37 users online (1 members and 36 guests)  

Thread: Adware problem.


Page 1 of 2 1 2 Last
  Results 1 to 15 of 22
  1. #1
    Enchantress's Avatar
    Junior Member

    Status
    Offline
    Join Date
    Mar 2005
    Location
    Ontario, Canada
    Posts
    26

    Unhappy Adware problem.

    After running Panda ActiveScan, I've just become aware of one Adware-infected file on my computer. Microsoft Antispyware did not pick this up, nor did Housecall, Symantec, or my Windows Firewall.
    Panda picked it up, but is unable to disinfect it.
    I've downloaded Spybot, and it only scanned for about 1 second and showed up nothing (and also didn't look very professional either).

    I've also tried DeepSight Extractor 4.4 from Symantec, and it didn't show anything either.
    Does anyone know what I can use to clean this 1 Adware infected file?

  2. #2
    QuietDean's Avatar
    Administrator

    Status
    Offline
    Join Date
    Oct 2000
    Location
    Bournemouth, UK
    Posts
    2,662

    Re: Hi, guys! I have an Adware problem.

    Hiya,

    firstly, make sure you have updated spyware. If it only scanned for a second it sounds like its not updated.

    You can also try AdAware , its on a par with spybot.
    If one of our members helps you, please click the icon to add to their reputation!
    No support via email or private message - use the forums!
    Before you ask, have you Searched?

  3. #3
    HTML's Avatar
    Administrator

    Status
    Offline
    Join Date
    Aug 2000
    Posts
    3,445

    Follow HTML On Twitter Add HTML on Facebook Add HTML on Google+ Add HTML on Linkedin Visit HTML's Youtube Channel

    Re: Hi, guys! I have an Adware problem.

    you will have to give more specific information on what you have picked up.

    Dave

  4. #4
    Enchantress's Avatar
    Junior Member

    Status
    Offline
    Join Date
    Mar 2005
    Location
    Ontario, Canada
    Posts
    26

    Re: Hi, guys! I have an Adware problem.

    Hi, guys! I've been up all night trying to figure this out. Okay. Ohhh, there's one aspect that I don't really want to mention in public, though... But basically, it looks like whatever this is has re-written or is covering some files and preventing them from working properly!

    I tried downloading Ad-Aware, but the security certificate was invalid, so I cancelled it. What I have is Microsoft AntiSpyware, which isn't detecting anything - in fact that's the program that is appearing to be used to cover other files.
    I'm not sure about what that's called, but that's how it looks to me.
    I'll try to clarify. When I look to check the status of other files and check for more information, I've found that an advertisement comes up with the AntiSpyware screen. So that it looks as if I've requested information about that program, instead of others. This has happened on at least 5 different programs that I've tried to view information about.

    I should also add that I have a report from Panda ActiveScan about the name of the file and where it's located, but I can't see to find it. I was hoping to find it and delete it, but I guess it's not all that simple, is it?

  5. #5
    HTML's Avatar
    Administrator

    Status
    Offline
    Join Date
    Aug 2000
    Posts
    3,445

    Follow HTML On Twitter Add HTML on Facebook Add HTML on Google+ Add HTML on Linkedin Visit HTML's Youtube Channel

    Re: Hi, guys! I have an Adware problem.

    I was hoping to find it and delete it, but I guess it's not all that simple, is it?
    Could be a very big mistake unless you know what you are dealing with.

    Grab another panda scan and post it for me. If you would like to pm me with the details you do not want to post that is ok.

    I have to head out for now. It is the first day in months that I have felt well and I have got a lot of work at a property to catch up on. I shopulkd be back in about 4 - 5 hours. Be patient, do not do anything that you may regret later

    Dave

  6. #6
    Enchantress's Avatar
    Junior Member

    Status
    Offline
    Join Date
    Mar 2005
    Location
    Ontario, Canada
    Posts
    26

    Re: Hi, guys! I have an Adware problem.

    Ok, but that might take about an hour or so to scan. I'm glad to hear that you're feeling better, although I haven't been on much. I'll PM you though, too.

  7. #7
    Enchantress's Avatar
    Junior Member

    Status
    Offline
    Join Date
    Mar 2005
    Location
    Ontario, Canada
    Posts
    26

    Re: Hi, guys! I have an Adware problem.

    Ok. So I performed another Panda scan (fell asleep for awhile too!), and it came back the same as before. This is what I found:

    Incident: Adware:Adware/Startpage.JY
    Status:

    No disinfected
    Location: Windows Registry


    Sorry, it wouldn't paste in correctly, but this is the information. I also found this on the Symantec website.

    http://securityresponse.symantec.com/avcenter/venc/data/adware.startpage.html

    They also have a response to Adware.startpage A, and B, but not to "JY". Apparently it's new.
    I've also seen the files for it, I thought that they were some old Hockey files that might have been leftover from the previous owner, unfortunately they look alot like the ones found in the link above.........and they're in alot of places.

    I'll PM you with the other info., but I've got to get some sleep...
    Last edited by Enchantress; 06-17-2005 at 10:41 AM.

  8. #8
    HTML's Avatar
    Administrator

    Status
    Offline
    Join Date
    Aug 2000
    Posts
    3,445

    Follow HTML On Twitter Add HTML on Facebook Add HTML on Google+ Add HTML on Linkedin Visit HTML's Youtube Channel

    Re: Hi, guys! I have an Adware problem.

    I think this one should be fairly simple, the key is the steps before running the anti-virus.


    assuming you are running windows XP

    1: update your antivirus with the latest definitions.

    2: Disable system restore - right click my computer - properties - system restore - turn off system restore on all drives - ok

    3: restart in safe mode - start button - run - type in msconfig - choose boot.ini - click safemode - restart. (you may want to disconnect from the internet before restarting)

    4: run your antivirus on each profile rebooting after each. I would also run spybot on each profile again, rebooting after each.

    5: your systrem should now be clean, lets bring it back up by following the next steps.

    6: get out of safe mode - start button - run - type in msconfig - choose boot.ini - click safemode - restart. (you may want to re-connect from the internet before restarting)

    7: Enable system restore - right click my computer - properties - system restore - turn on system restore on all drives - ok

    8: reboot again

    9: enjoy

    Dave

  9. #9
    Enchantress's Avatar
    Junior Member

    Status
    Offline
    Join Date
    Mar 2005
    Location
    Ontario, Canada
    Posts
    26

    Re: Hi, guys! I have an Adware problem.

    Thank you!
    Yes I'm running WindowsXP, but what if my antivirus isn't able to start up or scan?

  10. #10
    HTML's Avatar
    Administrator

    Status
    Offline
    Join Date
    Aug 2000
    Posts
    3,445

    Follow HTML On Twitter Add HTML on Facebook Add HTML on Google+ Add HTML on Linkedin Visit HTML's Youtube Channel

    Re: Hi, guys! I have an Adware problem.

    Can you clarify if the av will not start in safe mode, or as it is now it will not start? Earlier it sounded like it was being prevented from starting, sounding to me like maybe the scumware is preventing it. If the software is stopping it, safemode will prevent it from loading when you reboot, and you should be able to run it then.

    Dave

  11. #11
    Enchantress's Avatar
    Junior Member

    Status
    Offline
    Join Date
    Mar 2005
    Location
    Ontario, Canada
    Posts
    26

    Re: Hi, guys! I have an Adware problem.

    So what you're saying, is that in safe mode it should run, right? Because then it wouldn't be blocked.
    This Adware is also blocking or redirecting any contact with Microsoft that I've tried initiating.

  12. #12
    HTML's Avatar
    Administrator

    Status
    Offline
    Join Date
    Aug 2000
    Posts
    3,445

    Follow HTML On Twitter Add HTML on Facebook Add HTML on Google+ Add HTML on Linkedin Visit HTML's Youtube Channel

    Re: Hi, guys! I have an Adware problem.

    It should, regardless you MUST do this in safemode, it will not work any other way. Be sure to follow each step outlined on the first page, do not skip or change the order.

    Dave

  13. #13
    Enchantress's Avatar
    Junior Member

    Status
    Offline
    Join Date
    Mar 2005
    Location
    Ontario, Canada
    Posts
    26

    Re: Hi, guys! I have an Adware problem.

    Okay. And when Rebooting, should I just press the reset button or the power button.......

  14. #14
    HTML's Avatar
    Administrator

    Status
    Offline
    Join Date
    Aug 2000
    Posts
    3,445

    Follow HTML On Twitter Add HTML on Facebook Add HTML on Google+ Add HTML on Linkedin Visit HTML's Youtube Channel

    Re: Hi, guys! I have an Adware problem.

    not sure what buttons you are talking about. when rebooting start>turn off computer>restart

  15. #15
    Enchantress's Avatar
    Junior Member

    Status
    Offline
    Join Date
    Mar 2005
    Location
    Ontario, Canada
    Posts
    26

    Re: Hi, guys! I have an Adware problem.

    Oh,...oops!
    I was thinking of the actual buttons... I'm still pretty new to computers.
    But I've found out some more information... apparently this one is from Estonia, and if I leave it on then it'll change my browser default. I went back to the Panda site to run another scan, and they couldn't clean it, however, when I looked it up in their virus database...apparently Panda ActiveScan was supposed to be able to clean it!

    Also, I've been getting some strange email claiming to be from Panda, but in the Headline or description, it lists Panda and some numbers. I haven't opened that, because I have no idea what it is.
    This is what it looks like:

    L-Soft list server at Panda Software (1.8e) Command confirmation request (BD35FBED)
    Last edited by Enchantress; 06-18-2005 at 07:40 AM.



Page 1 of 2 1 2 Last

Tags for this Thread