Posted on 08/19/2008 9:44:48 AM PDT by devane617
I have been hijacked by an adserver/virus. I am running AdAware, but does not fix problem. I consider myself tech-savvy, but this is ridiculous. Problem started this morninng, and occurs on FR, and any other website I visit. Any suggestions, or ideas? Thanks.
There is ... and dang it, I'm not on my home machine and can't recall the name of the application that got rid of it. But I was able to google it and find a solution.
If it's the same thing I got, it's a nasty little thing that plants itself in your registry files.
That's why it's best to boot (directly) from a clean RO disk/CD with all the necessary tools on it.
Is it this one?
http://www.freerepublic.com/focus/f-chat/2063391/posts
try ... THIS
Bunch or free tools.
Good luck.
What it does, is plants itself in the registry and acts sort of like an add-on to Internet Explorer. It continually brings up an "anti-Spyware" website that is very difficult to get rid of.
As I mentioned above, there is an application available that will isolate and kill this little bastard (can't recall off-hand what it's called).... and I wish it would do likewise to the bastards who wrote the code.
Good advice. Even if you remove the most obvious problems, how do you really know something isn't still there? Just backup, and reinstall the machine to remove any doubt.
It's been addressed by Windows in the form of a update with a removal tool.
You should be able to locate that tool and run it from the IE7 website assuming you have updated. If you have IE6, the tool loads when you update to the current IE browser.
All this from memory, cuz I only have one machine left that runs XP.My VISTA machines have never had any problems in this regard but they too have the same removal tools available.
I don't know if this helps your particular situation, but it is what I know from experience.
Find the exe. Open Notepad and create a file with the same name. Overwrite the exe and set it to read-only.
Find the DLL that is recreating the file. Do the same. Remove bad stuff from CurrentVersion/Run in registry. Check Task Manager for suspicious files and do the same.
QUIT OPERATING YOUR MACHINE AS ADMINISTRATOR!!
Try Threatfire. It is a program that stops anything from implanting itself in your registry without your approval. I think it will find and quarantine this entry.
This thing is a IE add on that you don't order and it is irritating, but not worth losing data over. Just use the the tool if you ever get one.
A pen, a yellow legal pad, and a library card. (But don’t sit close to the homeless dude.)
Excellent point! So many do, and it causes the built in protections that MS incorporated to be overridden. It's not a good idea anytime, unless you are troubleshooting off line.
Good luck with this one. I think it should be illegal. The company infects your computer with a virus and then charges you to remove it.
I had the same problem a year ago. I purchase a couple of commercial programs that said they would fix it, but none did. The program stores information in the Windows "Restore" files that virus protection software can't modify. As soon as you restart the computer the program is reinstalled. I got instructions off the web that had me deleting files and changing advanced settings on the computer to delete it from the restore files and I still couldn't get rid of it. I finally backed up all me data files and reformatted the hard drive. I've now set my security settings higher and don't accept any cookies.
Here is a suggestion for future consideration:
Starting with a fresh install helps, but you can do it on an existing drive.
1. Partition your drive so Windows/Operating System is on one partition. (Mine is 30 meg should be sufficient, unless you have allot of programs installed). Use a second partition for you data — the files saved for the various programs.
2. Use CloneGenius (it boots and runs from a CD) to back up the Windows/OS partition. Save the resulting backup/clone files to a USB port hard drive (CloneGenius does recognize USB drives) or to a second hard drive.
[It would be okay to save the CloneGenius backup to the data partition, but, if your hard drive fails, you are SOL.]
3. Of course, always back up your data files frequently.
==
If you contract a virus or malware, etc., having the CloneGenius Windows/Operating system allows you to restore (it rewrites the complete Win/OS partition) with all your setting and programs in tact, as of the date of the CloneGenius backup. Since your data is on a separate partition, it is not affected.
The CloneGenius backup takes about 40 minutes (if not compressed — which takes long) for a 30 meg drive and creates about 13 two-meg files. So, you will need approximately 30 meg of space on the storage drive.
Restoring from CloneGenius takes about 40 minutes, whereas a fresh Windows install takes a day or two — and then another day or two of trying to reset all the settings, and another week or so re-installing all the programs.
[I found CloneGenius (beta edition) a couple of years ago. It has save me several times, times when System Restore would not work.]
[I have no connection with CloneGenius other than as a user. The website is running a special price through tomorrow. FYI. http://www.spotmau.com/products/package/clone_genius.html]
You may not want to hear this...BUT! Reformat and re-install everything.
But wait! there’s more! {Ginzsu knives to the first 100, LOL}
Seriously, I highly recommend you download the FREE and very good Microsnot Steady State application.
This is the best utility for consumers I have seen yet.
After you re-install, then you install Steady Sate and configure the settings. Now, everytime you reboot, your machine is brought back to the way you set it up.
Yes, you can install new stuff, and make changes while it’s installed, you just have to use the admin feature to do so.
But, I put it on my wife’s machine, and left off her Soap channel stuff, and she put it back on, then when she rebooted, it was gone! hahaha So was her weatherbug. LOLOLOL
It does the same with virus, malware, exploits, etc.
Seriously, it’s an excellent app. and you won’t have these kinds of issues again. Good luck.
You can find out more, and get it here: http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx
Try Stopzilla.
Try this , it works for me .Also checks sites before you click on them.And it’s FREE.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.