Well, this is probably one thing I never thought I would be talking about, but in the past few days, I have learned quite a bit about this.
My mother was visiting our home, while I was with my wife (we had our 4th and LAST baby Tristen Matthew). She was watching our 3 other children.
The last bit of instruction I gave her was "please do not play any of them dumb games that you play, on my computer. They download crap, and I don't want it on my PC. Email please and nothing else."
Yeah sounds harsh, but you must understand that I'm at her house at least 1-2 times per week fixing her computer because of the games she plays, etc.
That evening when I came home...she tells me "All I did was check email, and now your browser won't load." I sat down and instantly notice a ton of new dll files on my desktop. Then a silent rage set in. It was obvious that she had done much more than she said, and much more than I told her.
Finally I'm able to get IE to come up again. Problem was...no matter what URL was typed in it went to a "Page cannot be displayed" error, and had the url 404ads.net in the address bar. I was still able to look in the history file though, and sure enough....all of the games she normally plays was listed.
So, then I'm stuck using an inferior browser, just to find out more information. Who knew that Mozilla's bonus side feature was useful browsing, in a situation like this?
It seemed upon googling phrases related to the problem, A LOT of people had this same problem. There were a ton of suggestions, but no solutions, as nothing suggested by these people worked for the people they suggested them to, nor me.
Along the way, I found some very useful tools. One of which lists all browser related keys and values in the registry. It's called HijackThis, and can be downloaded here:
HijackThis - http://www.merijn.org/files/hijackthis.zip
Of course your registry is the most dangerous thing on your system to mess with. You can destroy your system beyond repair, in seconds. So don't use HijackThis if you don't know what you're doing.
None-the-less, I found 390+ entries that should not be there. Unfortunately HijackThis would not let me remove some of the more dangerous entries, as they were currently in use with their related files.
The ones that it would let me remove at least got rid of the ads, but IE was still not working. It actually showed my homepage in the address bar but still displayed the "Page cannot be displayed" error. So, I knew I was getting closer.
Just to clear this up, these are the definitions of Malware, Spyware, and Adware:
Malware - Malicious software, including viruses, worms, Trojans, Denial of Service and other such attacks. Sometimes referred to as rogue programs. These little gems can create hours of work, and cause some damage to your system of course, so their level of danger is high.
Spyware - a program that surreptitiously monitors your actions (including keystrokes in some instances). While they are sometimes sinister, like a remote control program used by a hacker, software companies have been known to use spyware to gather data about customers. The practice is generally frowned upon, because it is more widely used by hackers, ad companies, and system hijackers.
Adware - adware is considered to go beyond the reasonable advertising that one might expect from freeware or shareware. Typically a separate program that is installed at the same time as a shareware or similar program, adware will usually continue to generate advertising even when the user is not running the origianlly desired program. It's software that may have been installed on your computer by a remote site. Many free utilities that you download from the Internet will install hidden software that sends details of the websites you visit and other information from your computer (which can include your email address) to advertisers so they can target you with popup ads and spam.
In general, all of things can work together to give you 390+ big headaches.
Advise:
Be careful what you download. If it's free, there may be a reason it's free! There are ways to get rid of the intruders, and also ways to help prevent it happening again, which I'll explain. While all of the tools that I'm mentioning are free...they are indeed very popular, and from trusted companies.
The first step is removing the crap.
I found that Ad-Aware does an absolutely wonderful job at this. It takes a little while for Ad-Aware to scan your system. However, when it is done it will display all spyware, adware and malware files, folders, and registry entries. Prepare yourself for the result by sitting down first, as almost a guarantee it will find more there than you ever thought possible. My total of 390+ actually totalled 830 when scanned with Ad-Aware, therein lied my problem. I removed the 390+ and still nothing worked, because there were about 440 left.
Ad-Aware is also a free software utility, but their purpose for providing it free is that you may find it so useful that you upgrade to their pro version. However, the free personal version is quite enough for home users.
So the process was,
1. download Ad-Aware using Mozilla.
2. Run Ad-aware, quarantine, then remove. (The quarantine helps against accidental removal of actual useful or needed software)
3. Reboot
4. repeat 1,2 & 3, until you get a clean scan.
Tips in IE to prevent this
While IE is somewhat more vulnerable to these type of attacks and software, there are ways to help prevent and protect yourself.
1. Make sure you do not automatically allow ActiveX controls or plugins, whether they be signed or unsigned, to install on your system. This is one of the leading methods of these malicious companies to get their crud on your system. So, set your security levels to medium, and either set "Download Signed/Unsigned ActiveX Controls" to "disable" or "prompt"
2. Don't download just any freeware software. Make sure it's a trusted company. (trusted companies can also sometimes install adware or spyware on your system, but it's typically not damaging, they just want demographics, and after this post you'll know how to get rid of it anyway, if you want to).
3. Be VERY VERY careful what you download from p2p apps like Kazaa, etc. Hackers LOVE to bundle spyware and malware in their pirated copies of software. I know some of you out there use these applications. I don't need or want to know who you are, and being defensive is not necessary. If you do this....just be careful.
Software:
Well that's my book for the day. I apologize for the long story, but since this is covered but seems to have never been solved throughout tons of google results, I figured I would post the solution here so that you folks won't have to spend the same 17 hours I did
My mother was visiting our home, while I was with my wife (we had our 4th and LAST baby Tristen Matthew). She was watching our 3 other children.
The last bit of instruction I gave her was "please do not play any of them dumb games that you play, on my computer. They download crap, and I don't want it on my PC. Email please and nothing else."
Yeah sounds harsh, but you must understand that I'm at her house at least 1-2 times per week fixing her computer because of the games she plays, etc.
That evening when I came home...she tells me "All I did was check email, and now your browser won't load." I sat down and instantly notice a ton of new dll files on my desktop. Then a silent rage set in. It was obvious that she had done much more than she said, and much more than I told her.
Finally I'm able to get IE to come up again. Problem was...no matter what URL was typed in it went to a "Page cannot be displayed" error, and had the url 404ads.net in the address bar. I was still able to look in the history file though, and sure enough....all of the games she normally plays was listed.
So, then I'm stuck using an inferior browser, just to find out more information. Who knew that Mozilla's bonus side feature was useful browsing, in a situation like this?
It seemed upon googling phrases related to the problem, A LOT of people had this same problem. There were a ton of suggestions, but no solutions, as nothing suggested by these people worked for the people they suggested them to, nor me.
Along the way, I found some very useful tools. One of which lists all browser related keys and values in the registry. It's called HijackThis, and can be downloaded here:
HijackThis - http://www.merijn.org/files/hijackthis.zip
Of course your registry is the most dangerous thing on your system to mess with. You can destroy your system beyond repair, in seconds. So don't use HijackThis if you don't know what you're doing.
None-the-less, I found 390+ entries that should not be there. Unfortunately HijackThis would not let me remove some of the more dangerous entries, as they were currently in use with their related files.
The ones that it would let me remove at least got rid of the ads, but IE was still not working. It actually showed my homepage in the address bar but still displayed the "Page cannot be displayed" error. So, I knew I was getting closer.
Just to clear this up, these are the definitions of Malware, Spyware, and Adware:
Malware - Malicious software, including viruses, worms, Trojans, Denial of Service and other such attacks. Sometimes referred to as rogue programs. These little gems can create hours of work, and cause some damage to your system of course, so their level of danger is high.
Spyware - a program that surreptitiously monitors your actions (including keystrokes in some instances). While they are sometimes sinister, like a remote control program used by a hacker, software companies have been known to use spyware to gather data about customers. The practice is generally frowned upon, because it is more widely used by hackers, ad companies, and system hijackers.
Adware - adware is considered to go beyond the reasonable advertising that one might expect from freeware or shareware. Typically a separate program that is installed at the same time as a shareware or similar program, adware will usually continue to generate advertising even when the user is not running the origianlly desired program. It's software that may have been installed on your computer by a remote site. Many free utilities that you download from the Internet will install hidden software that sends details of the websites you visit and other information from your computer (which can include your email address) to advertisers so they can target you with popup ads and spam.
In general, all of things can work together to give you 390+ big headaches.
Advise:
Be careful what you download. If it's free, there may be a reason it's free! There are ways to get rid of the intruders, and also ways to help prevent it happening again, which I'll explain. While all of the tools that I'm mentioning are free...they are indeed very popular, and from trusted companies.
The first step is removing the crap.
I found that Ad-Aware does an absolutely wonderful job at this. It takes a little while for Ad-Aware to scan your system. However, when it is done it will display all spyware, adware and malware files, folders, and registry entries. Prepare yourself for the result by sitting down first, as almost a guarantee it will find more there than you ever thought possible. My total of 390+ actually totalled 830 when scanned with Ad-Aware, therein lied my problem. I removed the 390+ and still nothing worked, because there were about 440 left.
Ad-Aware is also a free software utility, but their purpose for providing it free is that you may find it so useful that you upgrade to their pro version. However, the free personal version is quite enough for home users.
So the process was,
1. download Ad-Aware using Mozilla.
2. Run Ad-aware, quarantine, then remove. (The quarantine helps against accidental removal of actual useful or needed software)
3. Reboot
4. repeat 1,2 & 3, until you get a clean scan.
Tips in IE to prevent this
While IE is somewhat more vulnerable to these type of attacks and software, there are ways to help prevent and protect yourself.
1. Make sure you do not automatically allow ActiveX controls or plugins, whether they be signed or unsigned, to install on your system. This is one of the leading methods of these malicious companies to get their crud on your system. So, set your security levels to medium, and either set "Download Signed/Unsigned ActiveX Controls" to "disable" or "prompt"
2. Don't download just any freeware software. Make sure it's a trusted company. (trusted companies can also sometimes install adware or spyware on your system, but it's typically not damaging, they just want demographics, and after this post you'll know how to get rid of it anyway, if you want to).
3. Be VERY VERY careful what you download from p2p apps like Kazaa, etc. Hackers LOVE to bundle spyware and malware in their pirated copies of software. I know some of you out there use these applications. I don't need or want to know who you are, and being defensive is not necessary. If you do this....just be careful.
Software:
- HijackThis - http://www.merijn.org/files/hijackthis.zip (don't use this if you don't know what you're doing.)
- Ad-Aware - http://www.lavasoftusa.com/support/download/
Well that's my book for the day. I apologize for the long story, but since this is covered but seems to have never been solved throughout tons of google results, I figured I would post the solution here so that you folks won't have to spend the same 17 hours I did
Wonderful posts guys! Wonderful! Great value! :agree:
