Spyware Help: "Traffic Marketplace" and "Adwave"

[scottybk]

Anyone know how to get rid of these 2 parasites? I've tried Spybot and Ad-Aware, and HiJack This. Nothing works; every time I reboot they're back. I'm sure lots of you out there have this problem. Is removing them beyond a layperson's capability. Also, why has Congress not acted in outlawing thiscrap and tracking down these scumbags? It seem to me they are no different than burglars who invade your home and re-arrange the furniture. At a macro level, how the hell is this stuff even profitable? I've never heard of anyone who clicks on pop-up ads, most people don't even read them- they just shut the window immediately.

[big'ol_freeper]

Take your computer, throw it out the window and buy a Mac.

[holymoly]

Did you post your Hijack This log to a tech forum for expert help? I don't have the links at hand, but I believe you can post your Hijack This log to the SpywareWarrior.com forum. Also, I recall stumbling upon a forum called "Castlecops" to which people were posting Hijack This logs (I think).

[xJones]

I had a problem last weekend, and it took a washing of Ad-Aware AND Norton anti-virus. I was advised that you should also run an anti-virus along with your anti-spyware. It worked for me.

[holymoly]

Found it (Castlecops/Computercops forum):

Hijackthis - Spyware, Viruses, Worms, Trojans Oh My!

[BJungNan]

why has Congress not acted in outlawing thiscrap and tracking down these scumbags?

I've always thought their should an electronic message sent from your computer along with the spyware that reads: "Unauthorized access to this computer will result in fees being incurred. This is your only warning. Should I find indication that you have returned to my computer, you will be charged $1,000.00."

Then record the event somehow, get the name of the person at the company and sue them in small claims court. Get the judgment and go after them.

I know you can get in touch with double-click. I've talked to them before.

Not sure my idea will work but when I used to get repeated telemarketing calls and this is what I did.

I would get a name however I could. Then I would tell that person I was a marketing review service. Their first generated an invoice but I am waving that because they were not aware of our service. I told them if they called again, however, they would be charged at my normal rates of $500.00 per call. If they did not pay, I would go to small small claims and file suit against them personally and their company, making sure to let I report unpaid bills to the credit bureau and that it will show up on their credit report as an unpaid judgment.

It got the attention of a few of them. Others cursed me out.

[longjack]

I had to clean up some computers at our main office the other day. 2-3 hours per machine

There was a ton of this type of stuff on them. You have to have a good idea what the usual windows and system32 directory looks like in order to pick out the problem files.

These files have to be deleted, if you're lucky, in safe mode, and most likely at the dos prompt.

Or, you can boot up with a linux live-CD and delete files on the windows drive that way. If you have and know what ERD commander is, you can boot into an XP environment and get to enough of the registry on your infected drive to clean it up.

In short, if you don't have data you just have to have, fdisk and re-install.

A backup image program like Acronis or ghost is a lifesaver, BTW.

HTH longjack

[PeaceBeWithYou]

Adwave should be in the O1 section of Hijackthis as a host, www.adwave.com is the URL.

If they are coming back after a reboot they are in the run/runonce, autoexec.bat, startup, or even win.ini files - which you can access via msconfig and/or regedit.

[LeeHarvey]

Have you tried Microsoft's AntiSpyware (Beta) product?

Also, here's a few quick things to check (assuming Windows XP):

• Use msconfig to check and selectively remove unknown startup items
• Delete all files in your Temporary Internet Files folder. You may need to do an attrib -r -s -h *.* /s at a Command Prompt in Safe Mode
• Delete all files in your %TEMP% and %TMP% folders. Again, you may need to do an attrib -r -s -h *.* /s at a Command Prompt in Safe Mode
• Check for any system/hidden/read-only files in your %userprofile%\Start Menu\Programs\Startup folder.
• Check the entries in your %windir%\system32\drivers\etc\hosts file

When you get the problem fixed, immediately switch to Opera or Firefox and stop using MS Internet Explorer immediately! And be careful what you download and install.

Good luck.

[JustDoItAlways]

I got hammered in the last few days by these bastards.

It really should be illegal. Why shouldn't it be. The guys who release this stuff should be in jail for all the havoc they are causing to the US economy. And it is not a minor inconvience, they are causing major harm to normal internet users like you and me but moreso to the whole economy in general.

Anyway to the original poster, you can regain control of your system (in the long-run the virus files have to be deleted) but in the short-term, the simple fix is ...

Turn OFF in Tools, Internet Options, Advanced, Enable third party browser extensions.

[A CA Guy]

Take a couple hours to reformat and install your software with a good fire wall.

Don't ever buy a mac, the only reason they are not full of viruses today is that so few own them, that hackers don't yet bother to write for them.
More than likly Mac will go away completly in ten years and even the hackers know it.

[holymoly]

It really should be illegal. Why shouldn't it be.

Congressman Mary Bono has a bill which will (perhaps) outlaw spyware/malware.

House Eyes Anti-Spyware Legislation

[Brett66]

Here's a ton of anti-spyware programs you could try:

Spyware Tools

I used CWS shredder to help remove a nasty cool websearch trojan on my system about a year ago, I switched to Firefox after that.

It put an executable "ie.exe" in my root directory that would do all of its nasty work after rebooting, regardless of resetting all of my browser settings and enabling Hijack this to stop it. (It didn't)

If one of these scumware programs won't let you delete a suspicious executable, just reboot into safe mode and then delete it.

[Swordmaker]

Don't ever buy a mac, the only reason they are not full of viruses today is that so few own them, that hackers don't yet bother to write for them.

So you prefer to use PCs so that virus writers can have a vulnerable target... OK, if that floats your boat.

More than likly Mac will go away completly in ten years and even the hackers know it.

So it isn't worth buying a Mac to have TEN YEARS of peaceful computing and surfing, being ignored by those super prescient hackers who refuse to write viruses for it because they won't be effective after ten years... RIGHT! SURE!

The effective lifespan of most viruses is about two months...

[A CA Guy]

They are OK, but not worth getting because of viruses or spyware.
I've run with only the free zone alarm firewall and no problem.
Just stay away from porn, or foreign sites looking for porn and that will clear up 98% of the problems.

There are a couple of viruses in the line, so if you are running without a firewall, you are going to be infeted by a couple of them right away.

[Malsua]

I could probably spend 10000 words telling you how to get rid of these pests via registry editing in safemode.

That said, look at my FR homepage, there may be some tools to help. Pest Patrol, spysweeper and the MS beta tool may be your answer. My FR homepage has some links.

[backhoe]

 

Things you need--(all FREE)
Anti-Virus
AVG Anti-Virus version 7 (free) release available...

 Avast
Firewall
Kerio(Direct Download) Zone Alarm

 If are using zone alarm it may slow your PC. Try Outpost Firewall http://www.agnitum.com/products/outpost or Sygate Firewall http://www.sygate.com/ both have FREE and Pro versions and are heads above ZA.
Misc.
IE Spyads SpywareBlaster Spyware Guard
Windows Update- you must keep updated, it is the start of a secure system-
get all CRITICAL Updates

Things you want(Still Free)
 

  I use Firefox PR1 and IMHO, beats the sox off MS Explorer. Life is good with tabs. Click the link and give it a try.

Ad-Aware
Spybot S&D

SpywareBlaster
MS MVP Hosts file

Mike Lin's Homepage and get the Startup Control Panel and Startup Monitor tools.

 

The best forum for malware removal:

-SWI Forums-

 

 
http://www.freerepublic.com/focus/f-news/1315720/posts

 Microsoft Releases Anti-Spyware Beta 1 To Public Today.
Microsoft.com ^

 

=================================================

 

 

Browser Wars, take two various FR links | 12-22-04 | The Heavy Equipment Guy http://www.freerepublic.com/focus/f-news/1306815/posts ...and let your compiler of links drop out of Lurk & Link mode for comment and advice: Ditch IE. Honest to God, almost anything else will give you fewer problems. Try and compare- use IE, then run Ad-Aware and Spybot Search & Destroy... then try another browser and repeat. You will be stunned at the garbage IE attracts. Keep your OS updated & patched. Run a hardware firewall-- with today's LAN's, it's easy. You need a hardware firewall. Use a software firewall, too-- if you don't, you'll never know how many times your PC is trying to "phone home" and send your info across the web.

[Cedar]

Find the download for Killbox.exe

You can put any file name in the application, and it will stop it (or "kill it") at every boot time.

I got this advice from one of the online help sites---it was the ONLY thing that stopped a trojan on my computer when all the other stuff wouldn't work.

[hattend]

BUMP FOR READING AT HOME

[faq]

I had a spyware problem a while back (don't remember the name but it was not adwave) and Ad-Aware and Spybot were not able to remove it either so I did some research. The problem was that there was a shareware toolbar of some sort that was installed on the computer. So, I went to the control panel, then add/remove programs and uninstalled the IE toolbar. After that shareware program was deleted, Ad-Aware/Spybot was able to remove the spyware for good and it hasn't come back. Maybe you have a shareware program (screensaver, etc.) that keeps reinstalling the garbage.