stupid adware is doing crap to my comp !!!

[compguy786]

Hey guys whats up
i need help, i have this one little thing in my tray area (where the clock is) keeps on blinking and then a message comes up saying there is a system alert- spyware detected, the process i know for this thing is called atmclk.exe, i end it , and automatically comes back, ive also tried deleting it manually, wont work, adware se, spybot arent fixing this problem either
what should i do ?
thanks

 

[LASTGUY2GETPS2]

Update adware scanners, run the scans in safe mode and download something called "Hijack This" and paste the log file here--> http://www.hijackthis.de/

 

[Lemon law]

To computerguy786,

Lastguy's advice is good----but in terms of atmclk.exe---just google it for removal tools.

Nothing wrong with adaware and spybot---but alone they are inadeqate-----you need layers of defenses.

You need----------------and I just list free one here

1. A firewall----------choose wisely--only one can run at a time---I use sygate 5.5--others use zone alarm--or try the new comodo---the sp2 microsoft one is better than nothing but inferior to any prior listed.

2. A good anti-virus program--again choose wisely--only one can run at a time---I use Avast---avg is also good.--also check out trend micro on line free scan.

3. More anti-spyware programs.---spybot is good--but add teatimer--so is adaware---but check out superantispyware. ewido, A2, and some of the free on line scans.--you can have any number of these---and also download cwscredder.--and iespyads of you use internet explorer---you are far safer with firefox, mozilla, or opera.

4. Also very useful are various programs that keep crap from loading or registering---I use spyware blaster---win patrol---process guard. I also run regseeker often to keep my registry clean.

And lastguy is also 100% correct---you have to keep the programs updated with the latest definitions--and scan often---but you can scan in the background and keep surfing.

But don't take my word for it---go to spyware warriors or castle cops to get more advice.--and more complete advice.

But look at it this way---you may have bought and paid for your computer---but if you allow the bad guys to run their software on your computer---they not you own and run your computer.

Won't say I learned this the hard way---but I did buy a fairly modern computer dirt cheap on ebay---one reason I got it so cheap may be that it WAS INFESTED with spyware and viruses--when I first got it it was very slow---after cleaning literally 2000 or so bad guys---it now runs really fast.

 

[Robor]

Ahhh, looks like you've got SpyFalcon. I ran into that ba$tard a while back. Took about 2 hours to remove it and the rest of the garbage that was infested in the system.

This helped me... http://www.spyware-removal-guideline.com/spyfalcon-removal

 

[Stumps]

Damn spyware...I just did a complete reformat to rid my PC of the crap...I tried Windows defender, Xoftspy, spywarebot, and noadware...none worked...so I gave up and reformated...I hate reformating, I got too much crap to put back on

 

[TeeJay1952]

You have a fresh install now so learn how to back it up. I like Nero 7 Back it up.

 

[spikespiegal]

For the nth frikken time, Firewalls won't stop Spyware and Malware from infecting your machine. God people, get a damn clue.

The best defense against this crap is to not use Internet Explorer unless it's locked down without admin rights, don't surf with an account with Admin rights. and stop installing pirated software cracks from the Bittorrent shopping networks.

You can futz around with anti-spyware software all you want, but you'll find most of it ineffective at preventing this from happening.

 

[Markbnj]

For the nth frikken time, Firewalls won't stop Spyware and Malware from infecting your machine. God people, get a damn clue.

That is only partly correct. A firewall won't stop the initial installation of the package delivery tool, which comes off of some web page, or email, or IM, and may exploit a browser weakness, but more often just exploits user stupidity or youth.

Once the intitial package is installed it will almost always connect outbound to a server somewhere to download and execute its adware payload. The people who write the hooks and exploits don't have anything to promote. They get paid to use those entrypoints to get software from other scumbags who _do_ have something to promote installed on as many systems as possible.

A local firewall running on the user's PC will prevent that download by default. A hardware firewall running at the network perimeter will not, because it is set to allow outbound connections by default.

Lastly, it is much easier to clean just the initial package from a system, then to remove all the crap it downloads and installs, so a local firewall does have some value.

 

[Lemon law]

To expand on what markbnj said---a firewall basically monitors the 65,000+ open ports a computer has. Without a firewall, any Tom, Dick, and Harry can just ping your machine
and your computer will swing its doors wide open to their knock on your door. And once they are in, they can read your files, add their own programs and backdoors, and the problem is much worse if you have a static ip address. I have used a firewall for years and the one I have warns me when I am getting port scanned.--which is quite frequently on some days. Mostly its kids playing on my local isp----but my PC sails on undeterred because my firewall just ignores them.

Firewalls can also be tested---Gibson research's shield up is one such place---and I am proud to say my PC rates as stealthed there and at other sites.

But spikespeagle is also correct in saying firewalls don't stop some other means malware has for getting into your computer---thats why you need something like process guard or
win patrol to keep the buggers from installing if they slip past your AV or spyware active scanners. And also what I talking about in having layers of defenses--------and a firewall should be defense layer #1.---------or you will fall victim to every port scan that comes down the pike.

 

[thescreensavers]

Try this


update it

scan

remove

Then do what you want with the trial.

 

[LASTGUY2GETPS2]

Originally posted by: thescreensavers
Try this


update it

scan

remove

Then do what you want with the trial.

Link it to the product page, most people won't open an executable without knowing what it is.

 

[dds14u]

Like some others pointed out, try Opera or Mozilla (Firefox) browsers. If you've ever scanned your computer after browsing with IE, and then scanned it after using Opera, you'll see a difference right away.

 

[thescreensavers]

Originally posted by: LASTGUY2GETPS2

Originally posted by: thescreensavers
Try this


update it

scan

remove

Then do what you want with the trial.

Link it to the product page, most people won't open an executable without knowing what it is.

Its spyware Doctor 3.8 try it and see it may take it out in less then a full system scan

 

[rogue1979]

Browse with Opera 9.

A combination of Ad-Aware SE, Ewido, and Spybot 1.4 updated and ran everyday will keep everything under control.

Currently my OS is Win2K Pro with all of IE stripped completely out, and yes, everything functions correctly (too bad XP won't work like this!). It is very rare that I even find any spyware/malware.

I use Clamwin as an antivirus, not even actively loaded, just scan periodically.

 

[drag]

Once the intitial package is installed it will almost always connect outbound to a server somewhere to download and execute its adware payload. The people who write the hooks and exploits don't have anything to promote. They get paid to use those entrypoints to get software from other scumbags who _do_ have something to promote installed on as many systems as possible.

A local firewall running on the user's PC will prevent that download by default. A hardware firewall running at the network perimeter will not, because it is set to allow outbound connections by default.

Not realy.

If a peice of software has control on your PC it has control. If the firewall is on your PC then its very simple for that PC to open a port on it's own. Or use a port that is almost always open by default.

Probably the only reason spyware and such doesn't do that much is that most people don't run firewalls so it's worthless for the attacker to go through the extra work of programming that so it works. They get plenty of machines without the extra work. Also if your running some oddball firewall product and not the default Microsoft one then it's going to be more difficult for a attacker to predict how to control it.

edit:

Oh this stuff is interesting, this is were I found a link to that PDF.
Freedom to Tinker blog..
http://www.freedom-to-tinker.com/?p=1004

 

[Markbnj]

I didn't say they couldn't turn it off, and since you note that most do not, I'm not sure what you're disagreeing with.

Or use a port that is almost always open by default.

You're thinking of a standard perimeter firewall. First of all, almost any home machine that is behind a perimeter router has all its ports open. The Internet sees the router, which has all its ports closed to inbound connections. The router performs NAT to get packets to the machines inside the perimeter. Any firewall can block ports, but what a tool like Windows firewall also does is block applications. So, unless an attacker disables the firewall it will alert on an attempt by an unknown application to create an outbound connection.

 

[drag]

Well you were basicly saying that firewalls are effective at stopping malware from downloading their payload, but they aren't. It's the malware writers just being very lazy is what makes firewalls effective. They are not a usefull defence.

Once your machine has been rooted then it's not under you control anymore and you can't trust that it ever will be under you control again, at least not without a huge amount of work. It's easier to simply reformat and reinstall and do your best to make sure that it doesn't happen again. You'll save time and effort in the long run.

 

[John]

Originally posted by: thescreensavers

Originally posted by: LASTGUY2GETPS2

Originally posted by: thescreensavers
Try this


update it

scan

remove

Then do what you want with the trial.

Link it to the product page, most people won't open an executable without knowing what it is.

Its spyware Doctor 3.8 try it and see it may take it out in less then a full system scan

Hey thanks for linking to my website. Actually it's version 3.2, but it will allow you to run live update and remove the detections. The current shareware version makes you purchase the program to remove the detections.

 

[Markbnj]

It's the malware writers just being very lazy is what makes firewalls effective. They are not a usefull defence.

Dude, you just like to argue semantics I think . If the malware authors are being "lazy" then personal firewalls are effective, and a useful defense. If they start to work around them then I will change my opinion.

 

[compguy786]

Well, i NEVER use IE, only if i have to, i have no idea how it popped up, it even changed IE homepage, and i cant change it back to w/e, and i always do adware all the time, and i rarely have anything, BUT this one is terrible and nothing will stop it !

 

[Lemon law]

To Computerguy786,

Maybe you missed it---but you can google atmclk.exe and get pages and pages of specific tools to
specifically remove that one bad guy------have you tried that yet?--you may discover that bad guy ain't so tough after all.--you just need the right silver bullet to kill that one bad guy.---even if its made multiple copies of itself.

But one other point to make--even if you are using a non ie browser---unless you close ie in the offline position---ie is still open and listing. And you still need ie to do your windows updates by in large-----so why not just download the beta ie 7 which is more secure.---and then close it in the offline position until you need it to do updates---then put it offline again.

But if someone hit you with a rootkit---it may be time to reformat and reinstall---but you can check on rootkits with a detector like the blackice beta one.

 

[ForumMaster]

Originally posted by: spikespiegal
For the nth frikken time, Firewalls won't stop Spyware and Malware from infecting your machine. God people, get a damn clue.

incorrect. get a clue yourself. ZoneAlarm blocks the initial install of most spyware. i have the security suite and consquentially, i haven't had a single problem since i baught it.

 

[Lemon law]

To Forummaster,

The point spikespiegal may be still partially correct on is that the zone alarm firewall--by itself--may not block all malware---but because it is a security suite---it has all those layered defenses I talked about---with that last layer----process controls preventing the malware that slips by the firewall itself from installing on your computer.

And if the malware can't install itself--that makes it harmless to you and any remaining dentris will just be deleted just like any other temporary file.

And also remember that without some alert and some discription of what is trying to install, you could still fall victim to a piece of malware not yet included in your update files. In the war between the malware writers and those who try to stop them, the bad guys are often a step or two ahead---with the good guys always playing catch up.--which is why its so important to keep your apps updated.

 

[CaptnKirk]

You may have that Extortion/Exploit Spy Falcon, Spy Sherrif, Spy Axe, or one of it's ever evolving derivatives.

I've taken it off of 3 different systems that it was on under different alias'.

SmitRem can find it & kill it.

1) Download to DESKTOP & open file - DO NOT RUN IT YET.

2) Restart your computer in SAFE MODE.

3) In SAFE MODE open the saved SMITREM file & run it there.

4) After restart in normal mode, it should be gone, but you may have to find and pick off the residual debris.
You will also have to re-establish your desktop display, as it likes to hide a startup copy with the picture,
so SmitRem will 'De-Fang' the program by terminating the picture splash.

You hould also have the following FREE Spy Killing software programs on your computer:

A) AdAware

B) SpyBot

C) Avast!
Free Anti-Virus, registration req'd.

D) CounterSpy
Free use for 15 days, will remove anything it finds.

 

[compguy786]

i tried smitrem, it just brings up files and what not, i have everything else, and im getting so many popups too !!!
it sucks
im gonna kill this SOB today with yalls help
thanks guys