I would suggest you run all three, Spybot Search and Destroy, Hijack This and Adaware first and clear what you can. Make sure to update each version first. Run your anti-virus again.
Then search for any information you can from the trojans. By name, file, etc and look for forums where others have had the same experience and see what solutions they used to get them out.
Good luck.

EVO

I found spy sweeper to be better at removing Trojans than Symantec anti virus! Its worth the dough.

Total dogs, have you reported this to Google_Guy?

That sucks man! I keep a Mac and a PC on my desk at all times and use the Mac for most of my browsing and all of my email for this very reason.

Another place you can report this is the "Help us Improve" link at the bottom of the search results for that term. Explain exactly what the site did to you.

Google needs to know about stuff like this, and the more channels they hear it from the better.

Also spy blaster it's free and has a home page lock so you can lock the home page. Also try using Avast (free) it cleans things that norton doesn't (trojans,worms and virus) I use both now. I purchased spy ferret it is also very good to clean spyware and scumware. I had to clean recently I work from home mostly and have minor eyes walking past every now and then. What ever spyware cleaner you get run it more than once to make sure the machine is clean. Easy cleaner and adware will help clean the registry. Once you clean, if using xp check what processes are runing these s***heads put stuff all over the hard drive. so you have to check, check and recheck.

I got slammed with a bunch of trojans recently on a very high profile and normally legit online literature site.

Took a couple of cleanup programs and a lot of fishing around by hand... and about 15 reboots to get going again.

Joy Joy.

Derek, if you were on those website with your administrative account, your right to edit your registry is probably taken over as well. You will have to write a windows script to take over the administrative right again.

To enable the home address in explorer again, change this field

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel]

to dword:00000000

Also do it for HKEY_CURRENT_USER

It could actually get worse than this. If a phone line is connected to your modem, some malicious websites will attempt to make a phonecall to a number overseas. Make sure you unplug the modem if you think you are swamped by spywares.

Hi All

Thanks for all your advice and encouragement. This was one of the trojans downloaded and the one which was the most virulent. Even the 404 error page had been changed so that it contains a directory.

[webmasterworld.com...]

I have tried several spyware removal programs without success. I think I have got it in control with a free download called cwshredder. However, it seems that another trojan is active which causes a pop-up window from time to time. This pop-up window either advertises pop-up removal or spyware removal software. This really makes me think whether they are the same people behind this scum site.

That malicious is still showing up in the top five positions for the seatch terms "affiliate network" "affiliate networks" and "affiliate program network" Thousands of surfers must have been trapped everyday now. Of course, there is a possibility that the site was legit in the first place but had been hacked and hijacked.

This really should be taken up with law enforcement agencies. At least they should investigate the makers of anti-popup and anti-spyware software have anything to so with this scam.

I think I will have to reformat my hard disk in due course. In the meantime I want to learn as much as I can about the problems.

Anyway thanks for all you help! At least I feel a bit better now.

Derek

Just had my computer totally trashed by that stuff. Useless - nothing would remove it. Now the brand new one got hit with a driveby like that by clicking on a site at Google less than 24 hours after getting hooked up. At least the Yahoo toolbar caught it - I hope.

Nothing is even installed yet; I'll have to download all the trash-removers out there first thing.

The email lists I'm on are full of posts about it - it's like an epidemic.

Hijackthis really helped me with mine - spybot & adaware wouldn't totally get rid of it.

I had the google toolbar blocking popups when it happened too.

FWIW, I browse almost exclusively with Netscape and have never had a spyware infection. I don't want to start a "which browser is better" debate, but the fact is that MSIE has a lot of security holes that other browsers don't.

My kids use MSIE on my other computer and have had numerous infections. I turned up the security, install new patches when they come out, warned my kids never to "accept" anything, even downloaded an additional utility that was supposed to prevent auto-install, but it still happens.

(By the same token, I don't use MS Outlook for email and I have never had a virus infection either.)

By the same token, I don't use MS Outlook for email and I have never had a virus infection either.

I do use it - and have never had a virus infection either (at least my computers haven't).

My wife complains about me sharpening knives before using them. I give her the line about them being safer BECAUSE they're sharper. But in my heart, I know that I don't cut myself because I am more careful with a sharper knife.

And I never let my kids play with sharp knives OR my computer.

Funnily enough, the past week I have been plagued by similar spyware/adware. I've been using Adaware which has detected and cleaned my machine, however they keep coming back!

Has anyone any suggestions how best to prevent them in the first place?

I agree, it is all very sickening!

Has anyone any suggestions how best to prevent them in the first place?

SpywareBlaster

Has anyone any suggestions how best to prevent them in the first place?

I know it sounds like a broken record but a better browser(Opera, Mozilla, Netscape, Firefox) take your pick, and a firewall(zonealarm) will prevent the vast majority.

My wife complains about me sharpening knives before using them. I give her the line about them being safer BECAUSE they're sharper. But in my heart, I know that I don't cut myself because I am more careful with a sharper knife.

Sharp knives are less dangerous because they require less force to use. Every time I've cut myself with a knife I was using too much force on a too dull blade. I'll withhold an analogy beyond mentioning what has already been posted about browser choice.

I ran ad-aware under full scan mode with the latest
update. After 3 tries and two reboots, I finally got
the machine clean.

[rant] I tell you, the way I felt last night, if I knew the address of the idiot who wrote this crap; lets just say that the human gene pool would be a little more purified [/rant]

I use Bazooka, to find trojans and spyware on my system. It will scan for them, and then give me step by step instructions on how to remove them. Check them out! (Its free). Search Google for "download bazooka"

I set my 10y.o son up with Mozilla on an old box, told him to watch what he agreed to, and basically let him rip. Mostly he downloads game demos, free games, etc. He did not like mozilla so got the latest IE. Soon he had a whole lotta Yahoo stuff, some weird toolbar on the desktop all the time,half a dozen home page hijackers, and kept complaining his puter was crashing. Told him to get spybot, but every time he downloaded it the file was corrupt. (Think it was a trojan doing that.)
I finally gave him a hand last night. Ctrl alt del showed about 9! backdoors/trojans. Killed them, got spybot, Hijackthis and adaware. After 2 hours hacking, numerous reboots I got rid of all but 2 of them. A bit of slash n burn on the registry killed the rest.
In all, there were over 4,000 infected files, including things called ****search, porn dialers etc. This is a kids computer after 3 months fairly normal use.
I wonder what all his friends computers, with less 'net savvy users look like?

Run spyware blaster to help prevent this!

And if all else fails as far as getting rid of that junk, just re-format your hardrive! I think that is easier than trying 5 different programs that won't work.

Sharp knives are less dangerous because they require less force to use.

Agreed - That's what I meant by "the line about sharp knives being safer."

I guess one of my points was that people routinely use seemingly dangerous devices everyday without maiming themselves. That is because they are careful about what they do. Conversely, you can hurt yourself with just about anything if you're stupid enough. (I would guess that the makers of Nerf footballs have had injury lawsuits.) I think IE and Outlook just make it really easy to be stupid. As in using them in their default configurations.

Also, a previous post had implied that not using Outlook Express was the cause of the person never having been infected. So I guess the other point was that it is probably more a case of being sensible and careful than of not using Outlook Express.

I know it sounds like a broken record but a better browser(Opera, Mozilla, Netscape, Firefox) take your pick, and a firewall(zonealarm) will prevent the vast majority.

When I first read this, I thought it wasn't very helpful! Well, after installing every spyware removal tool under the planet, I was still having problems.

I've now installed Opera, and all my problems are gone. I tell you, I'm not going back!

To: derekwong28

I've found the best way, for me, is just uninstall
Windows and reload.

It is impossible for honest software companies
to keep up with every piece of malware and
registry trick floating around the Wild Wild Web.

I also use the Opera 6.04 browser.

Personally, I think whoever loaded these programs
onto you computer should be put in jail.

RadarCat

Contact Google and Yahoo. Google has some kind of new thing where they want to know if websites are "doing evil". So contact them and let them know that some of their search results are doing evil. Yahoo is supposed to be working on a self-installer blocker. I'm sure they'd want to know about that type of site for their own edification (and perhaps to remove it from their SERPS as well).

Thanks for your advice. I had to reformat and reinstall my hard drive in the end. I just couldn't get rid of the pop-up window malware (it wasn't detectable)

As far as I can see, that web site is longer in Google or Yahoo. Somebody else must have complained about it.

Now we have another problem to sort out. Some of our customers have complained of receiving virus containing e-mails from us, yet Norton could not detect any viruses from our systems. I may have to reformat all our computers in the end.

I am trying to work out a system so that each computer is dedicated for particular tasks only and may consider switching to Netscape or Opera for browsing.

Derek

Hi!

At work we use computers dedicated
to specific business tasks only.

For example, our database entry computer
is dedicated to downloading info from
certain sites only. No fun surfing,
no software testing, just strictly business.

It runs Windows 98, Access 2000, Opera 6.03
(the paid version), and Eudora and hasn't
crashed hard or been reloaded in almost two years.

Internet Explorer and Outlook Express are
not even loaded on this database machine.

Regards,

RadarCat

"I found spy sweeper to be better at removing Trojans than Symantec anti virus"

I also recommend Webroots spysweeper, as it picked up and quarantined a trojan that was undetected by adaware, spybot search and destroy and my mcaffee virus scan.

Well, I recommend you all using [opera.com...] or [mozilla.org...] .These 2 browsers are great, it's light, don't take much memory of the computer, also it's easy to manage cookies, catch...also the best is it's very easy to add or remove.

Google has some kind of new thing where they want to know if websites are "doing evil".

Thats the only kind of thing that will keep these sites in check. They can't do evil if no one can find them.