You could try spybot search and destroy. It seems to get what Adaware dosn't.

Regarding the popups. If friend is using WinXP there is a messenger service that is often abused by advertisers.
If so he can try clicking on START - CONTROL PANEL - ADMINISTRATIVE TOOLS - SERVICES SHORTCUT - DOUBLECLICK ON MESSENGER - GO TO "STARTUP TYPE" AND CHANGE IT TO "DISABLE" - Worked for me.

This service is provided for networked computers so admin can contact other computers with IM's. It is NOT related to any online messenger however adverts can send popups through this "service". The most usual ones I've seen are ads to "stop popups".

I have the same problem with adsrve. Still looking for answers and will post when I find it.

... hmm, this adsrve.com thing seems to be an anonymous operation, so you probably don't want to contact them directly but talk to their providers instead.
A whois lookup shows anonymous and fake entries.

You may contact their Registrar NetworkSolutions to get their domain registration nuked for providing false registration data (although registrars seem to be reluctant in doing so ...).

Their server's IP address and their nameservers are owned by ViaWest.
Complain to ViaWest about them. I don't know ViaWest so I can't tell if they are spamfriendly or if they will throw them out, but it will be worth a try.
Good luck!

Regards,
R.

One of our customers is running XP Home and started having problems a couple of weeks ago where when he starts Internet Explorer and clicks on a link, regardless of where the link is pointed, the browser is driven to www.adsvre.com with some information that indicates where the browser is running. Sometimes an ad comes up in place of the expected link, other times the browser just hangs up and stops responding. In addition to being very annoying, this doesn't seem like a very nice thing to do. It appears that the domain adsvre.com is not registered right now, although it may have been in the recent past.

Something I noticed is that the C:\Windows\System32 folder contains a file called 'sb.htm' that contains the following:

<FORM METHOD=GET ACTION="http://www.adsrve.com/s/" target="_main">
<font size="-1">Find a Web page containing:</font>
<INPUT TYPE=TEXT NAME=s VALUE="" SIZE=10>
<INPUT TYPE=SUBMIT VALUE="Search">
</FORM>

I tried renaming this file and a new one is created when the system reboots. There are also some registry entries that reference 'adsvre':

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search Assistant\ACMru\5603\000
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search Assistant\ACMru\5603\001
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search Assistant\ACMru\5604\000
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\adsrve.com\www

I would be very much interested to know if anyone finds a solution that will restore the machine to normal operation.

learning,
>>><FORM METHOD=GET ACTION="http://www.adsrve.com/s/" target="_main">
<font size="-1">Find a Web page containing:</font>
<INPUT TYPE=TEXT NAME=s VALUE="" SIZE=10>
<INPUT TYPE=SUBMIT VALUE="Search">
</FORM>

That is the same text that appears on the site; [adsrve.com...]

If the file is recreated when you reboot then check to see if there is a reference to it in any of your start-up files.

I followed XCandymans advice and downloaded SypBot Search and Destroy from the internet and it elimenated the source of the problem. I now do checks every week and somehow the ones I eliminate always come back to haunt me (except Adsrves). Maybe they have a vendetta against me, who knows? Its like trying to remove tar from a tissue.

One I notice that always manages to pass to my system is Gator. Maybe this was just to do with me being the careless clicking machine that I am? I have both the Google Toolbar and Alexas Toolbar and found that Alexas toolbar also puts software into your machine for tracking, I say otherwise.

But anyway, try this SpyBot software, nice one XCandyman for the tip ;)

Terry

Went through search/find using all kinds of "clues" (from properties on the right click of offending sites/links) and came up with a couple (2) folders I had no idea what they were or where they came from... (in my main root directory - not buried) Weird nonsensical names with files that seemed to be unrelated to anything... That and doing a search through the registry found adsrve twice... I think I cured the problem but now I have no idea what the H--- I did or what cured it... I guess I should have taken notes but I'm a four finger typist and only a part time computer nerd...

This might help for those with Windows XP and have had their search engines paralyzed by this "ADSRVE". Try system restore. Simple Directions: 1.Close all programs 2.Click on start menu 3.Click on Programs 4.Click on Accessories 5.Click on System Tools 6.Click on System Restore. Pick a day before troubling download ADSRVE occurrences. Wait for automatic restart of COMPUTER. This should help. If it doesn't you may go back and choose an earlier date.

Yup,

System restore is a good resource but you also lose everything that you have done/downloaded within that time period. It works the same way as Norton Systemworks "Go Back". I recommend only using this tool if really desperate though, but its still handy.

Terry

To prevent spyware from re-entering your system, I would suggest you go to your Control Panel, Internet Options and under the Advanced options, remove the tick on Enable Install on Demand (Internet Explorer and Others).

If you do not need Google Toolbar, you can also untick enable Third Party Browser Extensions.

There are some really great posts on the adaware site, I usually find the answers to my spyware questions there, rather quickly.

Good luck

I had the same problem once before. There are some free spyware that you can download and get this problem solved.

There is a similar Browser hijack from coolwebsearch.com or coolwwwsearch.com and there is a remove tool at SpyChecker.com [spychecker.com ].

I believe there was a thread about that a while back and Spybot and Adaware at that time didn't catch it. I didn't see anything about adsrv.com but if spybot catches it great. It is a good site for spy/ad software removal.