One of our machines at work has had the wallpaper hijacked. It's a blank tan page. When you right click in the page, the drop box shows it as a web page. The machine has Bargain Buddy and a URL.Catcher, that no spyware removal tools can fix. I all can find is that explorer.exe was modified, but I can't fix it. Any ideas?
Wallpaper hijacked!
- Thread starter przero
- Start date
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
Also, what antivirus software are you guys using? Brand and version, that would be interesting to know.
Big picture: if the machine has BargainBuddy on it, someone's overdue to be shorn of their Administrator/Power-User status. Make 'em a Restricted User.
Big picture: if the machine has BargainBuddy on it, someone's overdue to be shorn of their Administrator/Power-User status. Make 'em a Restricted User.
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
Nuke the box and reinstall Windows, it'll save you time in the long run. Make sure whoever it was, they never have a Power-User or Administrator-class account again. What antivirus products are you using?
edit: oh, Norton. What version? Can I suggest something different or do you have like a site license for it or something?
edit: oh, Norton. What version? Can I suggest something different or do you have like a site license for it or something?
Google remove bargain buddy and you will find many sources spelling out step by step procedures to remove this adware from your system.
I did. No success yet. They all use the premise of deleting the reg keys and they re-appear. And the URL.Catcher reg keys CANNOT be deleted. There are NO processes running other than normal MS processes.
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
Like I said, blow away the compromised Windows installation. You'd be done by now 
If you want to keep fighting, look in your Windows Services for services with Started status that are related to the malware. Also, I suggest uninstalling Norton for now, and install a 30-day trial version of Kaspersky: http://www.kaspersky.com/trials Based on my de-spywaring episode with my little sister's system, it's better than Norton and even McAfee.
Also, take the drive out of the affected system, put it in a different system as a slave, install Kaspersky and Microsoft AntiSpyware, and scan in the other system where the bugs can't fight back. Use Maximum on the on-access and on-demand scanners in Kaspersky, and click "Configure Updater" and set it to use Extended Databases.
If you want to keep fighting, look in your Windows Services for services with Started status that are related to the malware. Also, I suggest uninstalling Norton for now, and install a 30-day trial version of Kaspersky: http://www.kaspersky.com/trials Based on my de-spywaring episode with my little sister's system, it's better than Norton and even McAfee.
Also, take the drive out of the affected system, put it in a different system as a slave, install Kaspersky and Microsoft AntiSpyware, and scan in the other system where the bugs can't fight back. Use Maximum on the on-access and on-demand scanners in Kaspersky, and click "Configure Updater" and set it to use Extended Databases.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter