Adware from RegistryCleanupXP.com on my computer

[walter4h]

Hello everybody:
I have got a nasty piece of adware from the RegistryCleanupXP.com
A message pops-up every few minutes saying "You registry is damaged, and smth to the effect that it needs urgent attention. Visit RegistryCleanupXP.com

I find it truly amazing that a company, which allegedly sells technical products/services, will be acting in this fashion.
So I went to that site, it is a typical generic traffic generator with a few links and a search window. Not a word who runs it , no contact info.
Somehow it broke through my firewall

Did anybody get this piece of crap on your computer?
Shall I just run some adware app to get rid of it? Or is there a particular file to delete it?

Thx: walter

Here is the text copied from that site.
>>>Registry Clean XpRegistry Cleaners
Registry Fix
Spyware Removal
Free Anti Virus
Free Registry Clean XpAntivirus SoftwareRegistry CleanupRemove Spyware

Travel

* Airline tickets/* Hotels/* Car rental/* Flights/* South Beach Hotels/
Finance
* Free credit report/* Online Payment* Credit Card Application* Car Insurance* Health insurance
Home
Foreclosures* Houses For Sale* Mortgage* People Search* Real Estate Training

Search: [ window (does not say powered by whom) ]
[end]

[zoobie]

S.O.P.
They put a virus in your box and offer to remove it for a price.
It got past your firewall because you d/l'ed and installed it.
First option would be to do a system restore to an earlier time before the software was inserted.
Failing this, what you can do is run adaware from lavasoft. If it doesn't get it out, you can post your scan results in their forums. They'll help you figure out what to remove and possibly add it to their own update files so others won't have to go thru this.

[videobread]

TuneUp Utilities 2007 from tune-up.com is a great program for registry cleanup. I highly recommend it. It does a whole bunch of other stuff. It cost money - not a freebee but really worth the money.

[hech54]

Download something called HiJackThis
Run it as per the instructions and post the log file here:
http://www.hijackthis.de/
It will tell you what to remove BUT BE CAREFUL...you can seriously
bugger your computer.
CCleaner (Crap Cleaner) also works well.
TrendMicro free online scanner:
http://housecall.trendmicro.com/
Spybot - an exellent removal tool
SpywareBlaster - prevention tool.

The list is endless but these should solve your problem.....SHOULD.
As a matter of fact...TRY HiJackThis LAST.

[FulciLives]

If you felt the need to do a registry "clean" then your Windows XP install is "old".

Buck up and re-install WinXP from scratch then re-install all your programs and then your data (which of course you have to save first before doing all this).

You will be happy that you did.

Also make sure to use a decent anti-virus program (check your backup data first before copying over to the new install). I like the freeware version of AVG myself. I have also heard that Trend Micro makes a damn fine anti-virus program.

Freeware AVG website ---> CLICK HERE
Trend Micro ---> CLICK HERE

Please note that the Free AVG product is Anti-Virus only. The Trend Micro product is not free but does Anti-Virus and Anti-Spyware. A good stand alone Anti-Spyware program would be SpyBot Search & Destory.

SpyBot Search & Destroy website ---> CLICK HERE

In fact you might be able to save yourself a whole re-install procedure by just running SpyBot S&D on your current install.

Also please realize that so many websites attempt to "fool" you into downloading stuff to fix this or that when in fact all they do is install malicious shit on your computer. For instance the SpyBot S&D program became so popular (it is the best program for Spyware etc.) that there are a ton of "false" sites using a similar name that again attempt to fool you into downloading their software which really only infects you. It sounds like that website you discovered for registry cleaning was that kind of website.

What happened to the old school "hackers" who fucked with corporation or government websites and left the normal person alone?

As for myself ... I am slowly moving toward Linux in an attempt to get away from all this "garbage". I've got Linux Mint 4.0 codename Daryna and for the few MS Windows programs I need I am using them under Wine (a Linux program that allows one to run some Windows programs). Unfortunately I found a few programs that don't work just "right" under Wine but for those I'm using VirtualBox which is a visualization program which allows running an OS like WinXP "natively" in a Linux window.

- John "FulciLives" Coleman

[walter4h]

Many thanks, guys:
My system restore is disabled, I wasn't using it and so I figured I can as well manage w/o it.
Regarding Spybot S&D, I tried it a few years ago, but, frankly, wasn't impressed with it and switched to Lavasoft, which I did not bother to install again after I reinstalled Windows about a year ago.
As for HijackThis, I tried it, but found it quite useless for me, since t here was no easy way to interpret the results.
I would love to move to Linux, but I am tied up to several important Windows apps, so I guess I would have to live with Windows.
So I reinstall Windows over the weekend. One acquaintance does it every 3 months on average. So far I have been doing it every year.
Thanks again: walter

[zoobie]

now you can enable system restore...the best feature on the whole OS
ha ha

[wtsinnc]

Hello. If you haven't yet begun reinstalling Windows, try this:
(1) Download this: http://wiki.castlecops.com/Online_antivirus_scans
This page contains links to numerous free antivirus and antispyware scanners.
(2) Install and update the definitions for A-Squared Free. This will scan for and
remove many types of malware, including rootkits.
(3) Also try Eset Antivirus and F-Secure Antivirus.
(4) Prior to scanning, disable system restore, as it can replicate malware which has
been detected and removed.
-To turn off system restore: control panel/performance and maintenance/system/system restore/turn off system restore.
(5) If you are able to delete or quarantine the malware, reboot and turn system
restore back on.
(6) If the malware returns, repeat the process using safe mode with networking.
-Good luck !

[hech54]

As for HijackThis, I tried it, but found it quite useless for me, since t here was no easy way to interpret the results.

There is now. My original post points to an automated site with instant answers.

[redwudz]

My brother-in-law downloaded the same sort of problem with his week-old Vista computer after that popup. I tried to direct him with some fixes, but he's not computer literate and he's three states away. He finally hauled it back to where he bought it and they did a reformat/reinstall of the system for a small cost.

I'd like to see companies that do that kind of fraudulent business sued off the internet.

I was surprised Vista even let it through in the first place, but I don't know if he was running anything except the useless Vista firewall and Windows Defender.

[lordsmurf]

Many thanks, guys:
My system restore is disabled, I wasn't using it and so I figured I can as well manage w/o it.
Regarding Spybot S&D, I tried it a few years ago, but, frankly, wasn't impressed with it and switched to Lavasoft, which I did not bother to install again after I reinstalled Windows about a year ago.
As for HijackThis, I tried it, but found it quite useless for me, since t here was no easy way to interpret the results. I would love to move to Linux, but I am tied up to several important Windows apps, so I guess I would have to live with Windows. So I reinstall Windows over the weekend. One acquaintance does it every 3 months on average. So far I have been doing it every year. Thanks again: walter

Horsefeathers.

Spybot S&D works great. Winpatrol keeps guard too.
CCleaner removes junk from registry.
AVG Free is a good anto-virus to keep you safe.
All of that stuff is free. F-R-E-E. (Donations appreciated.)

#1 item is common sense: DO NOT INSTALL UNKNOWN SOFTWARE!

Reinstalling Windows is ridiculous except in extreme cases.
Doing it every 3 months is a clear case of user error.

moving to Linux solves nothing. It just moves to Linux, problems and all (most of which tend to be keyboard/chair interface issues, in my experience).

[hech54]

Reinstalling Windows is ridiculous except in extreme cases.

[Poppa_Meth]

I can't comment too much on Spybot anymore. It really just isn't what it use to be. It's still a decent scanner but there are better ones out there. I've been using the free version of SuperAntiSpyware for a while now. It one of the least intrusive ones I've found and does an extremely good job of cleaning up some of the harder to get rid of spyware.