Vato Loco

I am going to go nuts! I hate spyware and popups! I run Adaware and Spybot every other day and they still come back, just today I got new ones. It created files on my desktop, internet files, everywhere. I haven't downloaded or have any programs that have spyware. I don't know what to do, what can I do? I hope someone can help me.

midiwall

Can you post a screenshot of the popups in action? It can help to ID where they're coming from.

Churnd

Go to this site: http://grc.com/freepopular.htm

and download a program called "Shoot the Messenger". Run it, then run all your spyware deletion programs and see if that helps anything.

Napoleon047

i know what you mean dude. i download a lot of bootleg software especially games, so when im scouring the net for a hack or keygen, i get a lot of popups and spyware. my solution: split your HD into two partitions, one for your windows install and one for everything else. that way when things get too bad, i can just reformat and do a clean install on my windows partition.

Bud

a combination of google popup blocker and adaware works fine on my systems.

i also have 2 partitions. 1st for the os and 2nd for the games, files..etc..

BT17R

Have you tried the free SpywareBlaster plugin for Spybot? It's available from the Spybot menu, Advanced mode, Spybot S&D, Immunize, click on SpywareBlaster to download for additional protection. It helped some, but you'll still need to run Spybot and AdAware periodically.

Vato Loco

I'm trying to delete this one specific file in my programs file but it won't let me delete it at all! I tried to remove it and it came back, what can i do? I updated my Adaware and Spybot and found over 300 files. Hope you guys can help me, btw the file is "64 New"

Vato Loco

This is what I have to browse the internet with (below), I uninstalled and reinstalled messenger and its still there. I ran adaware and spybot several times and nothing. I ran msconfig, and it came back running behind windows again. I am ÅÅÅÅed!




Here's another picture below, its the 64 New file and ˟˟˟˟˟˟ YOU file, I tried renaming it, thinking maybe it'll screw up but I was wrong and it copied it self. Now I try to delete the 64 New file and comes back and there's nothing in it and I can't delete the ˟˟˟˟˟˟ YOU file neither.

midiwall

It looks like you might have the WORM_AGOBOT.CU virus.


Check out this thread... The symptoms with the "FU" folder are very similar:

http://computercops.biz/modules.php?...topic&p=110237


PLEASE run this virus checker; it's free and does a great job. (btw, you have to use IE):

http://housecall.trendmicro.com/

midiwall

more babble..

It is VERY important that you install all the security patches for XP - there are a TON of them. Use Windows Update (it's in the start menu) and get them ALL. You may have to run the update a couple of times to make sure everything's installed.

It's also important that after you remove things like viri or adware, then you shutdown the machine, power off, and restart. Don't just Reboot - there are plenty of ways to hide code in RAM such that it will survive a reboot.

I would recommend this order:

1. Scan and remove viruses
2. Shutdown, power off, reboot
3. Scan again for viruses
4. Shutdown, power off, reboot
5. Scan for ads with everything you have; remove anything it finds
6. Shutdown, power off, reboot
7. Scan again for ads with everything you have; remove anything it finds
8. Shutdown, power off, reboot
9. Scan again for viruses
10. Shutdown, power off, reboot
11. Install Windows updates
12. Shutdown, power off, reboot
13. AGAIN - run through Windows updates
14. Shutdown, power off, reboot

If you do things in a different order, it's VERY likely that you can remain infected. The process will take some time, but it's a lot better than putting up with what you are now.


Good luck.

BT17R

VL, I ran into a similar problem a couple months ago and was faced with making Registry changes suggested by Spybot in the Settings/File Sets/System Internals optional scan. After asking about the safety of that here, I backed off and waited for the next update from anywhere.

Sure enough, around 3-4 days later the AdAware update grabbed the browser hijacking file and flushed it well before Spybot updated. I say wait awhile if you can, or do the scan above if you know what you're doing with the Registry.

Another Spybot setting to check are the three IE locks at the bottom of the Immunize folder. That might stop some drive-by Active X stuff on your system now, too late for SpywareBlaster to act.

Edit: I posted before your screen shot edit and Mark's comments. Whatever I'm suggesting should come after midiwall's checklist. BTW, Housecall catches stuff Norton overlooks. It takes 3X longer, but is very effective.

ravencr

Here's the site that will end all your popups forever. I don't get any, and I don't have a pop up blocker which royally suck, because they slow the computer down. I'd recommend doing everything it says to do on this page, and you'll pop up and addware free for life. It's awesome!

http://www.geocities.com/spywarekill...blacklist.html

Chris

P.S. It's a lot of work, but it definitely works!

Scofco

Man I miss the good old days of the internet. Back when it was still new and scary.
Now it's all gone to hell.

midiwall

Not if they're properly implemented.

The ones that are built into browsers (Netscape, Mozilla, Firefox and others) just hook the speciifc internal APIs that are used to open up new windows. If the user specifes that s/he doesn't want popups, then the APIs aren't called. It actually speeds up a browser. The Google toolbar actually falls into this category 'cause it hooks into IE low enough to get this kind of access.

The add-on applications like AdKiller work as HTTP proxy servers and will slow down the browser, but not the whole machine.


Past this... there are Spyware apps which will create popups that look like they're coming from the browser, but aren't. No matter what browser or blocker you use, you'll still get them. This is why when people start these topics I always ask for a screen shot of a popup. That helps to determine if it's coming from the browser or from another app.

The solution to the problem is different in either case...

...unless you count "flatten the box and re-install" a common solution.

ravencr

My link is the solution to every popup guaranteed, and it won't slow the computer or browser down at all.

Chris

Vato Loco

Ravencr, I owe you one! I clicked on the link and did what it said, I ran Adaware and Spybot and found nothing at all. All I gotta to say everyone reading this thread, follow Ravencr's link. Thanks guys!

I forgot to mention, not only did it get rid of all the spyware, I'm not sure if its me but I feel my computer a whole lot faster than it was a few hours ago.

ravencr

I told ya so! Just kidding, but I was very happy to find that link after hours and hours of searching for something that actually worked. I'm glad it worked out for ya!

Chris

Corey

iTrader: (1)

I hate pop up ads as much as everyone else.
I have heard about the Google toolbar, but I did not want anything cluttering it up.

I run Nvidia based video cards, and I had heard the recent Forceware (use to be called Detonator) drivers have a popup blocker you can enable for Internet Explorer.

Sure enough, I just found it now.

It works great, and as you can see by the options here, you can briefly view the popup window, play a sound when it detects one, even if you don't have preview turned on.

I often check my local news channels website for news, weather, ect, and I hate the popups.
No more of this crap.
I am not sure if this uses any CPU power like a dedicated program or not, but the PC or browser did not slow down after activating it.

So if you have an Nvidia based video card, get the newest drivers from Nvidia's site, and you will have popup blocking.

Churnd

I have an Nvidia card on my laptop also, but I don't have that feature. Got all the latest drivers too. I guess it's only for the newer cards.

Corey

iTrader: (1)

Did you get your drivers from here?
If so, then it's built into the driver set.
You have to turn on Desktop Management first for the drivers before you can access all of the features.

I don't want to hijack the thread here, but whenever upgrading vid card drivers, don't just download and install the new ones.
Use these steps or you will have remnants left over that can mess up your system.
And...don't use OEM drivers from the card makers site.
They blow compared to the ones from Nvidia or ATI.

1. Download the newest drivers for your vid card from Nvidia or ATI.

2. Use add/remove programs via your Control Panel to remove old drivers.

3. Reboot, then look for your Nvidia or ATI folder on your hard drive via the Explorer.
Delete that folder.

4. Run Nasty File Remover, available here.
This applet searches your c:\windows\system folder for any left over Nvidia, ATI, Creative drivers.
Scan, then delete the files with above applet.
Reboot.

5. Execute the new driver set you downloaded.
If using Nvidia, make sure you turn on the Desktop Management to gain access to all the hidden Nvidia features.

6. The popup blocker as seen in my pic a post above this one can be accessed from the Nview Manager, Applications, then Enhancements tab.


It has a lot of cool things including making windows transparent show other stuff running will show behind your current window.