Re: pernicious adware rooted in Explorer won't leave
From: Jan Il (abuse_at_localhost.com)
Date: 09/19/04
- Next message: emm: "Corrupt cookies?"
- Previous message: Jan Il: "Re: Internet Explorer has encountered a problem"
- In reply to: BenG: "pernicious adware rooted in Explorer won't leave"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 19 Sep 2004 15:11:00 -0700
Hi BenG :-)
> I have some kind of crazy malware in IE that I can't get
> rid of. I get pop-ups from lop.com and search200.com.
> When I block the sites, they reset my preferences on
> relaunching to unblock them and make them appear friendly.
> I also get an unwanted search toolbar that redirects me to
> search200.com. And I get little application files that
> show up in my Program Files folder in a subfolder called Blah.
>
> For the record, I have downloaded and am running XP service
> pack 2, IE service pack 1, and have the following
> antivirus/adware: Pest Patrol, Ad-Aware SE, Spybot
> Search&Destroy, CWShredder, SpySweeper. None of them can
> get rid of this.
>
> At this point I am using the Mozilla browser as it doesn't
> seem to be affected.
>
> Can anyone help?
You may have a hijacker, malware, spyware or parasites on your system
causing this problem. In addition to running your updated anti-virus
program, you should do the following to be sure none of these are present on
your system. Some variants of malware can replicate themselves over and
over if not removed properly. Follow all instructions carefully to be sure
your system is thoroughly cleaned:
Dealing with Unwanted Spyware and Parasites:
http://mvps.org/winhelp2002/unwanted.htm
Be sure to run CWShredder, Ad-aware and Spybot.
Also be sure to use the HijackThis. Please do not post your log to this
newsgroup, but to the SpywareInfo or the Aumha HiJackThis forums
http://forum.aumha.org/viewforum.php?f=30, to allow the experts there to
evaluate your log and advise you of the necessary steps to clean your
system.
Also.........
Courtesy of Jim Byrd -
Download sysclean.com, from Trend Micro, here:
http://www.trendmicro.com/download/dcs.asp along with the latest pattern
file, here: http://www.trendmicro.com/download/pattern.asp Be sure to read
the "How-to" info here:
http://www.trendmicro.com/ftp/products/tsc/readme.txt
(You might also want to get Art's updater, SYS-UP.Zip, here for future
updating of these:
http://home.epix.net/~artnpeg/). (If you download and use the updater from
the beginning, it will automatically handle downloading the other files.
Place them in a dedicated folder after appropriate unzipping, and then run.
This scan may take a long time, as Sysclean is VERY extensive and thorough
CAUTION!!!!! Before you try to remove spyware using any of the programs
below, download a copy of LSPFIX from any of the following sites:
http://www.cexx.org/lspfix.htm
http://www.spychecker.com/program/winsockxpfix.html
(if your OS is Win2k or XP) The process of removing certain malware may kill
your internet connection. If this should occur, this program, LSPFIX, will
enable you to regain your connection.
Also, get a copy of WINSOCKFIX available at:
http://www.spychecker.com/program/winsockxpfix.html
and
WinsockXP Fix- WinXP http://www.spychecker.com/program/winsockxpfix.html
Also, with instructions, at http://www.iup.edu/house/resnet/winfix.shtm
also
>From LavaSoft- all versions of Windows-
http://digital-solutions.co.uk/lavasoft/whndnfix.zip
and......
AdAware SE
http://www.lavasoftusa.com/support/download/
Update immediately after installing before using
Additional information on how to protect your PC:
The Parasite Fight http://www.aumha.org/a/quickfix.htm
More security tips at http://www.aumha.org/a/parasite.htm
Bugs, Glitches & Stuffups: http://www.mvps.org/inetexplorer/Darnit.htm
- Next message: emm: "Corrupt cookies?"
- Previous message: Jan Il: "Re: Internet Explorer has encountered a problem"
- In reply to: BenG: "pernicious adware rooted in Explorer won't leave"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
