ID:188348
 
I can't get rid of it! Shortly after I got on the computer yesterday afternoon (my younger brother was playing prior), I got bombed with ad windows. Right around 150 of them before the Close Group function kicked in, then I had to keep doing that for about five minutes. I ran an Ad-Aware scan, it found about 400 new objects (It's found absolutely zero ever since I've had it), and that stopped the ad window bombing, but now I'm getting a new ad or install-on-demand window every five minutes. I ran Norton, it found about 40 malware/adware objects, deleted most of em, I edited the rest out of the registry and manually deleted the rest myself. Still ad windows every five minutes. I run Ad-Aware a hour later. 200 new objects, and I've been routinely scanning and deleting crap, each time turning up another 200 or so objects, and more stuff I have to remove myself. It's bogging down Internet Exploder like nuts, it took me ten minutes to load the forum page because "it" was downloading it's next cycle of ads.

To the point: Ad-Aware and Norton 04 are doing nothing more than denting an exponentially increasing annoyance, any suggestions?
Try Spybot search and distroy. It normaly does a good job of finishing the cleanup. Do a google for it.
have you updated them? A lot of people think ad-aware updates automatically, but you actually have to click the button :P
Ditto, Enigmaster. I get an ad or install-on-demand thingummy about every 10 - 15 minutes. One time, the ad url was incorrect or something, and I was lucky enough to see the URL instead of an AD, with the 404 error. Unluckily, I didnt put the URL in word or anything. Im guessing I could have used the URL to scan and do something about the website distributing the ads? Please say no, cause if not, I'll beat myself up. :|
Ok, here is what to do.. Ready?

1. Run ad-aware
2. Hit check-for updates
3. Go to use custom scanning options & click the bubble.
4. Hit customize & go to Memory & Registry & check everything.
5. Hit proceed & run the scan (this will take awhile but it will kill everything.)
6. Go to http://www.javacoolsoftware.com/spywareblaster.html
And download & install.
7. Update & enable all protection.
8. You can uninstall it now. (Leave it and update every so often)

Note:
If you stall have problems go to http://www.tomcoyote.com/hjt/ and download hijackThis. Then post the log for me to see.
In response to Xzar
One of my co-workers was hit with something called "WinTools" yesterday and it took a lot of fixing (but I learned something and now he owes me a lunch, so it's all good, I guess). Here's what seems to have worked:

Run CWshredder, AdAware, HijackThis to remove whatever can be removed.

If AdAware removes something, and then when you run AdAware again, it has come back, there is probably a process running that is maintaining the bad stuff. There may even be three or four hidden EXE's in the windows\system32 directory. Open the Task Manager and sort by high CPU usage. Open the infected browser and see what programs jump near the top of the list when a popup window opens.

Reboot into safe mode with command prompt (press F8 every second or so at startup until the menu appears). Search for a Wintools directory: {c:}{cd \}{dir /s wintoo*}. If you find it, rename it to some other name. Go to the windows\system32 directory and do {attrib -r -s -h *.exe}. This should make all executable files visible.

Now do {dir /od}. This will list them in date order. If there are any files that were created in the last few days with funny names, rename them to bad_(name).exe. (Don't delete them, in case they're needed for a good program you've recently installed.)

Now look at the hosts file in system\windows32\drivers\etc. A line for localhost (127.0.0.1 or something) is OK, but if you see other lines that make no sense, like a line for msn.com, you want to remove that.

That's all I have in my notes. Good luck. You may also want to check the forums at spywareinfo.com... they had some pointers that were helpful.
In response to Gughunter
Make a program to do all of that, and i'll buy it.