Trojan.AdRotator!!!!!!!!!!!!
Miscellaneous Forums/General Help/Trojan.AdRotator!!!!!!!!!!!!
| ||
| My computer has been attacked by a Trojan Adrotator bot thingy. It is playing all sorts of radio ads etc on my vista machine. the virus has turned off Microsoft Security Essentials and killed out my Windows Defender. How do I get rid of this thing???? |
| ||
| I'm sure better suggestions will follow, but: -- boot into safe mode and run MSE manually? -- boot into a Linux live distribution with antivirus/repair software installed? (here are some) Last edited 11 months ago |
| ||
| boot into safe mode and run MSE manually? Cant do that, The services for MSE have been removed. |
| ||
| Can you download third party antivirus software? try using MalwareByte's Anti-Malware. If you can't download stuff directly to your computer, try using another computer and put on a mobile drive like a pendisk or portable HD and transfer to the infected machine. Also try online scanners such as F-Secure's: http://www.f-secure.com/en/web/labs_global/removal/online-scanner If the trojan has disabled .EXE associations (happened to me before), you won't be able to run any executables. If this is the case, you can use the MS-DOS shell to run the antivirus executable. After everything is clean, do a system restore to a secure date you're sure it's before this infection. This should restore associations etc. Last edited 11 months ago |
| ||
| Get Hiren's Boot CD. Burn it to a CD, boot the CD, run anti-virus from there. |
| ||
| I have completely removed MSE because it is corrupted anyway and am installing Panda Cloud Antivirus software now. :D EDIT: scanned it and no dice. I still hear these horrible radio and ads from my speakers. :( Last edited 11 months ago |
| ||
| http://www.google.com/search?q=adrotator%20removal%20instructions ? |
| ||
| turn off speakers should solve your problem |
| ||
| www.2-spyware.com/remove-adrotator.htm GfK: that first result doesn't work, there are no registry entries for this. :'( |
| ||
| The second link is to a Spybot S&D forum topic. Given that it's several years old, it's probably a good bet to try using that program to remove this problem. |
| ||
| Virus scanner doesn't pick it up. Every single time I go online, I hear these horrible radio ads!!!! :P |
| ||
| S&D not being a virus scanner, I guess that means you didn't even try the suggested program that has a linked page where the author talks about this. |
| ||
| S&D not being a virus scanner, I guess that means you didn't even try the suggested program that has a linked page where the author talks about this. Spybot - Search & Destroy©® 1.6.2 did not work. :( |
| ||
| Use F-Secure's scan... It's on my post (#4). |
| ||
| I personally use Avast Free Edition. You can also try that. Last edited 11 months ago |
| ||
| F-Secure's scan no dice. :( EDIT: I hate hackers!!!! Last edited 11 months ago |
| ||
| Not sure what happened but my laptop crashed, restarted and now my problem appears to be solved. ?!?!?!!??? |
| ||
| EDIT: I hate hackers!!!! Hackers do not cause any kind of damage to any computer, hackers acquire information. Crackers damage PCs, install malware, spyware, or viruses. I can't blame you for not knowing the difference. It's a sad thing that hackers are always blamed (the good guys) when it's really crackers (the bad guys). |
| ||
| Most of the time it's not the "crackers" fault that you get an adware/trojan-infestation. Most time it is just visiting adult/warez-sites or blind-installing tools found on the net which are wonder-tools or normally pay-ware. If Spybot SD is not able to clean (or just does not recognize) there is also AdAware - Both should be able to clean "adware"-malware. In your case it is an infection of your system which should be cleanable by most AVtools from a clean USB/opticalMedium-Boot. Don't think you are getting targeted by a foreign superspy :D. But the problem is: one trojan file wont came alone. Most time you get multiple and some of them are reinstalling the others if they get caught. As you won't be able to 100% guarantee that there is no suspicious left over ... backup your files (you know: documents, your very important sourcecode files). Don't backup Application-Binaries/module/addonfiles nor backup Browser-Extensions. Reinstall the OS of your choice, update it to the end, install networking, install browser of your choice, install up-to-date drivers, install AV-tool of choice, install rest, play back backup files (and enjoy now having a nice backup of your work). Do not reject reinstalling your OS except you were able to guarantee your OS to be clean and not toolbar/adware/bla-infected. If you dare: install a linux distribution for surfing/development ... mint,xubuntu and co are nice and clean. In a VirtualBox-Windows-Environment you can test your Windows-Apps. Use a DualBoot-Windows-Installation just for testing YOUR apps in 100% native environment - may be ok for playing RETAIL games (without copy-protection-tools to get installed). bye Ron PS: dunno how people infect their Windows... last one I had was w32.blaster from 2003 - and this because of the OS-bug they used. |
| ||
| visiting adult/warez-sites yea, I dont do that. :P |