• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 366
  • Last Modified:

Can't get rid of Gator.com in HKEY area

I have Spy Watch (BPS Spyware Remover).  It continues to identify Gator in  the HKEY area (Root and Software), a warning.  I remove them manually from the HKEY area but soon Gator comes right back.  

How the devil can I get Gator to go away.  I have plenty of Adware Software.  Is there a place I can go to delete it manually?  Forever??

Help!

  Dan
0
danhrmr
Asked:
danhrmr
  • 2
  • 2
2 Solutions
 
MikeKaneCommented:
Check for these item in the RUN and RUNONCE keys...
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
"windows"="%system%\hkey.exe"

 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
"windows"="%system%\hkey.exe"

Delete them if you see them then run a Full AD-Aware scan (from www.Lavasoft.com).    That should remove this annoying program.   Make sure you get the latest Adaware SE and update the def file before running the scan.  

Good luck.


0
 
Debsyl99Commented:
Hi
I always use this in conjunction with adaware (make sure to update defs first)
SPybot Search and Destroy
http://www.safer-networking.org/en/index.html

and then clean up any extra entries/stragglers with this
HijackThis 1.98.2
http://www.majorgeeks.com/download3155.html

Run it and save the logfile, copy it and post it here, then click on analyse,
HijackThis log file analysis
http://www.hijackthis.de/index.php?langselect=english

Google for any entries that you're not sure about, or post them here (don't post the entire log file though)

It also really pays to scan first with a good virus scanner that will also detect and delete trojans - if you're running windows xp / Me and the scan detects a virus or trojan, you'll need to disable your system restore and then run it again.
Trend Housecall
http://housecall.trendmicro.com/housecall/start_corp.asp
Panda Activescan

If these still don't delete the problem then ensure that no files or folders or system files are hidden - Tools Menu in a folder - folder options - view menu - ensure that all file types are viewable and apply to all folders.

Then restart in safe mode and run the scans from ad-aware and spybot again,

Deb :))
http://www.pandasoftware.com/activescan/com/activescan_principal.htm



0
 
danhrmrAuthor Commented:
Mike:  Didn't find the items in the HKEY area.  sorry.

Deb:  Ran SpyBot and it worked!  However, I'm giving Mike some points for effort.  
450 to 50.  Thanks!!   Dan.......
0
 
Debsyl99Commented:
Glad to help!
Deb :))
0
 
MikeKaneCommented:
Glad you got that one cleaned - its annoying.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now