about being attacked by Cyber, I received a response and an e-mail. I could not have gotten onto the internet without that e-mail. Is it possible you can e-mail your answers, also? Anyway, you fixed the problem and I am so thankful. It is absolutely necessary to have those links included in responses.
I hope you tried Stinger. It finally fixed my problem. The link and instructions were posted my Mohammed Aziz. I don't know enough to direct you there, so I can just give you my advice. I keep running the scans, Super Anti-Spyware, Malware and Stinger. Also, McAfee finally kicked in and may have been some help. We shouldn't be held hostage to buy that Doctor something program.That's exactly what the Cyber attack was attempting to force me to do. I am so thankful for this site. I don't know what I would have done. I feel your frustration.
I have tried Stinger but it keeps coming up with nothing. Could there be another underlying virus that I am missing? I keep removing the same files with the three recommended anti-spyware/malware programs but when I restart my computer all of the spyware protect 2009 files are back.
If it keeps coming back there are a few things we can look at:
1. Do you have System Restore running? If System Restore is enabled then I would recommend disabling it when you clean up the threat. This will get rid of any restore points so don't have to worry about restore bringing it back for you. Once you are sure the machine is clean then you can re-enable System Restore.
2. Your hosts file was probably modified by the threat. If you go to C:\Windows\system32\drivers\etc you file a file called "hosts". A clean hosts file should look something like:
# Copyright (c) 1993-1999 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# 18.104.22.168 rhino.acme.com # source server
# 22.214.171.124 x.acme.com # x client host
If there are any entries below the 127.0.0.1 line, delete them and save the hosts file. You can open and edit the hosts file using notepad.
3. Take a look in your c:\Program Files folder and see if there is a Spyware Protect or similarly named folder. If so, open up the folder and ensure all the files inside that folder are deleted. If it's actually running on your system you may not be able to delete unless you are in safe mode.
4. Make sure all the registry keys are gone. If you run Regedit you can check to see if these keys, or similar, are in the registry and delete them if they are
HKEY_CURRENT_USER\Software\Spyware Protect 2009
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\Spyware Protect 2009
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Spyware Protect 2009
If you don't know what you are doing in the registry you may want to find a friend who is more experienced that would delete these for you. Deleting or modifying the wrong items in the registry can cause serious system issues.
Hopefully some of the above will help you out.
blondonix, it looks like you got an expert reply from Brian Mann. I am new at this, so just tracking discussions and solutions. It appears this is a problem for many people as there have been 242 views. That's just by the people who are fortunate enough to find this site. I hope you were able to solve your problem because I know how frustrating it can be. I received an e-mail response to my question. This was extremely helpful because I couldn't even get on the Internet. I am so thankful for this site and the experts who take the time to help us with our problems. Thank you, McAfee and thank you experts. You have recovered my faith in computers.