Help! How do I get rid of this stuff? [Archive] - Glock Talk

PDA

View Full Version : Help! How do I get rid of this stuff?


UCF-Tacoma
07-19-2004, 12:04
This is shorter the second time because it deleted my first attempt after saying I had too many codes or something.

I uninstalled zone alarm after upgrading the version last week gave me problems with programs locking up and disconnected from the internet with my cable modem.

After Norton AV said I had a virus, my browser changing my homepage and porn/spyware warning popups I downloaded it and reinstalled ZA. I also downloaded and ran "Spybot-Search and Destroy" as recommended in the sticky and ran Adaware. Spybot picked up stuff that Adaware didn't and removed them but Adaware shows me 8 problems every time I run it and despite running both I'm still getting the popups and my homepage changing.

What else should I do? This is what Adaware caught the last time I ran it and it said it removed it.


Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank


Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Pagetemp\sp.html

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Bartemp\sp.html

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistanttemp\sp.html

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Pagetemp\sp.html

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Bartemp\sp.html

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistanttemp\sp.html

SamBuca
07-19-2004, 12:11
With all due respect to the other administrators who try to help people, all the programs and tweaks do nothing except confuse people and cause more problems.

1) Make sure your Norton AV is up to date (run LiveUpdate) and make sure LiveUpdate is set to automatically download and install updates.

2) If you have Norton Internet Security in addition to anti-virus, disable that. Set it to manual startup, uncheck the box to display the systray icon, and then turn it off.

3) If you enabled the built in Windows firewall, disable that. Once Service Pack 2 for XP comes out, then you can utilize that (it works MUCH better).

4) Uninstall ZoneAlarm, popup blockers, or any other programs you installed to try and secure your machine.

5) Undo any tweaks you tried to do to secure your system.

6) Scan your entire system with Norton after you've done step 1 and ran LiveUpdate.

7) Go to pestpatrol.com and get their freebie evaluation version. I STRONGLY suggest paying the few bucks for it...it does far more than these other cheesey freebie spyware programs, plus you can enable MemCheck and/or CookiePatrol to help out your system. Pest Patrol WORKS...the others are some cheesey freebie wannabe software that doesn't always work properly.

8) If you were infected with a browser hijack, most spyware programs won't take care of it effectively since the hijack programs change so often. I (or someone else here) will walk you through it.

fastvfr
07-19-2004, 14:22
You have been attacked by the Web's current Archnemesis, CoolWebSearch.

You will have a LOT of fun removing this little bastard.

I do this for a living, and I almost never make decent wages on this malware, since there are dozens of variants and they rename themselves while removal is occurring, then reinstall themselves by hiding in Explorer.exe and in other vital, Hidden locations.

CWShredder used to help, but the makers of that app have since GIVEN UP trying to fight this as there are just too many ways to hide this scumware in your OS's files.

You will need, at a minimum, Hijack This 1.98 and a whole lot of patience. Unfortunately, the log file that HJT returns will be written in language that will read like Chinese to you...there are forums around that you can post your log file to and get an educated guess from.

The CWS bug has allowed itself access to the root of your IE by wedging itself into your Trusted Sites, thus allowing it to DL and install all kinds of awful crap like Downloader.A and Backdoor.X installer trojans, and it also calls in every stinkin' searchbar it can, all of which install themselves without your knowledge.

CWS also blocks IP addys, meaning you now likely cannot go to Google.com or to several of the SpyWare removal sites.

And the Feds are doing nothing at all about this grievous breach of Telecommunications and Computer Law. These are FELONIOUS acts CWS is perpetrating, but the feds will not shut them down. I guess we know which side the Law is on now, don't we?!

Try to dig the little bastards out yourself, then back up all your vital files and reinstall if it proves impossible. Then NEVER use IE for anything but Windoze Updates. NO OE, either.

Use Mozilla for any browsing you do, with Popup Supression on.

Sorry for the bad news...

Best regards,

FastVFR

David_G17
07-19-2004, 14:29
http://forums.spywareinfo.com/index.php?showtopic=14418

might be helpful.

UCF-Tacoma
07-19-2004, 19:03
Looks like this will suck then. Thanks for the info guys and I'll screw with it later this week. Right now it's just irritating. I'll let you know if I need more help.

UCF-Tacoma
07-20-2004, 21:50
Originally posted by SamBuca
With all due respect to the other administrators who try to help people, all the programs and tweaks do nothing except confuse people and cause more problems.




My Norton Subscription ran out a number of months ago and I've never paid to renew it. Is it really worth the cost or are there programs just as good out there for free? I can afford the price if it's necessary but paying for software online and without any hardcopy has never interested me that much.

I went back to the sticky at the top of the forum and to the hijack this page. After fastvfr mentioned CWS I downloaded and tried the CWShreader. It found stuff that it removed which I guess is good. I went to Windows Update and am downloading the necessary upgrades. Apparently it wasn't alerting me to important updates. I may have turned that off at some point without considering it completely.

So if this SWShreader worked, windows update fixes my holes, and the computer keeps running okay then I'm back to normal. Thanks for the help fellas.

SamBuca
07-20-2004, 22:13
It's absolutely CRITICAL that you have up-to-date virus protection. While I'm sure other programs have their merits, I've been using McAfee since 1993...Norton is a fine program, but I've found McAfee to be more desirable. You definitely need one of them.

I assume you're using XP...Start -> Control Panel -> System. Go to the automatic updates tab. Turn it on and set it to automatically download and install the files. Never worry about updates again.

CWS is ok...but as far as I know, they've stopped major development on it....plus hijacks change so rapidly it's difficult to keep up. As long as it fixed your current problem, that's what counts.

If you'd like to discuss moving to alternative browsers instead of using IE or alternative email clients instead of Outlook, I'm sure one of us can walk you through setting it up...it's very easy. If not, you should be ok....just keep it updated ^c

UCF-Tacoma
07-20-2004, 22:36
I reset the computer and it was apparently still there so I ran everything again and it appears to be gone.

I renewed Norton AV and it's downloading right now. I've never used outlook for anything and switching to another browser would be as strange as switching to a Mac. Thanks again and I'll try to get this right again.

It mentioned that SWS isn't capable of keeping up with some of the variations anymore. I guess there's a lot more people trying to break in to computers than there is trying to keep them out.

SamBuca
07-21-2004, 07:48
Originally posted by UCF-Tacoma
It mentioned that SWS isn't capable of keeping up with some of the variations anymore. I guess there's a lot more people trying to break in to computers than there is trying to keep them out.
I encourage these spyware and virus writers to keep at it. It provides me with a way to make money and I always enjoy a good challenge.

Thank you malware people!

FThorn
07-21-2004, 08:01
My nephew just bought a new Mac (powerbook) yesterday. I'm glad he'll never have to go through Windows hell.

I have never had a pop-up ad, virus, adtrackerthingie bother me on any of my macs.

I'll leave it at that.

Moprine
07-23-2004, 07:22
best FREE antivirus(i prefer over norton)

http://free.grisoft.com/freeweb.php