Site New Answers Search Boards ILM ILE Answers New Question New Questions New Poll Blog View Register Login

Computer question : homepage hijacker/adware

Message Bookmarked
Bookmark Removed
A quick question : I am trying to get rid of a homepage hijacker virus without success. HijackThis is a little utility that I have used successfully in the past, but while it can identify it, it won't shift it. MS Antispyware also identifies it and claims that it has cleaned it away, but it won't go.

I have identified 3 files in WinNT/System 32 that are associated with the virus, there's a DLL, a TMP file and an exe. However I can't delete them as it won't let me. It says they're in use. I've tried stopping the exe in task manager and then zapping it, but this won't work either. Also I've tried buggering around with permissions etc but this does no good.

Can anyone suggest a way to kill this mutha? I am reasonably compulter literate, quite happy to edit registry entries etc. It's pissing me off.

Thanks!!

Dr. C (Dr. C), Wednesday, 25 May 2005 08:17 (twenty-one years ago)

Have you run CWShredder, Dr C? I strongly suggest you do.

Markelby (Mark C), Wednesday, 25 May 2005 08:23 (twenty-one years ago)

Yeah, I tried that, Mark. Didn't work.

Dr. C (Dr. C), Wednesday, 25 May 2005 08:32 (twenty-one years ago)

Booting into safe mode and then deleting it?

(or, equally, booting using a Linux Live CD like Knoppix and deleting it from there)

caitlin (caitlin), Wednesday, 25 May 2005 09:44 (twenty-one years ago)

(actually, that latter option won't work if your hard disk is NTFS.)

caitlin (caitlin), Wednesday, 25 May 2005 09:44 (twenty-one years ago)

Have you tried Ad-Aware?

Otherwise, try googling some of the filenames. There may be removal utilities available from places like Symantec.

robster (robster), Wednesday, 25 May 2005 09:48 (twenty-one years ago)

You need:

A good antivirus package (try running Stinger first to get rid of any more common/recent trojans)

For AV

Try AVG it's free

Then get:

Microsoft Antispyware
Adaware
CWShredder

Hijack this is a useful tool but it doesnt get rid of anything unless you tell it to, it tells you what what's starting up and gives you any browsers plugins and other browser settings you can remove.

Jarlr'mai (jarlrmai), Wednesday, 25 May 2005 10:17 (twenty-one years ago)

I tried following Caitlin's advice by booting in Safe Mode. However I can't get past the 'Log On To Windows' Screen. It won't accept my username and password! Now I am really fucked as I can't get into Windows to reset SafeBoot to 'off'. Any ideas anyone?

Dr. C (Dr. C), Wednesday, 25 May 2005 10:44 (twenty-one years ago)

Press F8 on boot and select "boot windows normally"

Jarlr'mai (jarlrmai), Wednesday, 25 May 2005 10:53 (twenty-one years ago)

Didn't get as far as the bit where F8 takes effect, it seems, as nowt happens. BUT...I got in via a default adminstrator log-in and I HAVE ZAPPED THE MUTHA!!

Thanks to all for advice, even for stuff I'd tried already. Caitlin - a million thanks for the safe mode tip. That's what worked in the end, combined with Hijack this to sweep away some debris. I KISS YOU!!

Dr. C (Dr. C), Wednesday, 25 May 2005 11:30 (twenty-one years ago)


You must be logged in to post. Please either login here, or if you are not registered, you may register here.
Site New Answers Search Boards ILM ILE Answers New Question New Questions New Poll Blog View Register Login