 |
|
HELP me remove this spyware!
Submitted by marisela on October 25, 2007 - 4:56pm.
I was on the computer and suddenly, this pop-up comes up saying "1 file copied." The next thing I know, some random toolbar appears on my Internet Explorer.
It's called the nssfrch. I'm pretty sure it's spware/adware because it has links to sites telling me to download their programs.
Can someone please help me remove this! THANK YOU!    GuG-Points: 264 Last Seen: 08/22/2008 - 1:22pm Location: Where Da Dust Bunnies Live I am: Addicted to MySpace Re: HELP me remove this spyware!
December 9, 2007 - 9:18pm
Okay I have a problem AGAIN. I mentioned that mother has been having trouble with her laptop but she can't really explain well. She just says it slow. I had to update her spyware removers. I found a Smitfraud with Spybot!!! I ran the smitfraud remover in safe mode and it said it couldn't remove 2 temp files. The popups are still there. I have d/l ed the other trojan specific scanners and about to give all the scanners a chance (in safe mode). I will keep you updated. I will post my logs later. Hope to be back soon.     GuG-Points: 1094 Last Seen: 09/06/2008 - 12:27pm Location: Deserts of Arizona I am: Voting for Obama Re: HELP me remove this spyware!
December 12, 2007 - 2:57pm
GuG-Points: 264 Last Seen: 08/22/2008 - 1:22pm Location: Where Da Dust Bunnies Live I am: Addicted to MySpace Re: HELP me remove this spyware!
December 13, 2007 - 3:16am
I found the nasty little things that were stopping my adaware to work. The adaware scans and found 4 trojan downloaders. I manually deleted 2 of them and just changed the Adaware SE to Adaware 2007. It said it removed the trojan downloaders. I ran my other scanners and they don't pull up the downloaders anymore. I had already mention to you earlier about finding the downloaders w/ A squared and "removing" them (so I thought). Do they move or infect somewhere else? How do I know if they are truly gone? Hmmm.
GuG-Points: 1094 Last Seen: 09/06/2008 - 12:27pm Location: Deserts of Arizona I am: Voting for Obama Re: HELP me remove this spyware!
December 13, 2007 - 11:05am
What you need to do is boot into safe mode - turn off system restore. This may take some time as all the restore files will be deleted (You may get back a considerable amount of disk space). You can access system restore by right-clicking My Computer and selecting Properties the clicking System Restore. Then run your "scans" again - clean whatever it finds. Boot back into normal mode, run the scans again. The registry key entry - if it is found again - may need to be deleted manually. [300021291] Root: HKLM Path: software\microsoft\tracing\fwcfg Go to Run ->type in regedit->go to HKEY_LOCAL_MACHINE->and then start following the path outlined by the detection. When you find the entry (fwcfg) - right click and delete. Be careful here and make sure that you are deleting the last file detected - you do not want to delete the "tracing" folder. After this is all said and done - turn on System Restore.
"So where's the data?" "The data? The data is in the freezer." Conversation with a co-worker after a failed hard drive had been placed in the freezer to stiffen the bearings for one last run. GuG-Points: 264 Last Seen: 08/22/2008 - 1:22pm Location: Where Da Dust Bunnies Live I am: Addicted to MySpace Re: HELP me remove this spyware!
December 15, 2007 - 2:05am
Thank You! Thank You! I have updated and ran so many different scanners(one at a time and in safe mode) and have not found any problems. Well just the usually tracking cookies but not the REAL scary stuff like a trojan downloader. The LSPfix worked also. We just have small problem w/ Mozilla Firefox but it may just be the browser and not a malware issue. I cannot save things on MS nor upload anything on any site. My IE works fine. Maybe just a Firefox bug. Will it fix itself? GuG-Points: 1094 Last Seen: 09/06/2008 - 12:27pm Location: Deserts of Arizona I am: Voting for Obama Re: HELP me remove this spyware!
December 17, 2007 - 9:53am
Okay - cool. After a week of seemingly fighting everything computer related that crossed my path, it's nice to know that sometimes things work out. On to the next one. Try looking over this thread for fixing Firefox issues. Uninstalling Firefox will not uninstall your profile, so usually to fix issues you have to find and save your bookmarks and addon folders then blow away the profile folder. Or just create a new one. It's all here. http://grownupgeek.com/firefox-help "So where's the data?" "The data? The data is in the freezer." Conversation with a co-worker after a failed hard drive had been placed in the freezer to stiffen the bearings for one last run.        GuG-Points: 5895 Last Seen: 09/06/2008 - 10:16pm Location: Lost in Cyberspace..... I am: Not really paying attention Re: HELP me remove this spyware!
October 25, 2007 - 5:17pm
Did you look to see if it's in your add/remove programs (go to your control Panel then add /remove programs). If I were you I would also run your anti virus program. You can also scan your PC with Panda which is a FREE online antivirus and a good back up (some times what one doesn't see another will). I also like "Spybot Search & Destroy" and "Lavasoft's Ad-Aware". Those are also both free (links above for them).
 GuG-Points: 46 Last Seen: 09/01/2008 - 1:55pm Re: HELP me remove this spyware!
October 25, 2007 - 5:21pm
Thank you for your help!
Right now, I am running my McAfee virus and spyware program and it is scanning through my files. It says it found 1 file. I'm hoping it's that! If that doesn't fix my problem, then I think I will download those programs you listed.
Apparently, many people got this spyware toolbar today and yesterday. I think it's linked with IE users. Maybe it's time for me to switch over to Firefox! GuG-Points: 1934 Last Seen: 09/06/2008 - 5:54pm Location: Currently NJ, heading towards Western NY I am: Supporting our troops Re: HELP me remove this spyware!
October 26, 2007 - 8:12am
Thank you for your help!
Right now, I am running my McAfee virus and spyware program and it is scanning through my files. It says it found 1 file. I'm hoping it's that! If that doesn't fix my problem, then I think I will download those programs you listed. Apparently, many people got this spyware toolbar today and yesterday. I think it's linked with IE users. Maybe it's time for me to switch over to Firefox! No matter what you use for virus protection, and spyware removal, it's always a good idea to run more than one program. Before I switched to Firefox, there were instances for me where SpyBot will say my system's clean, but moments later, I'll run AdAware, and it might find stuff. Switching to Firefox will be one of the best moves you'll ever make regarding the "health" of your PC. Since I made the switch almost a year ago, I have had only 1 spyware result, and I'm almost positive I used IE the day it snuck in.
"How do you know I'm mad?" asked Alice. GuG-Points: 46 Last Seen: 09/01/2008 - 1:55pm Re: HELP me remove this spyware!
October 26, 2007 - 11:11am
So yesterday, I ran McAfee for a few hours and it found nothing. By the time that finished, my computer started acting all weird and it became extreeeemely slow. Pop-ups from the spyware/adware kept coming up telling me that I have a virus on my computer and that I have to fix it by downloading their program. I kept clicking the red x for them to go away, but they kept coming back. I tried downloading Lavasoft's program, but it somehow messed up and it uninstalled itself. That's when I just quit trying and I gave up.
Today, I still got the annoying popups and my computer is still pretty slow. I removed Internet Explorer to get rid of all the popups and I installed Spybot. I ran that and it found a few spywares, but my computer didn't get fixed.
I guess I should stop rambling on. Thanks for your help! Whenever I get this problem resolved, I am DEFINITELY switching to Firefox. GuG-Points: 1094 Last Seen: 09/06/2008 - 12:27pm Location: Deserts of Arizona I am: Voting for Obama Re: HELP me remove this spyware!
October 26, 2007 - 10:03am
Your real problem is probably this one: Adware.Agent.BN nssfrch is a component of this. The meat and potatoes of what happens is in this link http://www.threatexpert.com/report.aspx?uid=47e4183f-9c85-479e-b759-4f91bda83b00 Notice the tremendous amount of registry modifications that occur - that's what makes manual and software removal extremely difficult. Seems like the majority of nssfrch infected prople are having the most success using these utilites. Spybot and this "Smitfraud" fix http://siri.geekstogo.com/SmitfraudFix.php I recommend that you install and run both while in Safe Mode (pressing F8 on startup). I also know that I've caught Adware.Agent.BN by using AVG Free Antivirus. I'm not sure if other scanners will identify it or by the same name. Good luck! I do not feel obliged to believe that same God who endowed us with sense, reason, and intellect had intended for us to forgo their use. -Galileo Galilei GuG-Points: 46 Last Seen: 09/01/2008 - 1:55pm Re: HELP me remove this spyware!
October 26, 2007 - 1:27pm
OMG I think what you said is EXACTLY my problem. After I ran Spybot, I noticed I had several spywares involved with registry, but I didn't delete them because I thought they might harm my computer. So is it okay to delete those even though they're involved with the registry?
I saw that Spybot found a Smitfraud and I thought I deleted it, but I'm still having problems for some reason.
After I download that Smitfraud fix and go into Safe mode, what do I do after that? Does that fix delete any of the files on my computer? After do the thing with Safe mode on, when I restart my computer, will it still be in safe mode? - - - I think I'm going try the AVG Free Antivirus.
THANK YOU for your help. I'm sorry I asked so many questions. I'm not very smart at this and this problem is making my computer act all weird which is driving me crazy! GuG-Points: 46 Last Seen: 09/01/2008 - 1:55pm Re: HELP me remove this spyware!
October 26, 2007 - 2:46pm
Can you please explain to me what Safe Mode is? I've never tried to do anything in that mode before. Does it make the computer look different?
I think I'm going to have to use that Smitfraud fix because I've deleted everything found by McAfee, Spybot, and Lavasoft's Ad-Aware, but I still have the same recurring problem. Right now I'm running the free version of AVG Virus Protection. So far, it has found no threats. GuG-Points: 1094 Last Seen: 09/06/2008 - 12:27pm Location: Deserts of Arizona I am: Voting for Obama Re: HELP me remove this spyware!
October 26, 2007 - 4:30pm
>>>Does it make the computer look different? Yes - makes it all black and stuff. The most important part of safe mode is that it only loads necessary drivers and no start up programs. Of course, virus writers know that and somehow are still able to bypass safe mode precautions - but it's a step in the right direction. In Safe Mode, your best bet is to do all the scans, Smitfraud fix (which is designed to try and remove all those registry entries), and also try this "Trojan Scan" software (A Squared free 3.0). http://www.emsisoft.com/en/software/download/ I would prefer you even install while in Safe Mode, so you'll need networking, which is an option that will show up. Marisela, I'm not going to lie...if that doesn't work, you are probably going to have to save what personal data you can and reinstall from the recovery disk. I'm telling you this to try and save you the ridiculous amount of money that you're going to spend on the geek squad that will say basically the same thing. Last I checked I think they charge $80 per 5 GB of data transfer...maybe it's gone down. Feel free to watch this report on computer techs, including Geek Squad. http://www.cbc.ca/mrl3/8752/marketplace/geeks.wmv Anyway, try it out. If you think it worked, please respond this post.
I do not feel obliged to believe that same God who endowed us with sense, reason, and intellect had intended for us to forgo their use. -Galileo Galilei GuG-Points: 46 Last Seen: 09/01/2008 - 1:55pm Re: HELP me remove this spyware!
October 27, 2007 - 8:58am
IT WORKED! Thank you for all your help!
I thought doing all that in safe mode was going to be confusing, but it wasn't at all! So far, my computer seems to be running fine (and a lot faster!). I also switched to Firefox, which is much better than Internet Explorer!
I guess this means I owe you my first born child also! GuG-Points: 1094 Last Seen: 09/06/2008 - 12:27pm Location: Deserts of Arizona I am: Voting for Obama Re: HELP me remove this spyware!
October 29, 2007 - 8:48am
>>>I guess this means I owe you my first born child also! Not necessary <blushes and looks away-scuffs the foot a little>. Marisela, I'm not entirely convinced that we have this issue nailed. So I would like you to download this program. http://filehippo.com/download_hijackthis/ It's called HijackThis 2.0.2. It's an easy download and install. Just run it, but don't do anything except copy the log file when it's finished and either PM to my account or post. GuG-Points: 1094 Last Seen: 09/06/2008 - 12:27pm Location: Deserts of Arizona I am: Voting for Obama Re: HELP me remove this spyware!
October 31, 2007 - 10:51am
>>>Are you sure it isn't entirely fixed yet? I'll only know if you send me the HijackThis log. >>>By the way, what do you recommend as the best Virus/Spyware programs? The opinions vary on this site, but I'm a staunch AVG Free supporter. Easy install, updates quickly, doesn't hog system resources.
I do not feel obliged to believe that same God who endowed us with sense, reason, and intellect had intended for us to forgo their use. -Galileo Galilei |
Online Member Info:Out of 17158 registered users there are currently 7 users and 49 guests online.
NavigationSimilar postsNew forum topicsRecent comments
| ||||||||||||
This is my current "removal" with Adaware 2007. 
I finally got to install Lavasoft's program and I am running it at the moment. I'm hoping this will fix this problem for me! If not, I am going to try the online spyware Panda, but if that doesn't work for me, then I guess I will end up calling Geek Squad to fix it for me! 
GuG-Points: 46
Last Seen: 09/01/2008 - 1:55pm