I think I down loaded a nasty one. Every now and then my computer fires up this ghost voice ad that I can't stop or click away. I've tried malware bytes, and others and they can't stop it. I know I can't be the only one but google searches have come up with nothing. The thing that pisses me off the most that these ads are from reputable businesses like trident and amazon that I never thought would resort to this kind of crappy advertisement.

Any help would be appreciated.

This is why I reinstall windows twice a year regardless of running tight security.

Here's some self-help info:



Start > Run > type "msconfig" and press Enter
From the "Startup" tab, uncheck everything (you can always re-check them). These are the programs that are set to start up with your computer via the registry.
Close the Microsoft Startup Configuration Utility window and select "Restart" to apply changes.
Navigate to Start > All Programs (XP) or Start > Programs (Vista, Win 7) and look for unwanted programs that might have put shortcuts in this folder. Delete unwanted shortcuts in this folder to prevent these programs from starting upon login.
Navigate to Add & Remove Programs (XP) or Programs and Features (Vista, Win 7) and remove unwanted programs.
Download and install Spybot Search and Destroy and install everything (The TeaTimer is excellent). Update the program and then restart your computer. Press F8 when it's booting and you will be presented with the Boot Loader. Select "Safe Mode" using the arrow keys and press Enter. Login as Administrator and launch Spybot. Run the application to clean your computer. Reboot.
If the ads persist, navigate to Start > Run > type "regedit" and hit Enter. From within the Registry Editor navigate to HKey Local Machine > Software > Microsoft > Windows > Current Version > Run and then press Alt+Print Screen and paste a picture of the window and post it back here, I will help you troubleshoot from there.


PM me for further assistance.

Do you have a browser or any other program open when this happens? Do you see anything suspicious in the task manager? I would try closing nonessential processes when it happens to see if you can pick out one that's causing it. Did you install any new programs recently? If you're getting legit ads, it's possible something came packaged with some BS adware.

This is why I reinstall windows twice a year regardless of running tight security.
I need to do that asap, but I've never done it before. Can you point me to any good resources on doing it? Does it delete all your regular files too, or is there a way to reinstall without wiping your harddrive? Any help appreciated.

He prob has an EXTERNAL HARDRIVE or he portions his hardrive...meh.

I need to do that asap, but I've never done it before. Can you point me to any good resources on doing it? Does it delete all your regular files too, or is there a way to reinstall without wiping your harddrive? Any help appreciated.


If I remember correctly, you're running Vista, right? Or was it XP? Might I suggest that if you do go down a re-install route that you put on Win7?

You know I'll walk you through the process, man.

Hey brandon...what's the best antivirus out there?

I need to do that asap, but I've never done it before. Can you point me to any good resources on doing it? Does it delete all your regular files too, or is there a way to reinstall without wiping your harddrive? Any help appreciated.

External hard-drive needed if you want to keep stuff, Windows disk required. You familiar with changing the boot order of the devices in your PC?

Yes, the point of re-installing is to "wipe" your system clean and start over. It goes like this:

1) Copy files and folders off of slow computer.

2) Make list of programs you want to re-install, Find re-installation media and product keys for programs, Make list of drivers and find installs for those.

3) Re-install OS, choosing fresh install and formatting HDD during process.

4) Update Drivers, re-install programs

5) Copy files and folders back to locations.

Voila, you're back to a clean slate. But the downside is your back to a clean slate! Now you have to spend the next two years or whatever getting back to where you were and satisfied with how it operates. It's a trade-off, really.


The Windows registry just gets REALLY slow and fragmented over time, and things get installed that you forget about and clog up threads. It can really help someone who isn't an expert at "tune-ups" to re-install every once in a while. I've been running the same Win 7 install for about two to three years and my XP install before that was around 5-6. But before I got a handle on maintaining it well, it was re-install city for around 2-3 years every other month because of new shit I was trying all the time. Best way to learn, really...

Hey brandon...what's the best antivirus out there?


Corporate - Trend Micro, they started this biz.

Home Use - Microsoft Security Essentials (http://www.microsoft.com/security_essentials/), no shit.

The thing with home use anti-virus is that they are EXTREMELY resource intensive. At home you want a lightweight program that will stop viruses as soon as possible, and that's Microsoft Security Essentials. I haven't found a better lightweight AV package for home use yet.


Now, some people will swear up and down with products like Kaspersky (http://usa.kaspersky.com/)and Symantec Norton Products or Macafee, but I think they are all SHIT!

No, give me a small footprint and protect me, that's it. I don't want to have to MANAGE a software package at home, it just gets in my way.

The best AV though, to be honest and really fucking corny, is you. Don't click on bullshit links, open dumb emails or download stupid torrents. To tell you the truth, I don't even run an anti-virus.

The best AV though, to be honest and really fucking corny, is you. Don't click on bullshit links, open dumb emails or download stupid torrents. To tell you the truth, I don't even run an anti-virus.

Yep I haven't ran Anti Virus for years. No system is ever 100% secure so you have to assume you're always compromised and store your data in logical ways to minimize damage if you ever truly do end up being hacked.

Shit it's free? What's the catch?

http://www.pollsb.com/photos/o/4994-oh_no_evil_empire_strikes_again.jpg

The best AV though, to be honest and really fucking corny, is you. Don't click on bullshit links, open dumb emails or download stupid torrents. To tell you the truth, I don't even run an anti-virus.

The world's safest computer is one that is turned off and locked away in a closet.

No shit, I have a brother-in-law who is soooo paranoid to screw his computer up he unplugs it from the Internet whenever he leaves the room. I keep trying to get him committed but the fucker manages my stocks so well it's hard to!

I'm being TOTALLY serious here. 100%

You are so random. Have him committed...:D

Avira Antivirus is the best free AV currently out there, IMO. Just do a very minor file permissions mod to disable the annoying "Go Pro Today!" pop-up that appears every time you reboot, and you're good to go. Very small system footprint, and highly-rated engine that catches more than most AV packages out there. And, as I mentioned, free for home use. :)

I had a virus/malware on my work PC about a year ago and the corporate Trendmicro officescan would not detect it, neither would the corporate Norton or any of the top 5 antivirus scanner I had downloaded from download.com. What did help me was hitman pro, which is a tool I had found about on a dutch site called tweakers.net.
You can try it here and see if it detects your virus/malware:
http://www.surfright.nl/en/hitmanpro

One of the differences of the tool is that they upload the malicious file and have the "cloud" scan it for you.

I had a virus/malware on my work PC about a year ago and the corporate Trendmicro officescan would not detect it, neither would the corporate Norton or any of the top 5 antivirus scanner I had downloaded from download.com. What did help me was hitman pro, which is a tool I had found about on a dutch site called tweakers.net.
You can try it here and see if it detects your virus/malware:
http://www.surfright.nl/en/hitmanpro

One of the differences of the tool is that they upload the malicious file and have the "cloud" scan it for you.

Wait a minute, you're suggesting that users install a program which takes a "suspected" file (using a heuristic scan, i imagine) and watch as it uploads to a cloud repository of scan servers?

What if the heuristic scan gets it wrong and you upload an encrypted bank account spreadsheet or some other personal information? Now you've got your files sitting on some Dutch server? No thank you....

I'm sorry Trend Micro Office Scan didn't find the virus for you, because there isn't another company that keeps up to date with their virus definitions like Trend. The simple fact is that as quick as companies like Trend and Symantec can put out anti-virus definitions, some little bitch can write more and release them into the wild. The chance of "Hitman Pro" actually knowing about more viruses than Trend is ludicrous, however, and I'd put my money on them any day of the week.

I don't understand how people get viruses... I guess it's similar to people who don't know how to change a car tire or jump the battery...

Wait a minute, you're suggesting that users install a program which takes a "suspected" file (using a heuristic scan, i imagine) and watch as it uploads to a cloud repository of scan servers?

What if the heuristic scan gets it wrong and you upload an encrypted bank account spreadsheet or some other personal information? Now you've got your files sitting on some Dutch server? No thank you....

I'm sorry Trend Micro Office Scan didn't find the virus for you, because there isn't another company that keeps up to date with their virus definitions like Trend. The simple fact is that as quick as companies like Trend and Symantec can put out anti-virus definitions, some little bitch can write more and release them into the wild. The chance of "Hitman Pro" actually knowing about more viruses than Trend is ludicrous, however, and I'd put my money on them any day of the week.


Removed assinine comment that I had put here earlier, trying to stop being an ahole ;)
Hitman pro works for me, but your concerns seem valid.

Removed assinine comment that I had put here earlier, trying to stop being an ahole ;)
Hitman pro works for me, but your concerns seem valid.


I can't fault a man for that.

Good on you, mate!

I don't understand how people get viruses... I guess it's similar to people who don't know how to change a car tire or jump the battery...

If you run IE7 and XP, you can load up your PC with viruses simply by visiting the wrong website. I personally witnesses one previously clean machine hit knowyourmeme-dot-com (don't go there) and within seconds be infested with a rootkit and some spyware that proceeded to generate non-stop pop-ups, network messaging, and download Lord knows what else. And it didn't require anything except going to the site and letting it load.

As I recall, even Google Adsense has let in some fairly egregious, trick-scripting ads, especially that one that comes up saying "Your system is infected! Let us run the scan for you" or something like that, and has the OK/Cancel dialog that keeps respawning when you try to close out of the page. It's nasty out there.

Use Firefox. :)

NoScript ftw.

Well I have a massive virus on the work laptop that I have been trying to clean for 6+ months. This idiot at work clicked on a shitty email that she had no reason to that then installed this biatch of a route kit. I have tried all the virus scanners available to man and still it comes back. My next move is to try one of them boot disks that boot to Linux and then scan the drive. If that fails then it's take the hard drive out time then slave it and attach it to my home PC, something I am scared of with this bugger of a virus.

Meusli, see post #3, and if that doesn't work, post #10.

Meusli, see post #3, and if that doesn't work, post #10.

Cheers Brandon, but, there is always a but!


I love spybot and have used it for years apart from that time it messed up IE. As for the registry I will try to upload it for you, the internet lasts 2 mins before it's booted off. :/

The other but is that it was setup with a database that links up to our small sever which I have no access to. This program would be wiped if I did a wipe and restart (it's very tempting though). I want to try and save the laptop so we don't have to pay to have this database re-setup.

Cheers Brandon, but, there is always a but!


I love spybot and have used it for years apart from that time it messed up IE. As for the registry I will try to upload it for you, the internet lasts 2 mins before it's booted off. :/

Take a screenshot of it and transfer it to a flash drive, there is no reason to use the internet for that portion.

here we go sorry for size;

http://img833.imageshack.us/img833/1544/96875339.png

Sorry but I am not even going to try and put a memory stick in there, it will jump onto it won't it?

As you can see I have a few programs still on there from the attempts, also note the time which constantly reverts back to the earliest time of man!

ESET antivirus has failed you...and so has malwarebytes.

Also winsockfix and dial a fix work for about 5 mins before the route kit downloads the next lovely package of maleware.

ESET antivirus has failed you...and so has malwarebytes.

Trend micro, avast, spybot, avg and avg rootkit all failed me.

In the past when I've fixed other peoples sytems I used a boot disk loaded with programs. I forget the name of it and therefore cannot link to it, I apparently got rid of my disc too, hopefully someone else can. Then again actually using it is a whole nother issue.

I just DELETE FUCKING EVERYTHING too bad you need that data hopefully somebody more qualified and PC experienced can help you.

Well I think deleteing everything will not work as I belive it will upload itself to the memory then re-write itself once it's finished. This is the mother of all viruses that I have been fighting the good fight with for ages.

Did you try combofix.exe? Check Major Geeks' Malware Removal Guide (http://forums.majorgeeks.com/showthread.php?t=35407) for more info.

I am at home now so will have to try it tomorrow, looks like quite the list so it will take time. Sorry WileE.Coyte for the massive thread hijack!

Combofix should do the trick. And yes--that Malware Removal Guide that Emab linked is a miracle worker--gets rid of all of even the most stubborn rootkits I've encountered.

Combofix should do the trick. And yes--that Malware Removal Guide that Emab linked is a miracle worker--gets rid of all of even the most stubborn rootkits I've encountered.Around my house we call the Major Geeks' guide Mrs. Emab's "oops again" repair kit. ;)

Yeah I don't even have an XP disc, just a partition on the drive with the info needed to wipe and reset the drive or w/e.

I can keep my system pretty fast with disabling shit, but something's gone a bit haywire now. Explorer can no longer explore. Opening any folder now stalls explorer.exe. But, if I use explorer through any program, it works just fine. Don't ask how I discovered that :P

I've taken to using programs to open the stuff I'm looking for, but it's obviously quite annoying. I went to use the system file checker, but, again, I lack an XP disc, and it turns out the SFC doesn't even run. Not a good sign.

So, yeah, need to reinstall. Might go the Win7 route, but I doubt it, as I plan to get a new system soon. Maybe even in January, dunno.

I have an external drive, can/have been backing up the stuff I really need.

I can keep my system pretty fast with disabling shit, but something's gone a bit haywire now. Explorer can no longer explore. Opening any folder now stalls explorer.exe. But, if I use explorer through any program, it works just fine. Don't ask how I discovered that :P

Make sure you don't have any shortcuts to remote network folders on your desktop. XP is stupid and will bring everything to a stand-still while it tries to refresh a network shortcut that may or may not be available. And if it's NOT available, then you have to sit through the entire stupid 30 second timeout period before it will "release" your desktop again. Garbage design decision.

No, I don't believe there's any such links on my desktop. What would constitute a remote network anyway? I'm not even sure how you'd get one of those. Only links on my d'top are to files and folders on my system.

No, I don't believe there's any such links on my desktop. What would constitute a remote network anyway?

Any shortcut that either points to a resource on a mapped network drive (e.g. Drive S: where S: is mapped to "\\usahscs100\Shared") or directly to a network resource (e.g. the file or folder shortcut itself points to "\\usahscs\Shared" or "\\usahscs\Shared\Spreadsheet.xlsx").

The reason I mentioned it is because I ran into the exact same problem you're describing (long delays when using Explorer), and the root cause of mine ended up being network shortcuts on my desktop. Deleting them and/or moving them to the Network Places window fixed it for me.

Meusli, do any of the anti-virus products identify the malware? Usually Trend will have a very good guide on removing a specific virus from your computer on their website if you could only identify it.

Anenome, Start > Run > type "cmd" and hit Enter, Within the Command Prompt window type "net use" and hit Enter. Are any locations listed as using a network map drive? Use MSCONFIG to remove any startup entries and see if that helps, k?

Yeah, I think it might be time to re-install Meusli....

Any shortcut that either points to a resource on a mapped network drive (e.g. Drive S: where S: is mapped to "\\usahscs100\Shared") or directly to a network resource (e.g. the file or folder shortcut itself points to "\\usahscs\Shared" or "\\usahscs\Shared\Spreadsheet.xlsx").

The reason I mentioned it is because I ran into the exact same problem you're describing (long delays when using Explorer), and the root cause of mine ended up being network shortcuts on my desktop. Deleting them and/or moving them to the Network Places window fixed it for me.
Hmm, okay, yeah actually I did recently put a link to shared documents on my desktop >_>

I've just now deleted it, but I'm not yet at a place in my day where I have the time to test it and suffer through a reboot and re-setup :P Will let you know, and I hope you've nailed if. If so, hallelujah ;)


Anenome, Start > Run > type "cmd" and hit Enter, Within the Command Prompt window type "net use" and hit Enter. Are any locations listed as using a network map drive? Use MSCONFIG to remove any startup entries and see if that helps, k?
K, ran it, says "no entries in the list". However, I ran it after I deleted the "shared documents shortcut", don't know if that would affect it.

Thanks for the help guys :)

I don't understand how people get viruses... I guess it's similar to people who don't know how to change a car tire or jump the battery...

Thanks for the replies I'm trying some fixes soon and you guessed it. I'm computer illiterate, but know worries there are a lot helpless people out there that give me the giggles:). I don't even spend a lot of time on this thing but when I do I like to be hassle free.

Yeah, I think it might be time to re-install Meusli....

I think so, I have tried the recovery disks and they did not work either. Also the disks and virus programs only find the viruses that the root kit installs but not the route kit itself. This thing is the worst I have ever seen.

Yeah, I don't even fight with viruses or malware anymore. I just re-install if they become infected.

I think so, I have tried the recovery disks and they did not work either. Also the disks and virus programs only find the viruses that the root kit installs but not the route kit itself. This thing is the worst I have ever seen.

So you tried the MajorGeeks "How to clean an XP PC" and ran combofix.exe, and it STILL didn't fix it? Man, that's a borked system you've got there.

Hehehe you said borked. I'm gonna try to clean my old xp computer but everytime I run my xp boot disk it is still slow...do I need to run my xp boot disk home edition or office edition does it make a difference?

Hehehe you said borked. I'm gonna try to clean my old xp computer but everytime I run my xp boot disk it is still slow...do I need to run my xp boot disk home edition or office edition does it make a difference?

Windows 7 Netbook Edition could be your best friend, if you have access to it. (My company pays for me to have a full MSDN subscription, so I get any version I want for free. :) ) Runs great even on my old P4 1.5ghz with 512MB RAM.

Just how old is it?

Some people know about "msconfig", but the real power is in "services.msc". You can prune back unecessary startup programs and services and keep a computer zippy. But, you still have to know what you're doing reasonably enough.

Yeah, I don't even fight with viruses or malware anymore. I just re-install if they become infected.

Exactly what I do too.

Windows 7 Netbook Edition could be your best friend, if you have access to it. (My company pays for me to have a full MSDN subscription, so I get any version I want for free. :) ) Runs great even on my old P4 1.5ghz with 512MB RAM.

Naw my old pc can't even run vista.

Naw my old pc can't even run vista.

That's because Vista is complete and utter resource-hogging garbage. Trust me--Win7 can pretty much run on anything XP does, and is just as snappy doing so. Only thing I've seen is, you have to have at LEAST 512MB RAM, although 1GB makes it run MUCH better.

This one (http://store.microsoft.com/Help/ISO-Tool)? If it's so safe I might as well upgrade my vista pc no?

This one (http://store.microsoft.com/Help/ISO-Tool)? If it's so safe I might as well upgrade my vista pc no?

I was actually talking about this one.

http://store.microsoft.com/microsoft/Windows-7-for-netbooks/product/8577EB79

The Netbook Edition strips out alot of the big features (Media Center, Aero, etc.), although if you get the Premium or Ultimate editions of the Netbook edition, you can still choose to download and install those later.

http://store.microsoft.com/microsoft/Windows-7-Home-Premium/product/7ADA0BF6
200 rawdars? Fuck no. :(

http://store.microsoft.com/microsoft/Windows-7-Home-Premium/product/7ADA0BF6
200 rawdars? Fuck no. :(

Like I said, it's nice when your company pays for your MSDN sub so that you don't have to worry about actually BUYING MS installs yourself.