Spyware, Viruses, & Security forum

General discussion

a hijacker how to get rid of them....

by antonio220 / November 1, 2004 11:18 AM PST

I have a big question about the browser explorer... the other somehow i was online and some weird programs automaticly intalled itself on my pc, it didnot cause any problems at all but now everytime i open up explorer it will start on a certain page and it will not allow me to change that page from the properies window then two other windows will pop saying that some spyware system or to check my computer for viruses... i already run the norton antivirus but it didnot find any virus i also run the spyware form lavasoft ware and it didn;t find anything.. does any body know how to delete those windows from poping up everytime i get online..

Discussion is locked
You are posting a reply to: a hijacker how to get rid of them....
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: a hijacker how to get rid of them....
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Re: a hijacker how to get rid of them....
by Marianna Schmudlach / November 1, 2004 11:31 AM PST

Hi antonio220

Download cwshredder here Close all browser windows and click on the fix/next button. Alternate download: here

then:

Run Ad-Aware with the latest update.

Download the latest version of Ad-Aware (Ad-Aware SE Build 1.05) from Major Geeks.

If you have a previous version of Ad-Aware installed, during the installation of the new version you will be prompted to uninstall or keep the older version - be sure to uninstall the previous version.

After installing Ad-aware, you will be prompted to update the program and run a full scan. De-select all boxes so that it does not run.

Manually run "Ad-Aware SE Personal" and from the main screen Click on "Check for Updates Now".

Once the definitions have been updated:

Reconfigure Ad-Aware for Full Scan as per the following instructions:

-Launch the program, and click on the Gear at the top of the start screen.

-Under General Settings the following boxes should all be checked off: (Checked will be indicated by a green circle with a check mark in it, Un-Checked is a red circle with an X in it. If it is greyed out, those features are only available in the retail version.)

- Automatically save logfile"
- Automatically quarantine objects prior to removal"
- Safe Mode (always request confirmation)
- Prompt to update outdated confirmation) - Change to 7 days.
- Click the "Scanning" button (On the left side).
- Under Drives & Folders, select "Scan within Archives"
- Click "Click here to select Drives + folders" and select your installed hard drives.
- Under Memory & Registry, select all options.
- Click the "Advanced" button (On the left hand side).
- Under "Shell Integration", select "Move deleted files to Recycle Bin".
- Under "Log-file detail", select all options.
- Click on the "Defaults" button on the left.
- Type in the full url of what you want as your default homepage and searchpage e.g. http://www.google.com.
- Click the "Tweak" button (Again, on the left hand side).
- Expand "Scanning Engine" by clicking on the "+" (Plus) symbol) and select the following:
- "Unload recognized processes during scanning."
- "Obtain command line of scanned processes"
- "Scan registry for all users instead of current user only"
- Under "Cleaning Engine", select the following:
-"Automatically try to unregister objects prior to deletion."
-"During removal, unload explorer and IE if necessary"
-"Let Windows remove files in use at next reboot."
- "Delete quarrantined objects after restoring"
- Click on "Safety Settings" and select "Write-protect system files after repair (Hosts file, etc)"
- Click on "Proceed" to save these Preferences.
- Click on the "Scan Now" button on the left.
- Under "Select Scan Mode, be sure to select "Use Custom Scanning Options".

- Close all programs except ad-aware.
- Click on "Next" in the bottom right corner to start the scan.
- Run the Ad-Aware scan and allow it to remove everything it finds and then REBOOT - Even if not prompted to.
- After you log back in, Ad-Aware may run to finalize the scan and remove any locked files that it may of found. Allow it to finish.

Plug-Ins for Ad-Aware (VX2 Cleaner)
Download the free VX2 Cleaner here

Close Ad-Aware SE build 1.05 and Ad-Watch (if running)
Install the VX2 Cleaner
Start Ad-Aware SE build 1.05
Go to ?Plug-ins?
Select the VX2 Cleaner plug-in and click ?Run Plugin?
If your computer isn?t infected, click ?Close?.

If your computer is infected:

Select ?Clean System?
Reboot your computer
Scan your computer with Ad-Aware
Remove any VX2 objects detected
Reboot your computer again
Run a second scan to make sure the files have been removed from your computer

Virus warnings while performing a scan with Ad-Aware

While performing a scan with Ad-Aware, a background antivirus monitor may issue an alert, stating that a virus has been found in the temporary directory (%temp%) for the current user. This does not necessarily mean your computer has been infected with an active virus. Most antivirus resident scanners will not scan compressed files and only monitor your memory for the sign of an active viral process.

During a scan, Ad-Aware will temporarily decompress files to scan their contents without activating the content, but in doing so, the file is noticed by the antivirus' resident scanner.

Also, some antivirus applications include an option to quarantine infected files, and when Ad-Aware decompresses these quarantined files, the antivirus background scanner detects the virus moving outside the quarantine area. To avoid this you can either remove the quarantined files via your antivirus application, or have Ad-Aware ignore the antivirus program's quarantine folders/files during a scan.
Then,

Download SPYBOT Search and Destroy here if it is not already installed on your computer. Also download the DSO Exploit Fix - HOTFIX here
Install the program and then start it. Once the program has started make sure you are in the Spybot-S&D section. Click on the "Search for Updates" button. Download all updates. In some cases the program will restart after an update. When updated, click on the "Check for Problems" button. When the Check is over All problems displayed in red are regarded as real threats and should be dealt with. Make sure they are all selected and click the "Fix selected problems" button.

Problem gone?

Collapse -
Re: a hijacker how to get rid of them....
by antonio220 / November 6, 2004 6:55 AM PST

o.k it did work but some of them still pop very frequently so how can i prevent that from happening... and is it true that explorer is a very bad browser is better firefox..

Collapse -
Not bad, just exploitable.
by R. Proffitt Forum moderator / November 6, 2004 7:22 AM PST

Have you tried SPYBOT's HOME PAGE LOCK feature?

Firefox/Mozilla don't have this issue so you hear (read) about them a lot.

Bob

Collapse -
Re: Not bad, just exploitable.
by antonio220 / November 12, 2004 3:41 PM PST

hey i still get those pop us with the same adds, but they let me know to surf the web... they all pop on explorer browser, what will happend if i completle delete explorer, will that cause any problems in windows or will cause any problems at all... i will be using then firefox mozila browser so i hear let me know.

Collapse -
Re: a hijacker how to get rid of them....
by michhala / November 13, 2004 4:44 PM PST

Hi Marianna -- I used some previous instructions to configure Ad-Aware SE Personal 1.05. They were not in such detail as yours and there are some differences between the instructions in that post and your post dated 11/01/2004.

Are the instructions in your post for everyone and not just for Antonio's situation? If so, I will change my configs to match your post exactly. There are items that your instructions say to checkmark that previous instructions did not, and I want to get it right.

I do not have a homepage -- it reads "about:blank". Is it necessary to fill in homepage and default search page?

I downloaded the SpyBot DSO Exploit Fix HotFix and it does not change the (5) DSO situation. I put the DSO back on "ignore".

I have used up a lot of space here in the last few weeks and been a bit of a nuisance methinks Sad

Miki

Collapse -
Marianna -- I forgot to ask......
by michhala / November 13, 2004 5:35 PM PST

Why a custom scan on Ad-Aware SE Personal 1.05 and not a full system one?

My thanks......Miki

Collapse -
Re: Marianna -- I forgot to ask......
by Brent Welch / November 14, 2004 9:51 AM PST

Miki,

The custom scan would allow you to specify exactly which folders to include/exclude in the scan. For example, you may want to exlude the System Restore folder in Win XP or ME, since Ad-aware would be unable to remove anything found within it anyway. You might also want to exclude the backup folder within Spybot-S&D, to avoid possible conflicts as well.

FWIW, I use the full system scan.

Collapse -
Re: Marianna -- I forgot to ask......
by michhala / November 15, 2004 7:31 AM PST

Thank you, Brent -- I have been using Full System Scan -- to me it seemed a good thing to do.

Appreciate your reply.

Miki

Collapse -
(NT) (NT) Marianna-I should have put message #6 to your attention
by michhala / November 14, 2004 9:28 AM PST
Collapse -
Miki

Yep, that is the latest write-up for AD aware from Lavasoft.

I do not have a homepage -- it reads "about:blank". Is it necessary to fill in homepage and default search page?

It is not a must - but can be "confusing" as "about:blank" is "normally" in HJT's a "nasty" one Wink

I downloaded the SpyBot DSO Exploit Fix HotFix and it does not change the (5) DSO situation. I put the DSO back on "ignore".

Did you download the HOTFIX?? IF not - you can download it here:

DSO Exploit Fix - HOTFIX here

Run Spybot again after you removed the DSO Exploit.

Collapse -
Marianna and SpyBot DSO Exploit Hot Fix
by michhala / November 15, 2004 7:39 AM PST
In reply to: Miki

HI Marianna -- The first scan using the DSO Hot Fix and with ignore DSO Exploit unchecked still showed its presence. I did a restart and another scan (as you suggested) and it did not show up again.

Thank you so much.

Miki

Collapse -
Miki - You're Welcome :)
by Marianna Schmudlach / November 15, 2004 7:43 AM PST
Happy
Collapse -
Re: a hijacker how to get rid of them....
by CharleyO / November 12, 2004 4:19 PM PST

*

Also make sure Windows Messenger (this is not the IM program) is not open. You may be getting some of those pop-ups that way.

Go to Add/Remove Programs ... click on the Windows Setup tab ... scroll down the list to System Tools. Double click on System Tools to open that box. Scroll down to Windows Messenger and click the check box to remove the check mark. This will close that "backdoor" through which many pop-ups can enter.

Hope this helps you. Happy

*

Collapse -
Re: a hijacker how to get rid of them....
by antonio220 / November 22, 2004 11:05 AM PST

thank you

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?