approx 2" X 2" window

Discussion in 'Virus Information' started by mak, Jun 20, 2004.

  1. mak

    mak Guest

    I started to have a 2" X 2" window pop up each time I
    connect. This window blinks and when I position my mouse
    on it or in the general area, it's gone, where I don't
    know, and if it is clicked on as my son did, it multiplies
    like crazy, and then vanishes!! again, where, I don't
    know. I would be very greatfull if someone with knowledge
    in regards to this pest, could guild me in the direction
    of the removal of it, and a little insight on just what is
    is and where it might of came from.

    Thank You,

    MAK

    p.s. YOUR KNOWLEDGE AND ASSISTANCE WILL BE VERY MUCH
    APPRICIATED.
     
    mak, Jun 20, 2004
    #1
    1. Advertisements

  2. mak

    taff Guest

    This could be a joke virus of some sort, it could be a program that
    has been inadvertently installed, or it could be a real threat.
    The only way to find out is to run your anti virus program and your
    anti trojan program and see what they say.

    Taff..........



    www.sounds-pa.com | www.thecomputerworkshop.com
     
    taff, Jun 20, 2004
    #2
    1. Advertisements

  3. There are many people who have helped this FAQ improve over time - MVPs and
    newsgroup users. I thank all of you who have made the newsgroups,
    anti-malware websites and dedicated mailing lists into such a wonderful
    resource.

    IMPORTANT: Before trying to remove spyware, download a copy of LSPFIX from
    the URL below - some malware can kill your internet connection when it is
    removed, and this software should get things going for you again:
    http://www.cexx.org/lspfix.htm

    IMPORTANT: After obtaining the software below, make sure you check for
    updates and then run the programmes in safe mode.

    You can go to the link below to check your system for parasites (supplied by
    Doxdesk.com):
    http://inetexplorer.mvps.org/parasite.htm

    Malware removal (beginners guide):

    First, go to Control Panel, add/remove programs. Check for malware entries
    and use the uninstall programs.

    Second, get AdAware. [..Warning: AdAware is now version 6.181. All previous
    versions are NO LONGER SUPPORTED and will not be updated...]

    AdAware is available at www.lavasoft.de. Make sure you check for updates
    every time you use it.

    To be most effective, you must run AdAware while Windows is in safe mode.

    Modern malware uses more than one process, and these processes are
    'co-dependent'. In other words, when one processes detects that the other
    has been shut down, it automatically restarts its sibling, often using a
    different name.

    Disable the ability of suspect processes to start automatically by using
    MSCONFIG (startup tab) before booting into safe mode. Use the information
    at the URL below as a guide:

    http://www2.whidbey.com/djdenham/Uncheck.htm

    Reboot your computer and hold down the F8 key until the boot menu options
    appear. Select 'safe mode'. After you are in safe mode, check to make sure
    the suspect processes did not start up. If they did start up, we are going
    to have to track down *where* they are coming from before going any further.
    An experienced computer technician can use programme such as AutoStart
    Viewer for in-depth diagnosis:
    http://www.diamondcs.com.au/index.php?page=asviewer

    While still in safe mode, and after you have shut down as many malware
    processes as possible, start AdAware. AdAware, when run using default
    settings, simply does not cope with new 'intelligent' malware. Make sure
    'activate in depth scan' is enabled. Select 'use custom scanning options'
    and then click on the 'customize' button. Turn on the following scan
    options - scan within archives, active processes, registry (including deep
    scan), IE favorites and hosts file. You must also turn on the following
    option via the 'tweak' button:

    Cleaning engine: 'automatically try to unregister objects prior to deletion'

    IMPORTANT: Before letting AdAware delete malware, write down on a piece of
    paper exactly where the malware is stored. You will need to delete those
    directories after AdAware has done its work, but ONLY IF IT IS NOT A
    STANDARD WINDOWS DIRECTORY.

    After running AdAware, run it again, this time using the option 'select
    drives/folders to scan'. Click on 'select'. Scan your entire hard drive.
    Also do the following:

    Empty your IE cache and your other temporary file folders, eg:
    c:\windows\temp (if using Windows 98) or C:\Documents and
    Settings\<name>\Local Settings\Temp (the path to your temp folder will
    change depending on your name) - sometimes programmes can be hidden in
    there - watch out for mysterious *.exe files or *.dll files in those
    folders.

    Go to IE Tools, Internet Options, Temporary Internet Files {Settings
    Button}, View Objects, Downloaded Programme Files. Check for unusual objects
    there.

    Go to IE Tools, Internet Options, Accessibility. Make sure there is no
    style sheet chosen (under User Style Sheet - format documents using my style
    sheet). If the option is turned on, turn it OFF.

    It is possible to turn off third party extensions (Enable third-party
    browser extensions (requires restart) at IE tools, internet options,
    advanced) to disable *all* plug-ins but troubleshooting will be difficult
    and it is only a BANDAID. Nothing gets fixed. There is software that
    depends on 'third party browser extensions" to work, including Acrobat,
    Microsoft Money, and many other programmes.

    Once your computer is clean, and if it applies to your operating system,
    create a new restore point. Your old ones may, of course, be infected with
    the malware and therefore cannot be used. Run disk cleanup to remove old
    restore points (if you operating system has this option you will find it on
    the 'more options' tab of the disk cleanup utility).

    If you are still having problems:

    You can go to the link below to check your system for parasites and
    hopefully identify your problem (supplied by Doxdesk.com):

    http://inetexplorer.mvps.org/parasite.htm

    Download and run the latest version of "Cool Web Shredder"
    http://www.merijn.org/files/CWShredder.exe

    The more experienced user can try Spybot. Again, it is a free programme
    which can be downloaded from: http://spybot.eon.net.au/. Warning: it is NOT
    a good programme for the inexperienced. If you want to use this programme,
    please get the advice of those more experienced before 'fixing' anything
    that it finds.

    Another excellent programme that allows you to examine your system and
    *create a results log for experts to examine* is HijackThis, available from:
    http://209.133.47.12/~merijn/files/HijackThis.exe (direct download)

    MS have released a limited KB article regarding what they call 'deceptive
    software'.
    http://support.microsoft.com/default.aspx?scid=kb;EN-US;827315

    Here is advice specific to:

    home page hijackings
    http://inetexplorer.mvps.org/answers.htm#home_page

    pop-up ads
    http://inetexplorer.mvps.org/data/popup.htm

    search engine hijackings
    http://inetexplorer.mvps.org/answers4.htm#search_engine
     
    Sandi - Microsoft MVP, Jun 20, 2004
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.