Removing adware from registry

I seem to have an adware infection in my registry. My virus program has identified it as SPYW_GATOR.C. My virus program advises me to remove the file Gator.com from HKEY_LOCAL_MACHINE>SOFTWARE by running regedit. However, all I see in the SOFTWARE subkey are program folders for software that I have installed. How do I find Gator.com? The virus program identifies adware cookies which I can delete. But when I reboot, the adware is present again, since I always get a pop-up indicating that access to DateManager.exe is denied.

 

stonooka--I am surprised your anti virus program did not offer to remove it for you or provide better instructions. Perhaps that is because this is spyware and not (officially) a virus
http://www.pcmag.com/article2/0,1759,1753726,00.asp
I suggest you download, install, update and then scan with
AdAware
http://www.lavasoft.de/support/download/
and/or
SpybotS&D
http://www.safer-networking.org/en/download/index.html

 

Reply to Welshjim

Thanks for responding Welshjim. Before reading your response, I downloaded the free version of Lavasoft Ad-aware SE. I ran it and it appears to have gotten rid of the adware/spyware. My PC-cillan AV program is pretty good at detecting but its directions for removal of adware is not clear and is difficult for me to implement. Ad-aware seems to do it all.

 

stonooka--That is good news. Thanks for posting back. Do not forget to update AdAware's definitions every week or so.
If you are not already using it, another excellent program to protect against spyware is SpyWareBlaster.
http://www.javacoolsoftware.com/spywareblaster.html

 

Reply to Welshjim

Welshjim - I obtained the purchase version of Adaware- SE. I now seem to get about a dozen non injurious Data Miner tracking cookies. What should I do with them? I have been deleting them, but then I get popups on boot that state the shortcut for accessing certain operations is missing. Also, it appears I should disable my normal virus program while running Ad-aware.

Thanks again for your interest.

Sinchi

 

stonooka--AdAware is especially strong on finding Data Miners. (SpybotS&D less so.) Go to this site to learn about Data Miners
http://www.webopedia.com/TERM/d/data_miner.html
I always have AdAware delete them. I cannot see that they do anything good, and they have the potential to do bad. But other people seem to be content to leave them.
You can see the site that is giving you the DataMiner cookies in the Adaware log, so you can stop many of these sites from depositing the cookie using the Privacy settings in IE Tools|Internet Options|Privacy tab.

I will need more details (like the exact message indicating what program is affected) to be able to comment.
There are sites that offer programs for "free" (Kazaa is one of the most famous). But the price you pay is you must accept their cookies and other spyware in order to use the "freeware ". If that is what is happening, you must make the choice between using the "freeware" with cookies or not using the freeware. In most cases there is a spyware/cookie-free alternative to the supposed "freeware ".
I have never heard of a conflict between AdAware and an antivirus program.
What is happening to make you feel you cannot run both AA and your AV?
I use the free version of AdAware, so perhaps it is the AdWatch feature (which I do not have) which is causing the problem. I would be very cautious about running a PC without an Antivirus program. But if you disable the AV only for the period you scan with AdAware, do not do any surfing or opening of email during that short period, and remember to turn the AV back on, I guess it would not hurt.
Since you have a paid version of AdAware, you might consider asking their technical support for help.

 

adware continued

Welshjim -

The 2 functions I have lost as a result of blindly removing data miner cookies are DateMananger and GStartup.

The pop-up message that I get on reboot is eg.,

"Drive or network connection that the shortcut GStartup.lnk refers to is unavailable. Make sure the disk is properly inserted or network resource is available. "

I get a similar pop-up for DateManager.

The effect of losing GStartup is that I can not use a soft restart of the computer. When I select "Restart" from the "Start" button on the Desktop, the computer hangs up with a blank blue screen. I have to use the manual mechanical restart button to get the computer to reboot. Then, of course, Windows wants to do a full disk check because of the abnormal shutdown.

Now I have to figure out how to restore those functions.

 

stonooka--Here is what I know about DateManager
http://www.pchell.com/support/datemanager.shtml
and GStartup
http://www.processlibrary.com/directory/files/gstartup/
Both look like those spyware-bearing "freeware" programs I mentioned earlier.
Since I do not use either, I cannot suggest a spyware-free alternative.
You could run searches on www.google.com for alternatives.
Or you can live with the spyware and not have AdAware delete the DataMiners associated with these programs.
I, personally, would not take the latter route. But it is your choice.