General discussion

Locked

Live Update + Adware

By TWonk ·
I have a P4-1.8Ghz/256MB PC with WXP O.S., W2K MS-Office, Norton Systemworks, plus Zone Alarm firewall. My internet access is via ISDN and router to a full service local ISP.
Last year the family PC acquired the adware virus: ads345.com. It prevents Norton Systemworks from accessing the Live Update service for weekly downloads of virus definitions; it prevents manual download of updates thru Norton?s Intelligent Downloader, or accessing any anti-virus/anti-adware web site for their software download; plus, it takes several refresh tries in going from the internet browser home page to any links, giving the message:?page not found?.
Using an uninfected PC on my home LAN I downloaded XoftSpy anti-adware and transferred the executeable file to the infected PC thereby removing >200 adware files with good success. But am still unable to access Norton?s Live Update and I occasionally see the ads345.com address when logging on to the internet browser--even Norton techservice doesn?t know what to do.
WXP?s System Restore had to be turned off to accomplish some possible fixes, so it?s not possible to go back to last year for a restore.
Should I uninstall/reinstall Internet Explorer, WXP; reformat/partition the hard drive?
What?s your remedies? Thanks for your reply.

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to Live Update + Adware

If you can't get rid of it, and no one knows how to get rid of it, "it's a pain in the butt, throw it out".

reformat the thing.

Collapse -

by TWonk In reply to

Poster rated this answer.

Collapse -

by sgt_shultz In reply to Live Update + Adware

here is how i have got rid of spyware:
download, install and update Ad-aware se personal from www.lavasoftusa.com
download, install and update HiJack This from www. downloads.com
(i have not here of xoffspy so if you think it's fine use that instead. but i dunno if i would.)
now boot into safe mode (no networking) and disconnect your ethernet cable so you're not getting the internet until you ready to do it with conscious act of plugging cable back in, see?
now in safe mode with system restore off run ad-aware. take out whatever it finds and reboot (in safe mode again) and run it again. if it finds something it can't get out, run HiJack This and take out anything you think is suspicious. if in doubt, take it out. (what you got left to lose?)
Now you should be able to reboot (back away from the internet cable mister, not yet) in normal modde, scan with Ad-aware and not see any problems.
so now plug in internet and reboot and try for windows update.
if you are still getting hammered then try HiJack pro again and see if you can tell what is reinfecting. if you have 'nail' i was able to get it out finally with eweido security suite, free removal tool vouched for by dell website and also tomcoyote website.
these things can't come out for a couples reasons. one is they reinfect themselves on reconnection to internet and the 'seed' is probably in a folder that has banned you from it thru permissions. eweido seems to know how to take ownership and get around the lack of permissions to delete the thing.
some malware similarly creates registry entries with permissions set to exclude administrator or current user from deleting it...
HiJack This is used because it is brilliant little tool to get out activex controls and browser helpers objects and other stuff that redirects you to bad sites. you will see it find host files and other interesting stuff containing class c internet addresses. you see that, get rid of it...
i think if you went to symantec virus enclope

Collapse -

by sgt_shultz In reply to

i think if you went to symantec virus enclopedia and looked up ads345.com you would find it is called abetterinternet i believe and is classed a virus and can be removed. so maybe you anti-virus is not hacking it anymore. if you have had this thing for a while, it has opened you to huge flood of spyware, trojans etc. the longer you have it the more trashed you get which is why you may want to just reformat as suggested.
but i have recoverd systems (mom's for one) trashed horribly with hundreds of virus laden files and vx2 and the system became fine.
your mileage may vary.

Collapse -

by sgt_shultz In reply to

and make sticky reminding you to turn system restore back on when you get clean scans again...
and do all your windows updates

Collapse -

by TWonk In reply to

Poster rated this answer.

Collapse -

by jm In reply to Live Update + Adware

Try the Microsoft antispyware beta, available from www.microsoft.com, and let me know. It's free and it's been great for me so far. It should remove the adware.

After that's in place you should be safe. Your system, however, may need to be rebuilt due to earlier efforts to repair the problem and/or irreparable damage to your O/S. I would recommend a clean O/S install into the same directory.

You may want to remove IE and go with Mozilla Firefox as your browser, especially if you are thoroughly frustrated with all the adware crap that's out there.

Collapse -

by TWonk In reply to

Poster rated this answer.

Collapse -

by w2ktechman In reply to Live Update + Adware

If those dont work you can try adding ads345.com to the blocklist. Also try Spyware blaster to block many activeX controlds and domain names from working.
Look through the processes and see if anything is running that shouldnt.
try upgrade to SP2 for better management of IE add-ins, and try disabling some until you can detrermine which may be causing it.
In safe mode
look through installed programs and uninstall unknown programs, then search through the c\program files\ and move unknown program folders from there to another location (or rename some of the .dll and .exe files)
empty these folders c:\temp;%SYSTEMROOT%\TEMP;c:\documents and settings\%userprofile%\local_settings\temp; and %systemroot%\prefetch.
If using all of these antispyware/AV tools and manually trying to remove does not work, then I would suggest to rebuild the system. But dont just format, use a drive scrubber first

Collapse -

by TWonk In reply to

Poster rated this answer.

Back to Windows Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums