Removing "Gator" Grrr

Mize

Mize

3dfx Fan
Legend
So the wife downloaded and installed a "pretty screensaver" from MSN that installed a boatload of Claria/Gator crap. I uninstalled and ran Ad-aware to remove any remnants, but I still get a "resource.dll couldn't load please be sure Gator is installed correctly" warning at login and then 4 registry entries wind up installed again.

Anyone know how to completely remove this?

Guess it's time for a non-administrator account for the wife!
 
Mize said:
Anyone know how to completely remove this?
Click to expand...
A shotgun can be quite effective.
yep.gif
 
The ActiveX installer is probably in "windows\downloaded program files" folder. Look for it and delete it. Run AdAware or PestPatrol to kill the rest of the junk it installed and you should be fine.
 
_xxx_ said:
The ActiveX installer is probably in "windows\downloaded program files" folder. Look for it and delete it. Run AdAware or PestPatrol to kill the rest of the junk it installed and you should be fine.
Click to expand...

Nothing Claria or Gator in that directory...
Crucial cpcScan
3 instances of JRE (java)
Shockwave Flash Object
&
WebSpyWareKiller Class

I ran Adaware to kill it but each reboot seems to install registry entires again.
 
What's that WebSpywareKiller? Something you know? These thingies often use false names.

There are not many places where it can be. Look in all the temp dirs, especially those in users' dirs. Look in the registry under HKLM_LocalMachine\software\microsoft\windows\current Version\run, there might be some entry there. Look what's running in the Task Manager. Look in all the autostart folders.

If that all fails, search for a tool called ProcessView, it'll show you all currently loaded processes, even the hidden ones and then you can search for the according exe's/dll's/whatever.
 
_xxx_ said:
What's that WebSpywareKiller? Something you know? These thingies often use false names.

There are not many places where it can be. Look in all the temp dirs, especially those in users' dirs. Look in the registry under HKLM_LocalMachine\software\microsoft\windows\current Version\run, there might be some entry there. Look what's running in the Task Manager. Look in all the autostart folders.

If that all fails, search for a tool called ProcessView, it'll show you all currently loaded processes, even the hidden ones and then you can search for the according exe's/dll's/whatever.
Click to expand...

I think I found it where you pointed me in the registry! BO1HelperStartUp which points to a "butterfly" directory and it was a butterfly screen saver.

Thanks.
 
i was just going to give you that advice.....you can find all the crap in that registry key....viruses also (if u got them), i usually check the that key from time to time and remove anything i dont like to see there ;)
 
DiGuru said:
Mize said:
digitalwanderer said:
Mize said:
Anyone know how to completely remove this?
Click to expand...
A shotgun can be quite effective.
yep.gif
Click to expand...

I'm only about 6 weeks from a clean install too. Dangnabbit!
Click to expand...

Multiple partitions / harddisks and Ghost images are totally cool for things like that.
Click to expand...

Yes and no. I have a ton of software installed but change hardware often. So I guess I could ghost with software an generic drivers...?
 
My suggestions . Do msconfig shut off any programs you don't know , restart , then run your adware and what not . Should get rid of most of it
 
I always ghost a clean win install with none but the most essential drivers and apps like office, photoshop etc. so when I restore, all I need to do is install drivers. It works as long as you have the same mobo.
 
Mize said:
Yes and no. I have a ton of software installed but change hardware often. So I guess I could ghost with software an generic drivers...?
Click to expand...

Something like Wise allows you to repackage a setup. It makes two scans of your harddisk and the registry, and all changes are (smartly) assembled into an executable. That way, you can run a setup capture of the whole installation / customization process (as long as the resulting file still fits a DVD :D ). After a fresh install / reload of the Ghost image, you insert the DVD, double-click the executable, have a cup of coffee and all your applications are installed the way you want them. And it is upward-compatible, so a new version of Windows or a new service-pack won't break it.

Btw, for the image you can use sysprep, to decouple the hardware from your image, but you might need to stick to the same brand of chipset to make it work.
 
Check out autoruns form sysinternals.
But be careful before removing something! There's lot of stuff going on behind your back even without spyware.
 
I use a combination of Adaware, Norton or NOD32, procexp and Hijackthis. There's nothing the group hasn't been able to find.
 
Use spybot. It s free and very effective. Use the option to make a clean at next restart then use the vaccination function.
 
PatrickL said:
Use spybot. It s free and very effective. Use the option to make a clean at next restart then use the vaccination function.
Click to expand...
No, use MS AntiSpyware. Leave it installed and let it auto-scan and auto-update to avoid getting infected in the first place.

Should be standard fare on any relatives/friends PC's from now on, IMO. :)
 
PatrickL said:
MS and antispyware does not compute in my mind. I already us XP-antispy to remove most of the MS crap :)
Click to expand...


LOL....ya, somehow i stopped having spyware problems after i stopped using M$ products....

best M$ Anti-Spyware == uninstall ;)
 
You must log in or register to reply here.

Similar threads

D
Windows startup problem
Replies
2
Views
2K
Druga Runda
D
Back
Top