Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: PotatoMan on August 19, 2008, 04:22:13 PM

Title: Adware help
Post by: PotatoMan on August 19, 2008, 04:22:13 PM
O.K., when we first got our new computer we kept getting these popups from the Windows Messanger Service every five minutes telling us that Windows has found 55 critical errors and we need to go to nowfixpc.com to get RegSweep to fix it. Now I know RegSweep is adware, and my Grandmother downloaded it. I deleted its program files, and Spybot took care of the registry keys, and we disabled the messanger service and it seemed to stop. I am not sure it is completely gone because now we are getting messages every five to ten mins telling us Windows is increasing our paging file. This even pops up when the screensaver is on!

Also another notable thing, everytime I ran AVG when I had AVG it found adware in the exact same registry key, and no matter how many times AVG cleaned, it would remain.

I think I might still have adware on my computer that Spybot and avast! aren't seeing, even if it is small, I still want it GONE.

Any advice?

NOTE: Since people on this forum are notorius for not reading the whole post, I put this note here to remind them. READ THE WHOLE POST.
Title: Re: Adware help
Post by: wyrmrider on August 19, 2008, 09:41:41 PM
I looked below the Read Whole Post message but did not see anything
Am I missing something?

Let's start with the basics
Update Avast and then right click the ball and schedule a boot time scan
anything?

Run the AVG removal tool

Did you ever have Norton, Panda, Mcaffe etc preinstalled? if so run their removal tools

then
What if Windows Security Center Shows AntiVir or other muliple Antivirus products installed?

One quirk with AV's  causes it to still show up in the Windows Security Center even when its been uninstalled properly. If this is the case, please refer to this article to resolve it.

http://www.pchell.com/support/multiple_antivirus_in_security_center.shtml

THEN
Using the AntiVir Registry Cleaner

If for some reason the normal uninstall does not work, you may have to download AntiVir's registry cleaner utility to remove all traces of it from the registry and allow you to reinstall it.

1) Click on the following link and download the AntiVir Registry Cleaner to your desktop

http://dl.antivir.de/down/windows/registrycleaner.zip

2) Create a folder on your desktop called Antivir and Unzip the file to your desktop
3) Double-click on the file called RegCleaner.exe to run it

4) Since the program is German, you'll have to click on the button called "keys asulesen" to search the registry for any issues. Then place checkmarks next to the registry entries you wish to delete.

5) Finally, click on the button called "loschen" to delete the keys

6) Restart your computer and try to reinstall your AVAST

go to the malwarebytes.org site and download and run Rogue Remover and Malware bytes Anti spyware free
post back and we'll go on from there

I want to see if something is re spawning
Title: Re: Adware help
Post by: PotatoMan on August 20, 2008, 01:57:51 AM
Malwarebytes didn't find anything  :( :( :( :( :( :( :(.

The Avira RegCleaner found 24 keys. I don't know which to delete.  I think something is lurking in my registry.

Important note:  When I had AVG, it found Adware.TitanShieldAntiSpyware, Adware.NewDotNet, and Adware.Revsci all in the registry plus that Adware.Gen that won't go away.

I guess if MBAM didn' catch anything, their is nothing there...

But I am certain their is some form of adware on this computer! With avast! and Spybot installed , it took 2 minutes, after the RegSweep thing, three minutes.

NOTE: I don't have a firewall, any recommendations? Comodo is marked as yellow by McAfee so no Comodo lol.

NOTE: Before avast!, this computer has had Avira (crashed the comp) and AVG but they are both gone. Do I need any other security items? CURRENT ITEMS: Malwarebytes Anti Malware, avast! antivirus 4.8 with yesterdays detections, Spybot Search and Destroy.
Title: Re: Adware help
Post by: Lisandro on August 20, 2008, 03:42:37 AM
NOTE: I don't have a firewall, any recommendations? Comodo is marked as yellow by McAfee so no Comodo lol.
What did you expect from McAfee against the competition?
PCTools was another suggestion IF it was not bought by Symantec.
Stay and trust Comodo...

NOTE: Before avast!, this computer has had Avira (crashed the comp) and AVG but they are both gone. Do I need any other security items? CURRENT ITEMS: Malwarebytes Anti Malware, avast! antivirus 4.8 with yesterdays detections, Spybot Search and Destroy.
http://forum.avast.com/index.php?topic=28395.msg231962#msg231962
Title: Re: Adware help
Post by: wyrmrider on August 20, 2008, 07:08:31 PM
just because MBAM did not find anything does not mean that you are clean

listen to TECH on the Comodo issue
what do we have mcafee for anyway?

24 hits with the Antivir tool and you used to have just about all of the problem children at one time or another on your machine

I cannot reiterate how important this is
AVG and ANTIVIR are NOT completely gone, and you have mcafee around somewhere?
There are things lurking in your registry
Download a fresh copy of Avast to a file
DL the uninstaller tools and Antivar registry cleaner to a file
go offline
REmove every AV you have with Add remove programs except One
use every AV you have ever had uninstaller tool Avast, Anitivr, AVG, Mcafee etc
run the Antivir reg cleaner and let it work
install ONE AV

Antivir most likely crashed because of incompletely removed AVG
report back

Today is Wednesday  update Spybot, re-immunize every
Wednasday  run a Spybot scan when you get a chance
when you get done Run a scan With Superantispyware and Malware Bytes rogue remover
then if you still think there is something we can dig deeper
next I'd try a Kaspersky on line scan
spread these out if you are short on time
Title: Re: Adware help
Post by: PotatoMan on August 21, 2008, 06:17:15 AM
just because MBAM did not find anything does not mean that you are clean

listen to TECH on the Comodo issue
what do we have mcafee for anyway?

24 hits with the Antivir tool and you used to have just about all of the problem children at one time or another on your machine

I cannot reiterate how important this is
AVG and ANTIVIR are NOT completely gone, and you have mcafee around somewhere?
There are things lurking in your registry
Download a fresh copy of Avast to a file
DL the uninstaller tools and Antivar registry cleaner to a file
go offline
REmove every AV you have with Add remove programs except One
use every AV you have ever had uninstaller tool Avast, Anitivr, AVG, Mcafee etc
run the Antivir reg cleaner and let it work
install ONE AV

Antivir most likely crashed because of incompletely removed AVG
report back

Today is Wednesday  update Spybot, re-immunize every
Wednasday  run a Spybot scan when you get a chance
when you get done Run a scan With Superantispyware and Malware Bytes rogue remover
then if you still think there is something we can dig deeper
next I'd try a Kaspersky on line scan
spread these out if you are short on time

Programs installed on my computer:

avast! antivirus
Malwarebytes AntiMalware
Adobe Flash Player Plugin
Adobe Shockwave
Adobe Reader
Spybot - Search and Destroy
Winzip 11.2 trial edition.
Mozilla Firefox
Windows Media Player 9
McAfee SiteAdvisor
(and other Windows tools, updates and such)

Programs Removed

Natural Motion Endorphin Learning Edition 2.7
AVG Free 8.0
Avira Antivir (Crashed my computer, yes it came from offical website)
PC Tools Antivirus
RegSweep (Adware)
Open Office

My computer specs

Windows 2000 Service Pack Four
Intel Aptivia, 192 MB RAM, 11.3 GB HDD/ 2.5 Used (I know, pathetic)

And also, Comodo is not compadible with my computer, too large and takes too much RAM.

Now, what do I need to do to make this thing go faster?

I heard of an App called CCleaner that really cleans junk off your computer. What do you guys think?





Title: Re: Adware help
Post by: oldman on August 21, 2008, 08:44:11 AM
Hi Potatoman

What you are seeing is an exploit in the Windows Messenger Service, (note: this is not the instant messenger). You can turn that service off, as you dont need it. You should also install a firewall, which will also stop the popups. An older version of comodo may be compatible or PC Tools. The last Win2k computer I set up had Sygate. Maybe  not the best, but better than nothing.

For the messenger service, follow the instructions here

http://www.itc.virginia.edu/desktop/docs/messagepopup/

Take care.
Title: Re: Adware help
Post by: Lisandro on August 21, 2008, 05:19:46 PM
I heard of an App called CCleaner that really cleans junk off your computer. What do you guys think?
Go ahead, good application. You can install the Slim version (without Yahoo toolbar).
Title: Re: Adware help
Post by: YoKenny on August 21, 2008, 05:52:07 PM
Hi Potatoman

What you are seeing is an exploit in the Windows Messenger Service, (note: this is not the instant messenger). You can turn that service off, as you dont need it. You should also install a firewall, which will also stop the popups. An older version of comodo may be compatible or PC Tools. The last Win2k computer I set up had Sygate. Maybe  not the best, but better than nothing.

For the messenger service, follow the instructions here

http://www.itc.virginia.edu/desktop/docs/messagepopup/

Take care.

I like Shoot The Messenger:
http://www.grc.com/stm/shootthemessenger.htm

I install all of the Freeware Security utilities on systems I work on.
Title: Re: Adware help
Post by: oldman on August 22, 2008, 06:35:06 AM
Does the same thing, stops or disables the messenger service.
Title: Re: Adware help
Post by: PotatoMan on August 22, 2008, 09:44:57 AM
just because MBAM did not find anything does not mean that you are clean

listen to TECH on the Comodo issue
what do we have mcafee for anyway?

24 hits with the Antivir tool and you used to have just about all of the problem children at one time or another on your machine

I cannot reiterate how important this is
AVG and ANTIVIR are NOT completely gone, and you have mcafee around somewhere?
There are things lurking in your registry
Download a fresh copy of Avast to a file
DL the uninstaller tools and Antivar registry cleaner to a file
go offline
REmove every AV you have with Add remove programs except One
use every AV you have ever had uninstaller tool Avast, Anitivr, AVG, Mcafee etc
run the Antivir reg cleaner and let it work
install ONE AV

Antivir most likely crashed because of incompletely removed AVG
report back

Today is Wednesday  update Spybot, re-immunize every
Wednasday  run a Spybot scan when you get a chance
when you get done Run a scan With Superantispyware and Malware Bytes rogue remover
then if you still think there is something we can dig deeper
next I'd try a Kaspersky on line scan
spread these out if you are short on time

No, as soon as I installed Avira (I had AVG installed at the time), my computer usage went up to 100% and nothing worked (Ctrl Alt Del, and so on). It never responded. Rebooted and it had the same problems. Booted in safe mode and deleted the Avira program files (because it wouldn't let me uninstall from add/remove), and deleted the rest with CCleaner (yesterday)

I am scared to use CCleaner as it might delete vital registry keys.
Title: Re: Adware help
Post by: YoKenny on August 22, 2008, 10:14:44 AM
No, as soon as I installed Avira (I had AVG installed at the time), my computer usage went up to 100% and nothing worked (Ctrl Alt Del, and so on). It never responded. Rebooted and it had the same problems. Booted in safe mode and deleted the Avira program files (because it wouldn't let me uninstall from add/remove), and deleted the rest with CCleaner (yesterday)

I am scared to use CCleaner as it might delete vital registry keys.

Now you realize the perils of running two active anti virus applications at the same time.

I have run CCleaner ever since it became available and it has not deleted one vital registry key for me.

In fact I find its registry cleaning quite tame.
Title: Re: Adware help
Post by: wyrmrider on August 22, 2008, 04:55:27 PM
CCleaner has a file cleaner and a registry cleaner
file cleaner is quite safe registry cleaner also ok
CCleaner file cleaner will not help remove registry entries- it gets temp files cookies etc
I recommend the Antivir cleaner as it is specifically tweeked to remove old AV entries
Antivir also has a removal tool which should be run- check their "tools" page" (happy hunting) start with "downloads" or "Programs"
Also AVG has a NEW removal tool
run the Mcafee removal tool
ya gotta remove ALL of that old AV CRAPOLA
then a fresh Avast install

ps- how does this board compare with AVG's :)

You saw post 5 in the drivespace thread
any other questions post em up
Title: Re: Adware help
Post by: Lisandro on August 23, 2008, 03:40:08 AM
I am scared to use CCleaner as it might delete vital registry keys.
It's a very conservative registry cleaner, not aggressive. It does not delete vital registry keys.