ADW_ELITEBAR.D

[bu2]

I use WIN XP Home SP2, IE 6.0, my AV is PC-Cillin. I also use
SpyHunter and Beta version of MS Antispyware. Recently I somehow
got ADW_ELITEBAR.D adware that keeps reloading instantly after
I get rid of it with the AV.

I am considering switching to Netscape as I am getting tired of all the
attacks. BTW, is Netscape free? And if I install it won't the
vulnerabilities
via IE still be there? Can IE be deactivated or uninstalled?

What other options are there?

Any constructive comment will be greatly appreciated.

Thanks.

 

[Beauregard T. Shagnasty]

I use WIN XP Home SP2, IE 6.0, my AV is PC-Cillin. I also use
SpyHunter and Beta version of MS Antispyware. Recently I somehow
got ADW_ELITEBAR.D adware that keeps reloading instantly after I
get rid of it with the AV.

Does this page lend anything?

I am considering switching to Netscape as I am getting tired of all
the attacks. BTW, is Netscape free?

They are free. Since Netscape is a (mostly) deceased browser, I'd
recommend Firefox.

And if I install it won't the vulnerabilities via IE still be
there?
Yes.

Can IE be deactivated or uninstalled?

Not really. Windows uses it for other things, too. You'd still need it
for Windows Updates, for example.

What other options are there?

Here's some tips:
http://home.rochester.rr.com/bshagnasty/tips.html

Use a firewall.

 

[Ernie B.]

Does this page lend anything?



They are free. Since Netscape is a (mostly) deceased browser, I'd
recommend Firefox.


Yes.

Well, not really. From the site above "A drive-by download occurs
when a Web page visited using Internet Explorer (IE) takes advantage
of the low security settings of the Internet Zone allowing programs
to be installed into the visiting machine without a target user’s
knowledge."

One nice thing about Firefox is that it won't let a site install
software without the user's permission.
<snip>

 

[Beauregard T. Shagnasty]

Hi Ernie B.

Well, not really.

In the broad sense, they still will be there. <g> Once I ran into a
piece of trialware that, upon the expiration of the trial,
automatically opened IE and sent my OE default email address to the
author's web server. Fortunately, my OE default email is a bogus one.
Since that day, IE must ask permission to launch, via the firewall.

One nice thing about Firefox is that it won't let a site install
software without the user's permission. <snip>

True, and welcomed.

BTW, the above is a good tip for everyone. Even if you don't use OE,
set a bogus address as the default.

 

[David H. Lipman]

From: "bu2" <[email protected]>

| I use WIN XP Home SP2, IE 6.0, my AV is PC-Cillin. I also use
| SpyHunter and Beta version of MS Antispyware. Recently I somehow
| got ADW_ELITEBAR.D adware that keeps reloading instantly after
| I get rid of it with the AV.
|
| I am considering switching to Netscape as I am getting tired of all the
| attacks. BTW, is Netscape free? And if I install it won't the
| vulnerabilities
| via IE still be there? Can IE be deactivated or uninstalled?
|
| What other options are there?
|
| Any constructive comment will be greatly appreciated.
|
| Thanks.
|

Always check anti malware applications at SpwareWarrior first !
http://www.spywarewarrior.com/rogue_anti-spyware.htm#sh_note

Dump the contents of the IE Temporary Internet Folder cache (TIF)

start --> settings --> control panel --> internet options --> delete files

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Ad-aware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt512.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.

2) Update Ad-aware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible.
5) Using both the Trend Sysclean utility and Ad-aware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point

* * Please report back your results * *

 

[kurt wismer]

Beauregard T. Shagnasty wrote:
[snip]

They are free. Since Netscape is a (mostly) deceased browser, I'd
recommend Firefox.

apparently you haven't heard - the newest netscape that's in the works
is based on firefox... (just as previous versions were based on mozilla
suite)

 

[Beauregard T. Shagnasty]

Beauregard T. Shagnasty wrote: [snip]

They are free. Since Netscape is a (mostly) deceased browser, I'd
recommend Firefox.

apparently you haven't heard - the newest netscape that's in the
works is based on firefox... (just as previous versions were based
on mozilla suite)

No, I hadn't heard. Thanks for the info.

Will it still have the megabytes of AOL stuff in it?

 

[YZ]

Beauregard T. Shagnasty wrote:
[snip]

They are free. Since Netscape is a (mostly) deceased browser, I'd
recommend Firefox.

apparently you haven't heard - the newest netscape that's in the works
is based on firefox... (just as previous versions were based on mozilla
suite)

AFAIK:
mozilla, netscape, firefox-- are essentially same thing, although they
might look different. Netscape is far from dead, the new one is version
8 (beta), released in feb.

Netscape always has been around. Never disappeared, regardless of what
microsoft want you to believe. you can get it for free from their
website www.netscape.com There were few years when things seemed to get
stuck at ver. 4.7 (that still outdid IE AFAImC), but since then they had
6,7 and now 8.

The important difference between Netscape 7 and Firefox/Thunderbird-
the former is a full suit for web browsing, web page editing, email
client (excellent one at that), address book, etc. The latter are
separate applications for web/email respectively.

YZ

 

[kurt wismer]

Beauregard T. Shagnasty wrote: [snip]

They are free. Since Netscape is a (mostly) deceased browser, I'd
recommend Firefox.

apparently you haven't heard - the newest netscape that's in the
works is based on firefox... (just as previous versions were based
on mozilla suite)

No, I hadn't heard. Thanks for the info.

Will it still have the megabytes of AOL stuff in it?

oh, probably... that's the way they've always done things...

in fact, so long as they don't violate the MPL, they can probably stick
whatever they like in it...

 

[kurt wismer]

kurt wismer wrote: [snip]

apparently you haven't heard - the newest netscape that's in the works
is based on firefox... (just as previous versions were based on mozilla
suite)

AFAIK:
mozilla, netscape, firefox-- are essentially same thing, although they
might look different. Netscape is far from dead, the new one is version
8 (beta), released in feb.

well, i wouldn't say they're essentially the same... mozilla suite and
firefox are significantly different... they use the same rendering
engine (gecko) and the same UI technology (xul), but that doesn't make
them the same...

as for netscape, depending on the version you're talking about, it's
just a rebranded version of either mozilla suite or firefox and has
been for a long time now...

Netscape always has been around. Never disappeared, regardless of what
microsoft want you to believe. you can get it for free from their
website www.netscape.com There were few years when things seemed to get
stuck at ver. 4.7 (that still outdid IE AFAImC), but since then they had
6,7 and now 8.

yes, and if 8 is anything like the previous versions, you'll be better
off going to the source and using the browser it's based on... you'll
get your security fixes, bug fixes, and feature enhancements faster
that way...

The important difference between Netscape 7 and Firefox/Thunderbird-
the former is a full suit for web browsing, web page editing, email
client (excellent one at that), address book, etc. The latter are
separate applications for web/email respectively.

that's because netscape 7 was based on the mozilla suite (which has all
those things)... new versions of netscape won't be based on the mozilla
suite because mofo (the preferred contraction of the mozilla
foundation, go figure) have retired the mozilla suite in order to focus
more on their 'aviary branch' (firefox, thunderbird, etc)...

 

[bu2]

Thanks Bauregard,

I am still deciding what exactly to do and when. Trend Micro has a
"solution"
re the culprit at:
http://www.trendmicro.com/vinfo/grayware/graywareDetails.asp?SNAME=ADW_ELITEBAR.D
I could not make it run. I'll have another look, maybe I was hasty and
missed something.
It just opens a DOS like C: Command Prompt it seems to run but nothing
happens.
We are talking about their instructions to download TMAPTN.ZIP with the
latest
grey something files. Why am I paying them and updating religiously several
times a
day? Anyway the program that uses the above file (tmntsrv.exe) does not run
or does
not run properly when I do it.

I also was told to look into Simply Tech site
http://www.simplytech.it/ETRemover/
and download the Elite Bar Remover which I did and I am deciding whether to
run it
now or after my monthly (data) backups just in case something goes awry.

Once the system is clean I may well switch to another Internet Browser. I am
not happy
with MS leaving so many holes in their software. Also their Beta
Antispyware, while
pretty good, cannot even see the Elite Bar!? The Trend Micro Antivirus Scan
cannot see
it either but the special Scan for Spyware feature does and it even deletes
it but the s*it
reinstalls itself instantly.

I have to add that I have been extremely careful keeping AV and WIN etc up
to date. I clean
files, cookies and so on all the time. I do not click on things if I am not
sure what it is etc etc.
But it is never completely safe. This ADW_ELITEBAR.D is driving me nuts. I
am sure it
is slowing things down and leaving me vulnerable to attacks. Also it is
spying on me and while I
have nothing to hide I am p**sed with it.

In any case thanks for the info and the advice. I will look at all the
details you supplied
carefully.

Once I have acted on this I will report the results.

Thanks again.

Bu Two.

 

[bu2]

Well, I ran the remedy as explained at
http://www.simplytech.it/ETRemover/
That was in WIN XP Safe Mode and ... I
scored a big victory for the ADW_ELITEBAR.D

It did not budge. As soon as I checked on it, after removing it with
the "remover" and restarting the PC - I found it was still there.

On the MS Antispyware Community group someone is suggesting a
way to get rid of the EliteBar using a method found at
http://securityresponse.symantec.com/avcenter/FxIstbar.exe
The problem is it will likely remove the Elitebar and render the
"program that installed it" i.e. Internet Explorer inoperative or
at least damaged!?

I don't know what to do now? I hate my AV and MS for not providing
appropriate help with such problems.