Worst case scenario is if it's some kind of new hybrid spyware that installs a root kit. That's always a possibility and those are so stealthy a lot of times most of the best antivirus software doesn't detect them. I did hear rumors a couple months ago that some of the new popups actually have viruses embedded in them. I run NOD32 for antivirus now and I was surfing through a warez site one afternoon, just browsing :Comp:. NOD32 actually picked up and stopped some kind of porn toolbar from being installed on my computer and that was just surfing through a web page.
spyware sometimes these spyware programs embed themselves in the registry,try spysweeper it has worked for me better then spybot or any other program.
OK Boys and Girls, this is what I do for a living with my own company. And if it were easy for the Everyman to do it I wouldn't be working non-stop 7 days a week. Download and run Trojan Hunter (do a Google search). It is a free trial for 30 days, so after you update the software definitions and run it, then just uninstall it. Now, your problem seems to be caused by a small file that is being launched at bootup that goes out to the internet and reinstalls the toolbar. I've seen these before. Hijack this is a very good program, but unless you know what you are looking for (and also what you are doing) it can be a very harmful program as well. Run it and post (or PM me) the results. You can copy and paste the results into a text document if you need to. Also: Run CWShredder. Run Kazaabegone. Run Ad-Aware. Run Spybot. Run AboutBuster (do a Google search). Be sure to disable the restore function if using XP, and unplug the PC from the internet when doing the scans. Also, scan in safe mode as well. Ad-Aware and Spybot, while GREAT programs, sometimes can't do it all. I have purchased and use SpySweeper, Spyware Eliminator and Spyware Doctor. Sometimes I have to throw everything I have at a problem to cure it.
.....Try the new Microsoft AntiSpyware program - Its found things on my computer that NOTHING else has. Its a free download from microsoft.
I also use SpySweeper by Webroot. It works great. Here's a link: http://www.webroot.com/ You can run a spyware audit right from their sight, and you can even download a free, fully functional limited-time trial version if you like.
Can't help you with the current problem.. Yardley covered everthing. But I am at the point that my next box is going to be a Mac. They just do not have these problems. then use your old computer as a file server. Good luck.
Google is your friend... Your best source for removal of this trojan is Google. (Do a search on the executable or the toolbar name if possible.) Often, it will point you to web sites with detailed, step-by-step instructions on how to remove the trojan. Remedies may include booting from safe mode, registry edits (be careful), running code from the command prompt, deleting directories and manipulating the system/system32 folder under the OS's root folder. Also, when you get back up and running, do yourself a favor and install Mozilla's Firefox. It is quicker, it is more secure, it is more configurable and has dozens of free plugins that can be installed for added functionality. I hope this helps...
One other thing that no one else has mentioned...... Have a look at your root, Windows, and System32 directories for files and folders DATED on or around the date the problem started. Delete anything that is suspect. Since this is probably a mutating Virus/Spy prog, Googling for the name may not show it as its mutated name will not be found with a web search....but the files date will be the date it mutated. Secondly - not all the above programs show things that are 100% correct. SpySweeper is still showing me registry entries THAT DO NOT EXIST
Yes Alan. BUT!!!!! For the untrained... whacking files and/or folders from within the windows directory can result in a PC that no longer boots up. Just a word to all... when deleting files you didn't create yourself, be careful!
I've been working a lot of these situations for about 3 months, for a company that I work at part time. A lot of the newer spy ware won't come out by using "add and remove programs" or by trying to simply uninstall them. We "optimize" every system that we touch at the part time company, which means going in and removing all cookies, temp files, temporary internet files, and anything else that we can see is not required. The first thing that we do, before loading any adaware, spybot or virus scanning software, is to run the msconfig program to turn off anything that isn't necessary, that starts automatically and runs in the background on boot up. A lot of the spy ware and ads cannot be removed without doing this, as they load into the system memory and by just removing them, they load back up when the system reboots. Be very careful if using the msconfig program though, if you turn off something that is needed, it can start a chain reaction with some of the other processes that run and then your system may crash. Scott
Well, I've done EVERYTHING that you have all suggested, and very good seggestions are all of them. NOTHING will get rid of this thing! AI can get rid of it until I restart and that's it. IT comes, back, like a the cat. I also have the search miracle elite bar plug in in my damn system too. I currently have installed on my computer CWshredder Trojan Hunter Mircosoft Anitware Ad Aware SE Spybot search and destroy Highjack this Spy subtract I've run through 3 or 4 different online scans, cleaned out he registry run them all in safe mode and turned off the system restore. I'm beat everytime I turn it off, it's fine and everytime I turn it back on, It's full of Junk. Looks like I'm going to have to back up all of my info on CD's and reformatting. Not looking forward to this, let me tell you.
I had one of those once. Damn thing would *not* go away even with use of every spyware remover known to man and a few unorthodox methods (hex edited the crap out of it) until one day, poof, it was gone. I still wonder about it.
Another option may be to have someone remotely log onto your computer and take a wack at it. Its pretty easy to do with XP. You have nothing to lose if you are planning on reformatting. I could do it or one of the other good computer samaritans could.
Make sure you run all your scanning software after you boot into Safe Mode (someone mentioned this very early in the thread). Usually the bad programs can't get started in safemode, and they can be cleaned out completely. This doesn't always work, though. Linux is another good choice for a new computer - you won't get these problems with linux either.
