PDA

View Full Version : WARNING: CleverIEhooker.jeired



txtaz
06-10-2004, 07:18 AM
WARNING:
The internet marketing people are getting more and more clever. Such as CleverIEhooker.jeired. I updated my firewall and didn't realize it would not restart itself. Within a day I had been hit. I have a cable connection and always connected to the net. It took me the better part of the day to remove it.
Here are indications:
Inline ads - Meaning a site you know that does not have ads, such as Donzi.net, all of a sudden have ads that show up above the site in the same browser.
Pop up ads now show up when you have a popup blocker.
Tons of links on your favorites list including porn.
Your browser locks up for no reason, you can shut down the process but the screen does not repaint. You must reboot.
Spybot and HiJackThis finds hundreds of ad programs on your puter and gets rid of all but one, CleverIEhooker.jeired.
You find several directories in the Program Files directory that don't belong
To remove:
CleverIEhokker.jeired installs itself in the directory Program Files\TV Media. You cannot delete this directory as it has installed as a hidden process. I have done the search for fixes and none I have found worked. I restarted my computer in safe mode with command prompt. To do this, when you start the puter press F5 several times while it boots (XP) or F8 for WinX. A menu comes up with options on how to start. This way the puter only starts the necessary drivers for Input/Output. Go to the TV Media directory. For WinX users, use CD C:\program~1\tv media, XP supports long file names in its DOS emmulator so you can type it out. When you are there, DELETE ALL FILES. Don't worry about deleting the directory, XP won't let you just yet. Restart the puter in normal mode. Then delete the directory. I didn't worry about the registry or services entries. Norton WinDoctor finds and deletes them when the files cannot be found. If you don't have Norton System Tools, I suggest getting them. They really help speed up a puter and keep it clean.
I'm not sure how we got this. I suspect there is a bot scanning IP addys and looking for open ports at that addy. With the firewall off, it found one. We now turn off our wireless link when not in use and always make sure the firewall is runnning.
I hope this helps some people.
Wes
Computer Solutions

MOP
06-10-2004, 07:46 AM
Thanks Wes! I run all the goodies also what drives me nuts is why some of the privacy laws already in place do not provide any protection. I think what is needed is a massive mailing to our Representatives to get them off the butts! No matter how you look at this issue it is an invasion of privacy.

Phil

harbormaster
06-10-2004, 09:14 PM
Norton Antivirus Professional 2004 now detects and kills spyware. It found stuff that spybot and adaware missed.

Fish boy
06-10-2004, 11:01 PM
Wes, this info rocks. I noticed about 2 weeks ago that I started getting pop ups on places like Ebay and about half of the sites I visit; most of which never had them before. I have run Spybot several times and found nothing. I knew I had something nefarious on my puter, but had no idea what it was or how to find it. I will give your solution a shot. THanks a bunch,

Fish

Walt. H.
06-11-2004, 12:20 AM
Hi Wes,

I have that same exact dreaded monster in my computer, but i'm leary about trying another fix and screwing it up. Last week I performed AOL's spyware fix and when I was done deleting 34 items of junk spy ware I couldn't get on any web sites, then the following day I couldn't even get on-line. I had to go into systems restore and go back in time just to get the frustrating "Microsoft explorer" spaming pop-up's that take over and jam's this computer up solid on me. All I do is keep rebooting and loosing my work in progress.

I'm a computer dummie that only knows enough to get myself in trouble. Aah **** its here it's starting again! :kaioken: :angryfire

Boy do I need to try something.

Thanks,
Walt :wavey:

Ps, its a good thing I first sent this as an e-mail to myself because i'm posting this here for the second time, first attemp my compu seized.

Walt

Fish boy
06-11-2004, 06:20 AM
I ws wondering how to confirm that I had this booger. Did a search in explorer for the file name- nothing. Then I happened to move the cursor over the task bar at the bottom of the screen that included the DOnzi Registry open browser. A little yellow box info box popped up and guess what it said (see bottom of picture)?

URRRGH!!!!

At least I now know how to confirm whether I ahve the clever bug.

txtaz
06-11-2004, 07:18 AM
Fish, That little yellow box tells you what program that icon belongs to. You were reading my post, then you minimized Explorer. Try reading another post, minimize and then mouse over it again. You will see the little box change.
HM, Thanks for the tip, I'm getting it. Norton products rock.
Fish and Walt, download spybot from www.download.com it's free and finds any spyware on your puter and fixes them. If that doesn't work, email the log file from spybot and I will do the research on how to remove what you have.
Wes

Fish boy
06-11-2004, 07:28 AM
It usually takes me until at least 9:00am to do something really stupid, Guess I am ahead of schedule LOL I did however run spybot a couple of times over the past couple of weeks and found nothing. I have norton prof edition 2003 running right now, I will check the site to see if there are any patches, downloads, etc.. I agree Norton rocks.

Thanks again Wes and HM.

Walt. H.
06-11-2004, 08:23 AM
Wes,

I did down load spybot about a week ago also found something but I would have to purchase their program or coverage for them to continue. Since I have AOL and they have a spyware search and removal program as part of being my provider I tried to remove "spybot" and that has also caused me a problem. Like I said I know enough to screw my system up to in the attempt of trying to fix it.

When AOL spyware did a search a whole lot of items we're found, but when I removed them I also remove the ability to get on to or into any web site on line. :banghead:

Now I know why we shoot these things up instead of selling or just giving them away. :bonk:

Walt :wavey:

txtaz
06-11-2004, 09:15 AM
Walt, You have several issues going on. I use spybot search and detroy written by Patrick M. Kolla and it's free. I just downloaded the latest version 1.3 and runs with no probs. Maybe HM can create a download section for utilities, I would be glad to upload what I have to help others.
Issue one: When you removed your spybot, did you use control panels add and remove programs? If not, reinstall and remove via the control panel. I firmly believe in letting Windows take care of itself, not a programmer. I don't even write uninstall programs for my stuff. Imagine how much effort and work a programmer would put into removing their own program.
Issue two: AOL, you are stuck buddy. AOL replaces the Windows socket layer with their own. You now rely on them to handle everything internet. The socket layer is what programs use to communicate thru ports to the net. I would definately get Norton to do the scanning in this situation.
Lastly, get the latest updates to the Windows version you are using and the latest Internet Explorer update. Many times files get deleted and the updates will write newer files to the correct location and correct the problem.
If you need more help, send me an email. Every one here has helped me out alot and I would like to give back. I think I need a few more years of playing with my Donzi before I can give reasonable help, BUT puters....NOT a problem. :fire:
Hope this helps.
Wes

Walt. H.
06-11-2004, 12:20 PM
Wes,

I do have Norton's protection system and it is checked weekly but that said, it is weekly because every time it reports that all is fine and well. :banghead:
I'm running off to work now so there's no time to fire off an e-mail to you. Tomorrow morning I got to get more deck and porch rebuilding time in before I have to go to a afternoon wedding,ugh! :cussball:
Right now i'm so fed-up with this electronic pain,
I wish I could use it for a boat anchor. :eek: :computer: :fire:

Time for me to :chillpill

Walt :wavey:

Walt. H.
06-17-2004, 01:45 AM
Wes,

Will your technic work for me? Or being that I have AOL as my provider does AOL stand for "ALL-OUT" "OF" "LUCK"

I have to try something because this hi jacked by internet explorer compu is to stressful to mess with. :banghead:

Walt :wavey:

txtaz
06-17-2004, 09:12 AM
Hi Walt,
Your Norton weekly check is for viruses and Windows problems, ie missing files, shortcuts and registry issues.
Run spybot and email the log file to me. I will help get the marketing SPAMWARE off your puter.
Wes

harbormaster
06-17-2004, 09:34 AM
I had Norton 2002 professional and downloaded signature updates every 2 days. It never found any spyware.

YOU HAVE TO GET NORTON 2004 PROFESSIONAL

This is the version that finds spyware.

Also after running spybot, reboot your machine and immediately run it again. This will get anything that is memoery resident that could not be removed previously.

Unfortunately not any one product is enough. You need adaware, spybot and Norton 2004 professional. between the 3 of them you will be covered.

Thats a great idea about a tool downloads page. I will incorporate it in the links page I am currently building.

txtaz
06-17-2004, 10:49 AM
Scot is right, It takes more than one tool to clean and keep a system clean. I would be happy to offer links and system advice to the board. I know it's frustrating for me and I have a degree in CS. I can only imagine how it is for others.
Thanks Scot for adding a download utilities section. Any chance of adding a tech help section as well? I would gladly moderate and support.
Thanks,
Wes

Walt. H.
06-18-2004, 12:24 AM
THANK Wes, i'll get on it right away and send it to ya ASAP. :yes:

Walt

Walt. H.
06-21-2004, 07:46 AM
Wes,

It seems I can only get this info when i'm off line which means I can't put it into a e-mail until i'm on-line to send it. Its a whole bunch of spy ware stuff that has burried itself on/into this computer. When I deleted it all I disabled myself from getting onto any web-sites, so I had to do a systems restore just to write this to you. I guess I should just call AOL and wait on hold for 3-hr's just so they can screw this thing worse then it already is. :banghead:

Walt :wavey:

harbormaster
06-21-2004, 09:01 AM
Walt. Dump AOL. You are paying at least 21 bucks a month for it. You can get a real ISP for about 10-12 dollars. Then if you really like whats on AOL, you can sign up for their "bring your own connectivity" plan which is just 9-10 bucks for unlimited hours.

txtaz
06-21-2004, 09:30 AM
Walt, I agree with HM on the ISP issue. AOL has a bunch of spyware it uses also. Ever wonder why when you delete anything AOL, it comes back eventually? My guess is the spybot is finding the AOL stuff and then you deleted a program that you needed to connect to the web. That is why I wanted the log file, I could tell you which ones to delete. If you can save it to a file, don't use the "fix selected problems" button. Just save it and email to me.
We'll get you up and running.
Wes

Walt. H.
06-21-2004, 11:17 PM
I'm trying i'm trying but this stuff is tougher then trying to color match gel-kote under a florescent light. I agree with the AOL leaves alot to be desired, I just haven't gotten around to switch and now this problem. I have just been to friggen busy rebuilding my rotted ant infested screened in porch with the new add on out door section on my days off and my mornings before work. :smash: Doesn't leave time to boat or any other motor sport. :cussball:

Catcha guys later,
Walt :wavey:

txtaz
06-23-2004, 01:35 PM
I'm trying i'm trying but this stuff is tougher then trying to color match gel-kote under a florescent light. I agree with the AOL leaves alot to be desired, I just haven't gotten around to switch and now this problem. I have just been to friggen busy rebuilding my rotted ant infested screened in porch with the new add on out door section on my days off and my mornings before work. :smash: Doesn't leave time to boat or any other motor sport. :cussball:

Catcha guys later,
Walt :wavey:

Hey Walt, I understand having tons to do....BUT NO TIME TO BOAT?????
Priorities Walt, PRIORITIES!!!!!!!!!! :smash:
LOL, Don't worry about the logfile. Whenever you get time to fix the thing, let me know. I'll be here.

A quick fix could be how my future misses got a new TV, somehow while cleaning the dresser, it fell on the floor. :mad:
Take care,
wes

Walt. H.
06-24-2004, 12:38 AM
Yeah that dirty word in the dictionary "PRIORITIES" :angryfire .
I have to take care of all the small priorities so I can play with the big wet priority thing. :rlol: :boat: :anchor: :garfield:

Speaking of priorities, my daughter is at a sleep-over party at
her girlfriends house so that means my wife and I are lone right now.

See ya! :boggled: :yippie: :smash: :dolphin: :wavey: