Where did this come from

Page 1 of 2 12 LastLast

  1. Posts : 708
    Windows 7 Pro
       #1

    Where did this come from


    For the last two days when I startup my PC (Win 7 Pro with IE9 and Google Toolbar installed I get this popup:

    Where did this come from-search1.jpg

    I follow the links on the popup and get these:

    Where did this come from-search2.jpg

    Where did this come from-search3.jpg

    They provide NO real help and would like to stop this popup if possible.

    Any help would be appreciated.
      My Computer


  2. Posts : 10,994
    Win 7 Pro 64-bit
       #2

    I'm going to take an educated guess and say your computer has been infected with malware. According to a quick search for Spigot, Inc (the company listed in your fist snip) they seem to make "custom" toolbars so other companies can increase their revenue. This Avast forum article may help you.

    http://forum.avast.com/index.php?topic=63642.0

    I'd definitely concur with the suggestion to install the free version of Malwarebytes, update it, and run a full scan. I also checked bleepingcomputer for any mention of "spigot" (use their search function) and it returned over 300 entries:

    Search Form - BleepingComputer.com
      My Computer


  3. Posts : 7,730
    Windows 7 Ultimate SP1 64-Bit
       #3
      My Computer


  4. Posts : 461
    Win 10 Pro x64, Win 7 Pro x64
       #4

    Did you install a new prog/that sneakily installed a toolbar recently?


    According to Spigot Inc, the toolbar is "easily" removed: Spigot Search Settings | Easily Remove searchsettings.exe
    Look for something in Control Panel/Programs and Features/Uninstall-change program/ Spigot and/or Dealio and remove it.

    I would also run MBAM as previously suggested. Install it, update it's defs. Under Settings>>Scanner settings for PUP (potentially unwanted programs) & PUM (potentially unwanted modifications) set it to show results, but be careful to only remove objects related to the toolbar.

    Hope this helps :)
    Last edited by Urthboundmisfit; 13 Feb 2012 at 23:27.
      My Computer


  5. Posts : 24,479
    Windows 7 Ultimate X64 SP1
       #5

    In my experience toolbars just muck things up. I would suggest you remove the Google toolbar. It can serve no useful function beyond what a shortcut added to your Favorites bar for google.com would provide.
      My Computer


  6. Posts : 461
    Win 10 Pro x64, Win 7 Pro x64
       #6

    What Britton30 said. :)
      My Computer


  7. Posts : 845
    Windows 7 - Vista
       #7

    "Internet Explorer" tab - SysInternals Autoruns for Windows
      My Computer


  8. Posts : 708
    Windows 7 Pro
    Thread Starter
       #8

    I have found the problem:

    Where did this come from-search4.jpg

    Aliases of Backdoor.Spigot (AKA):
    [Kaspersky] Backdoor.G_Spot.20
    [McAfee] BackDoor-AAG
    [F-Prot] security risk or a "backdoor" program
    [Panda] Bck/Spigot.A
    [Computer Associates] Win32.Spotbot.20

    It is located in C:\Program Files\Common Files. There is NO uninstall file associated with it.

    I ran Malwarebytes and it is not considered to malware, it was NOT found. It does not show up in either Program Removal or Revo Uninstaller.

    To remove it, my understand requires changing a registry entry. God I hate making changes to the registry.

    Open regedit

    To delete each registry key listed in the Registry Keys section, do the following:
    Locate the key in the left pane of the Registry Editor window by sequentially expanding the folders according to the path indicated in the Registry Keys section. For example, if the path of a registry key is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName1, sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA, and FolderB folders.
    Select the key name indicated at the end of the path (KeyName1 in the example above).
    Right-click the key name and select Delete on the menu.
    Click Yes in the Confirm Key Delete dialog box.

    delete each registry value listed in the Registry Values section, do the following:
    Display the value in the right pane of the Registry Editor window by sequentially expanding the folders in the left pane according to the path indicated in the Registry Values section and selecting the specified key name. For example, if the path of a registry value is HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName2\,valueC=, sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA, and FolderB folders and select the KeyName2 key to display the valueC value in the right pane.
    In the right pane, select the value name indicated after a comma at the end of the path (valueC in the example above).
    Right-click the value name and select Delete on the menu.
    Click Yes in the Confirm Value Delete dialog box.

    I really don't want to do this. When I get my nerve worked up I guess I will try it.

    Hope this helps someone else.
      My Computer


  9. Posts : 10,994
    Win 7 Pro 64-bit
       #9

    Try the Revo Uninstaller Pro version. It comes with a free 30 day trial. Use the forced uninstall mode to see if Spigot can be removed. Revo will also scan the registry and delete registry remnants.

    Download Revo Uninstaller Freeware - Free and Full Download - Uninstall software, remove programs, solve uninstall problems
      My Computer


  10. Posts : 24,479
    Windows 7 Ultimate X64 SP1
       #10

    jcgriff2 said:
    "Internet Explorer" tab - SysInternals Autoruns for Windows
    ^^^^I would use this to find all the reg entries involved. If you miss one it could just regenerate the program and assimilate your PC like a Borg drone.
    Last edited by Britton30; 12 Dec 2011 at 06:21.
      My Computer


 
Page 1 of 2 12 LastLast

Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 06:14.
Find Us