Re: Losing Control of my Computer
From: Malke (invalid_at_not-real.com)
Date: 05/22/05
- Next message: opensourceav?: "RE: Open Source Anti Virus"
- Previous message: PorkTeriyaki: "Losing Control of my Computer"
- In reply to: PorkTeriyaki: "Losing Control of my Computer"
- Next in thread: Imhotep: "Re: Losing Control of my Computer"
- Reply: Imhotep: "Re: Losing Control of my Computer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 21 May 2005 15:46:55 -0700
PorkTeriyaki wrote:
> I have virus protection, firewalls, popup blockers, a spyware remover,
> & a CWS shredder, but still I'm spending more time clicking off
> popups, deleting unwanted bookmarks from my Favorites list, & deleting
> unwanted
> shortcuts from my desktop, than working with my computer. How do you
> keep free from these swarms of pests?
>
> Many of these files are attached to \WINN\system32\. If find many
> files attached to this but don't know what they are so don't know
> which
> to delete. Where can I get a directory of file names?
>
> The most tenacious of these pests are Aurora,
> banners.searchingbooth.com, ads1.revenue.net,
> fad.1115.nyc1.targetnet.com, adserver.sharewareonline.com,
> www.smileycentral.com, ads.addynamix.com, net-offers.net, All Jackpots
> Online Casino, & All Shots Casino. How do you cut these off?
Obviously the popup blocker and spyware remover(s) you have aren't
working. Seriously, your computer is quite infested and you need to
clean it up. Follow the general malware removal steps below, doing
everything with updated tools in Safe Mode. From your description of
the extent of the problem, you will probably need to also run
HijackThis. To make a shorter newsgroup post, I've got links to all the
programs and sites on my website here:
http://www.elephantboycomputers.com/page2.html#Removing_Malware
The links for HijackThis tutorials and places to post your log (not
here, please) are on the website, too.
Particularly check out the last link to MVP Eric Howes' "rogue spyware"
page to make sure the "spyware remover" you have isn't really
betrayalware.
First delete all Temporary and Temporary Internet Files. For IE's
Temporary Files, go to Control Panel>Internet Options>General tab.
You'll see where you can delete cookies and files. For Firefox, clear
its cache by going to Tools>Options>Privacy>Cache> Clear. For Windows
Temporary files, Start>Run cleanmgr [enter].
1) Scan in Safe Mode with current version (not earlier than 2004)
antivirus using updated definitions.
Before you remove malware, get LSPFix or WinSockFix for XP - see links
below.
2) Remove spyware with Spybot Search & Destroy and Ad-aware. These
programs are free, so use them both since they complement each other.
There is a new version of CWShredder from Intermute. I would not
install the other Intermute programs, however. Alternately, there are
CoolWebSearch malware removal steps at SilentRunners.
Be sure to update these programs before running, and it is a good idea
to do virus/spyware scans in Safe Mode. Make sure you are able to see
all hidden files and extensions (View tab in Folder Options).
If the malware remains even after you used Ad-aware and Spybot, you can
scan with HijackThis. HijackThis is an excellent tool to discover and
disable hijackers, but it requires expert skill. See the links on my
website for a HijackThis tutorial and places where you can post your
HJT log. Again, this is an expert tool and novices should get help
with it.
3) If you are running Windows ME or XP, you should disable/enable System
Restore after the system is clean because malware will be in the
Restore Points. With ME, you must disable System Restore completely.
With XP, you can delete all but the most recent (presumably clean)
System Restore point from the More Options section of Disk Cleanup
(Run>cleanmgr).
4) Make sure you've visited Windows Update and applied all security
patches. Do not install driver updates from Windows Update.
5) Run a firewall.
Malke
-- Elephant Boy Computers www.elephantboycomputers.com "Don't Panic!" MS-MVP Windows - Shell/User
- Next message: opensourceav?: "RE: Open Source Anti Virus"
- Previous message: PorkTeriyaki: "Losing Control of my Computer"
- In reply to: PorkTeriyaki: "Losing Control of my Computer"
- Next in thread: Imhotep: "Re: Losing Control of my Computer"
- Reply: Imhotep: "Re: Losing Control of my Computer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
