1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Do you have Adware, Spyware, Virus/Trojan or a Browser Hijacker?

Discussion in 'Windows - Virus and spyware problems' started by CJC, Nov 21, 2004.

Thread Status:
Not open for further replies.
  1. duraglo

    duraglo Guest

    Is webhancer a spyware??or adware?? What's the purpose of this webhancer anyway?? I've bben getting this webhancer in my CCleaner.Should i delete it or quarantine it??
     
  2. eLeCTR0n

    eLeCTR0n Regular member

    Joined:
    Mar 26, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    26
    if it's installed on your computer and you dont know what it is there is a really good chance that it's a spyware/adware. Now the fact that it's detected by your antispyware make me almost sure that it's spyware/adware. Another thing you can do is Google the name of the program and see what you get. I dont know if CCleaner shows you the location of the program on your harddrive, if it does or if you can find it yourself you can maybe back it up if your really worried. Worst case, if you delete it and then find out you needed it you can probably either download it again (which you will know if you can by Googling for it) or install from the CD it came with. By that time you will know what it's about.
     
  3. serranoX3

    serranoX3 Regular member

    Joined:
    Jun 6, 2005
    Messages:
    663
    Likes Received:
    0
    Trophy Points:
    26
    Please help me! My computer got infected with the Bloodhound.W32.EP virus and norton cant do nothing about it! What can I do? I want to remove it! Im tired of that norton antivirus pop up saying that my pc is infected and the virus cant be removed! Please help me!:(
     
  4. ken_919

    ken_919 Regular member

    Joined:
    Oct 31, 2004
    Messages:
    244
    Likes Received:
    0
    Trophy Points:
    26
    Try running Norton in safemode to remove the virus
     
  5. serranoX3

    serranoX3 Regular member

    Joined:
    Jun 6, 2005
    Messages:
    663
    Likes Received:
    0
    Trophy Points:
    26
    I did but it takes long to scan!
     
  6. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,314
    Likes Received:
    120
    Trophy Points:
    143
  7. serranoX3

    serranoX3 Regular member

    Joined:
    Jun 6, 2005
    Messages:
    663
    Likes Received:
    0
    Trophy Points:
    26
    It dont work for me! The link you gave me! After I install DirectX!
     
  8. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,314
    Likes Received:
    120
    Trophy Points:
    143
    what did it do???
     
  9. eLeCTR0n

    eLeCTR0n Regular member

    Joined:
    Mar 26, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    26
    Here is how to get rid of the virus manually. From TrendMicro.
    Do everything in the order it apears.


    Terminating the Malware Program

    Since this malware is memory-resident, and terminates Task Manager upon execution, you first have to rename the file TASKMGR.EXE to TASKMGR.COM.

    To rename TASKMGR.EXE to TASKMGR.COM.

    For Win9x/NT:
    Click Start>Find>Files or Folders.., type TASKMGR.EXE.
    For WinME/2000/XP:
    Click Start>Search>For Files or Folders.., type TASKMGR.EXE.
    When found, right-click TASKMGR.EXE then select Rename. Rename TASKMGR.EXE to TASKMGR.COM.
    The following procedure then terminates the running malware process. You will need the name(s) of the file(s) detected earlier.

    Open Windows Task Manager.
    » On Windows 95, 98, and ME, press
    CTRL+ALT+DELETE
    » On Windows NT, 2000, and XP, press
    CTRL+SHIFT+ESC, then click the Processes tab.
    In the list of running programs*, locate the malware file(s) detected earlier.
    Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your system.
    Do the same for all detected malware files in the list of running processes.
    To check if the malware process has been terminated, close Task Manager, and then open it again.
    Close Task Manager.

    --------------------------------------------------------------------------------
    *NOTE: On systems running Windows 95, 98, and ME, Windows Task Manager may not show certain processes. You can use a third party process viewer such as Process Explorer to terminate the malware process. Otherwise, continue with the next procedure, noting additional instructions.
    Removing Autostart Entries from the Registry

    Removing autostart entries from the registry prevents the malware from executing at startup.

    Since this malware terminates the Windows registry upon execution, you first have to rename the file REGEDIT.EXE to REGEDIT.COM.

    To rename REGEDIT.EXE to REGEDIT.COM.

    For Win9x/NT:
    Click Start>Find>Files or Folders.., type REGEDIT.EXE.
    For WinME/2000/XP:
    Click Start>Search>For Files or Folders.., type REGEDIT.EXE.
    When found, right-click REGEDIT.EXE then select Rename. Rename REGEDIT.EXE to REGEDIT.COM.
    Note: This is necessary to avoid executing the malware.

    You may then proceed to the following instructions:

    Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
    In the left panel, double-click the following:
    HKEY_LOCAL_MACHINE>Software>Microsoft>
    Windows>CurrentVersion>Run
    In the right panel, locate and delete the entry:
    EM_ExeEL = <3 random alphabet characters>.EXE
    In the left panel, double-click the following:
    HKEY_CURRENT_USER>Software>Microsoft>
    Windows>CurrentVersion>Run
    In the right panel, locate and delete the entry:
    EM_ExeEL = <3 random alphabet characters>.EXE
    In the left panel, double-click the following:
    HKEY_LOCAL_MACHINE>Software>Microsoft>
    Windows>CurrentVersion>RunServices
    In the right panel, locate and delete the entry:
    EM_ExeEL = <3 random alphabet characters>.EXE
    In the left panel, double-click the following:
    HKEY_LOCAL_MACHINE>System>CurrentControlSet>Control>
    SessionManager>Known16DLLs
    In the right panel, locate and delete the entry:
    AVICAP.DLL = "AVICAP.DLL"
    Close Registry Editor.

    --------------------------------------------------------------------------------
    NOTE: If you were not able to terminate the malware process as described in the previous procedure, restart your system.

    Let us know what happens with you.
     
  10. inamm

    inamm Guest

  11. DWSny

    DWSny Member

    Joined:
    Jun 27, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    11
    Help, please. I have "RECYCLER" on my home computer and can't get it off. I did not see a direct response to shdwsfall's post earlier.

    I am running Windows XP Home.

    What happens is that when I log on small windows open up at a very high rate. I keep clicking on "close group" and it stops for a short while and then starts again. If I do this 5-6 times the windows stop opening but then when I try to use any program it says "cannot open program Windows session is shutting down" It never does shut down. I had to pull the plug.

    I installed NAV ran it once and it got rid of a lot of crap but it did nothing about RECYCLER and I can't seem to get it to work again or in SAFE mode.

    I will try downloading the programs mentioned earlier in this thread but getting on the internet is hit or miss and I have only dial up.

    Any thoughts would be greatly appreciated.


     
  12. eLeCTR0n

    eLeCTR0n Regular member

    Joined:
    Mar 26, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    26
    I'd try running a different AntiVirus software like
    http://housecall.trendmicro.com and try updating your NAV
    also you need to run some antiSpyware/adware software like SpySweeper
    http://www.webroot.com/downloads/
    you also need to update your windows, at least service pack 1 and all the other critical updates, and update Internet Explorer

    As you can see all these problems you are getting are because of some flaws in Internet Explorer thats why you should neve use it. You need to get Firefox. It's a way better browser plus helps protect your computer because you will not get most of the spyware and adware you are getting from different web sites.
    http://getfirefox.com
     
  13. DWSny

    DWSny Member

    Joined:
    Jun 27, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    11
    If I can get on-line tonight I will try all. I do have Adaware and Spybot S&D. I also think an upgrade to DSL would help too. Thanks for the response. More tomorrow.
     
  14. eLeCTR0n

    eLeCTR0n Regular member

    Joined:
    Mar 26, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    26
    any time, let us know what happens with you.


     
    Last edited: Jul 1, 2005
  15. king85

    king85 Member

    Joined:
    Jul 4, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    11
    The best thing against spyware etc is yahoo Anti Spy

     
    Last edited: Jul 4, 2005
  16. king85

    king85 Member

    Joined:
    Jul 4, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    11
    anti spyware is bad
     
    Last edited: Jul 4, 2005
  17. king85

    king85 Member

    Joined:
    Jul 4, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    11
  18. DWSny

    DWSny Member

    Joined:
    Jun 27, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    11
    Up and running like a charm. I got home and my kid was using the computer. I asked him what he did and he said he just turned it on. I immediatly ran NAV, spybot and Ad-aware and got rid of a ton of junk. Thanks again. I'm off to the DVD forum for some other issues.
     
  19. tdurick

    tdurick Member

    Joined:
    Jun 6, 2005
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    11
    Hey, I have been using microsoft anti spyware for a while now and have not had a single problem since. I was just wondering what other people had to say about it. If there is something wrong with it let me know specifically, or what would be a better choice and why. Thanks!
     
  20. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,314
    Likes Received:
    120
    Trophy Points:
    143
    if in doubt download & run the links in my may 15 post to see if system is clean or not
     
Thread Status:
Not open for further replies.

Share This Page