virus help
 

On my old computer, something has messed with Explorer. When I go to log on the internet, some program hijacks it at says I need to download their program:damn: . The virus scans don't pick anything up (I have norton) but it stops it from installing when you click on the window pop-up. The spyware programs also say everything is okay. Firefox runs, so I've re-downloaded IE7 and the security updates. But they didn't seem to help.:roll: Any ideas on how to find this program and kill it?

Run AdAware from Lavasoft. It should clean out 99% of everything, and then run Spybot after it since one will pick up what the other misses.

http://lavasoft.com/

http://www.safer-networking.org/index2.html

-S

I have adaware, but something was blocking it from updating:x . I've got it updating and re-running scan. I re-installed IE7, it runs the first time but the second time it runs, it brings up the critical error window, please download the program.:shifty: I'm making progress, I think...

Is it possible for you to remove that hard drive on a temp basis and put it another PC of yours ; then scan? The advantage of doing that it is not a bootable drive which might confuse the virus/spyware and remove it or kill it using the temp PC? I have had a lot of luck using this approach avoiding a total reformat of the bum hard drive.

Of course you expose the other machine a SLIGHT risk of the same infection ... but... by making a suspected h.d. as a secondary drive, it is SO MUCH EASIER to clean it up than beating yours brains out if using it as the boot drive in the secondary PC.

Just a suggestion.

hijack this
 

I had a similar problem last year. I recall there was a program called Hijack This or something. Google with the word hijack and you may find it.

You have got a hijacker that has attached itself in your favourites, I think.

Anyway, good luck.

Ha, funny you should mention that. That's how I fixed my super old computer, I just took the hard drive out, plugged it in as a secondary drive and scanned it. I was able to recover what I wanted off the drive.

My other computer is okay (I think), it's just that something has messed with IE. Firefox runs just fine:oops: .

Good idea, I'll look into that.

All that program does is tell you that you are screwed. It does very little to solve the problem other than stop the auto-starts that MIGHT be the cause of the problem[s].

His words are true - good for finding stuff, and if you aren't good at manual manipulation, Hijack will not do anything for you which is why i don't even mention it.

Pull up a run menu and type in msconfig. That will allow you to selectively control what programs start up. You can safely disable everything in the start tab, but you may get some not so friendly errors under normal operation.

Anyway, disable everything and then run Spybot. Try Spybot if Adaware is having issue.

What ticks me off on Adaware is that I was on its testing committee back during the Becky forum days, and back then they were always telling us it would be 100% free forever. Seems you must buy it now days if you want full functionality. Spybot is still 100% free by the way.

-S

What are you using? You should get a better firewall, get ZL.

http://www.zonealarm.com/store/content/home.jsp

It's what I use, hunts em down and kills em.

This would be the time for me to turn on paranoid mode, since éven after a "repair" I am not able to put trust in my installation anymore. I would format and reinstall, not using any saved data from the time period since you became aware of something beeing messed up.

Guys, use an installation image on a separate drive to do a backup of your basic installation. that way reinstallaing is a breeze, only updates and working files/save games you need to copy over by hand. This has been one of the best investments in my PC I ever did. Acronis software 45 euros, second HD in frame 50-60 euros - "und gut is'. " just do not leave the image HD connected to the computer, so that it cannot get infested. Physical separation/interruption is always a million times better than any software solution to protect a device from something - every software code can be beaten.

Also, try booting into "safe mode" first , THEN run your scans. You'll usually detect even more nasties.

I had this same situation recently myself, every time I opened up explorer an advert would load instantly telling me to download their program.

I tried multiple adware programs as well as virus scanners, they wouldn't pick up diddly squat so in the end I backed up 8 DVD's worth of data and reformatted my hard drive.

No problems now after formating and reinstalling.

Hope you get your problem sorted nikimcbee.

Steve

Hijacked. I got a similar one once, Spybot killed it.

You must be aware that it holds a risk to create backups from the time your system already has been affected. It is better to do regular backups, or incremental backups, of your wokring files, and have three sets of them from the past three (or how many you want) timestamps, so that you can always go back to a backup originating from a time when everything still was in order. else you reinstall your system, copy your infested data back to it - and you are were you started, in the middle of the mess.

Had the same problem. I looked it up on google, found a forum that addressed it and listed registry values to delete. I wouldn't download any auto-fixes as some of them are malware as well.

I don't know anything about the registry or programming but I managed to get it to work.

Of course there is always factory restore if you have the disk.

Or you could get a mac:D

A good virus will watch the registry since it is typically executed from 2 or more locations. Try and delete one, and it will automatically replace it.

Same with BHO's. Delete one, and a good virus or Adware program will automatically replace it.

The only real way to delete one is to use software, or to do it manually from a safe mode or even a command prompt repair mode from your XP CD.

Spybot however will get rid of what it is you have issue with. Spybot however cannot repair any damage caused by whatever you have so if it has physically damaged something, not much you can do about it.

Skybird mentions he doesn't like repair mode since he doesn't trust it. That is nonsense. Repair mode however is a last resort since you will be loading patches again to fix holes.

-S

I agree with Subman. HijackThis is a great program but using it can be a buggar if you don't know how to read it. Safe mode is a good option as it turns off nonesential processes and frequently spyware/viruses are not active then.

On the other hand--if you don't have anything of great importance on your system (nothing you can't replace with a download or program reinstall) a wipe and reload isn't really a bad option. Sometimes it saves you time in the long run. Especially if you know what drivers you need to get your components working again. (Check Device Manager to get those details).

I've been fixing more malware problems lately than I've ever seen in years of computer repair. Oh--my 2 cents here--Norton isn't worth 2 cents. Once you're problem is resolved I'd recommend a different anti-virus program. I currently use AVG free version on my home system (www.free.grisoft.com) and it does a good job without making a huge foot-print on my computer's performance. If subman has a recommendation for anti-virus, take him seriously as well. I may not agree with all his political philosophies but I certainly respect his tech knowledge :up:.

Good Luck!

Thanks man!

By the way, just my two cents here on the political side - What makes the world both interesting and great is that we all have different viewpoints. If you thought exactly like me, or I thought exactly like you, we would be living in a very boring place....

Think about it.

-S

I don't have to. It's already another point we agree on :hmm:!

Peto