BleepingComputer.com: Need Help With Removing Pop Up

Hello....I need to get some help with my computer. I am running Windows Vista...I have PC tools Antivirus installed as an antivirus and I have Windows Defender. I am getting these pop ups with the following address in the bar:

Hotlink removed by Admin

The end of it changes depending on what website I am trying to access at the time....

It is just a blank page and nothing comes up..but sometimes other pop ups come along. I had the Yahoo toolbar installed, but had to uninstall it because it was causing problems at the time. I am unable to download anything such as Spybot S&D, HiJack This, or anything. Every time that I try to download something it keeps telling me that "Your security settings do not allow you to download this file." It doesn't matter what I try to download, I can't download anything to try and clean this up. Another person that I know shared a file with me to help me clean this up, and it told me that I was not allowed to open this file. I am signed on as the Administrator and I know I should be able to download things. This only started happening after my roommate borrowed my computer to surf the web...Please HELP!!!

Thanks,

John

This post has been edited by Papakid: 11 June 2007 - 01:31 PM

1) Keep your roommate away from your computer!
2) Try to download and run AdAware Free from here: http://www.lavasoftusa.com/
3) Try to run it - if it fails, then try the next step:
4) Go to this link and download the AdAware Cloak and follow the instructions to use it: http://www.lavasoftnews.com/theeye/i17/a4.shtml

Let us know if this works and we'll move on from there.

I could not download either of them. A window kept coming up saying

"Your security settings do not allow for this file to be downloaded."

This is the same window I get when trying to download other things to try to get rid of this problem.

Thanks

Can you download on a different computer and move the files over on a flash drive?

Also you can download Rogue Remover install it on the flash drive completely update it, and run off the flash drive. Ad Aware, Ad Aware Cloak and Spybot will also run from a flash drive.

http://www.malwarebytes.org/rogueremover.php

I tried to use a flash drive, but the computer is not picking it up.

Try downloading it on another computer and burning it to a CD to use on your computer (probably won't work, but it's a start).

If that doesn't work, then I'd suggest trying it in Safe Mode, if that doesn't work then I'd suggest going through these links:
http://www.bleepingcomputer.com/forums/forum103.html
http://www.bleepingcomputer.com/forums/forum55.html
http://www.bleepingcomputer.com/forums/forum22.html

Basically what you're trying to do is find a tool that will work on your system and will clean it. The "easiest" way is to run a tool such as Bart PE (free here: http://www.nu2.nu/pebuilder/ ) along with a command line scanner in order to ferret out the worst stuff. Eventually you'll be able to connect to the web and download/use other tools - but until then it's gonna be difficult.

Here's a link to some command line virus scans: http://www.google.com/search?hl=en&q=c...G=Google+Search

I can't download anything...not in safe mode or anything. I burned off that other thing and the computer kept telling me it was a blank disc and it's not. Besides throwing the computer out the window LOL, I don't know what else to do. The computer will not shutdown by itself when I click on shutdown. I have to hardboot it when I need to restart it. I tried to go back to a restore point and it won't even do that. It freezes up everytime I try to do something.

You'll either need another computer to download/copy to - or you can format and reinstall your operating system on your current system. Do you have the restore disks for the computer?

Hi BigJohn07,

Reinstalling may be the best thing for you to do, but before you do that could you try something for me? The cpvfeed is pretty nasty and I haven't dealt with it yet myself but think it can be removed with a special tool. It may have just altered your browser settings and I would like to see if you can change them back long enough to download anything.

Assuming you are using Internet Explorer, click on START> Control Panel > Internet Options. Click on the Security tab then the Custom button. Scroll down to the Downloads section and put a dot next to enable for Automatic prompting for downloads and File download. OK out, then close IE if it's open. Relaunch IE and see if you can download now.

If you are getting blocked by the Information Bar, right click it and allow the download. Be sure to save the download rather than trying to run it first.

Other browsers have similar settings. Another thing to try if you have another browser installed already is to use it to download.

If successful, I would suggest that you immediately click on this link: Preparation Guide For Use Before Posting A Hijackthis Log

Follow the instructions that apply to you and that you are able to perform. The main thing is to get a HijackThis log posted as soon as possible--Ad-Aware and other scanners may not yet have definitions to help with this malware. To start a new topic in the HJT forum click on this link: http://www.bleepingcomputer.com/forums/posthjtlog.html

Let us know how it goes. If you get a log posted, please post back the link here in this thread.

Sory if I wasn't clear, BigJohn07. We keep all HJT logs in their own seperate forum so I've split yours off into it's own topic here: http://www.bleepingcomputer.com/forums/topic95746.html

We do that so you get the best help available from those qualified and experienced in the field and so you don't get dangerous advice as HJT deals with the registry. So please don't post your log in this thread again.

So could you tell me please if you are able to download now or did you already have HJT installed?

I am able to download now...I figured out how to change my security settings to allow for downloads, I got all that fixed, now I'm trying to get rid of this thing that is apparently in my registry and memory. My Spybot S&D keeps telling me that there is something there that it cannot fix.

OK, yes, you have a pretty nasty one there. Unfortunately you'll now need to have some patience with us til someone picks up your log. It won't be a quick and easy fix, moreso because it's Vista and tools we use are in the process of getting updated to be compatible with it.

I'm in the middle of a complicated fix ATM but if no one has picked it up tomorrow I'll give it a shot. But as I mentioned earlier, probably the best thing for you to do is to reformat. You've got a bot backdoor, which means someone else has complete control of your PC and could download and alter just about anything and besides that a sophisticated infection originating out of asia, so at the least you need to keep this computer off the internet as much as possible--if you have access to another computer it would be better to work form it.

Let me know what you want to do as far as reformat goes. Since anything you do to try to fix it, including following good advice that might be posted here, will alter the HJT log and cause confusion for whoever helps you, we close threads like this. You'll get one on one help, so the person helping you needs to know whatever is done to get a sense of cause and effect. And if you reformat there will be no need to work the log, so let me know before I close this thread.

I am not able to reformat. I do not have the discs to reformat this computer. I have learned from speaking with others that not many of these computers that have Vista are coming with discs to reformat or backup your computer. Vistas only backup program will only backup files and some programs that you have on your computer and not the OS itself. I will keep the computer off the internet. I have access to another computer, so I will use that one instead.

Thanks for the advice...I will wait until someone can help me remove this problem.

You're quite welcome for the advice, BigJohn07. I'm relieved to see Jacee has picked up your log, so I know you're in good hands. I'll go ahead and close this thread now.

That may only be temporary as I would like to explore why you can't reformat. I've not kept up with Vista, but I would think there must be some way to re-install it. If there is information on how that is done it might be useful to others to know that. But it would be a good subject for a new thread--we'll wait and see how the log goes.