>>> For several days leading up to today, I had following symptoms...
- Fake "Spyware Alert" and "Windows Security Alert".
- IE Homepage that I attempted to set was overridden by ...softwarereferral.com... url that was redirected to Ultimate Defender, Ultimante PCCLeaner sites and the like.
- I detected a registry Start Page pointer to softwarereferral.com.
- I have not knowingly chosen to install any of these software offers.
- I found no evidence that Ultimate Defender, etc was "installed", i.e. no presence in "Add/Remove Programs" and no obvious evidence in "Program Files" directory.
- These Ultimate web pages say they're running a scan but there is never any listing of findings such as are shown of the bleepingcomputer doc about Ultimate Defender, PCCleaner.
- McAfee AntiVirus 10.0 with w/latest engine, dat files (from late last week) did not detect.
- It was annoying but I kept the problem at bay and and kept my PC usable by minimizing the fake alerts and bogus website windows ... waiting until I had some time to work on it.
>>> Today the VirusScan DAT file was updated to version 5122 (Build: 10.0.27 Engine 5100). Symptoms have changed...
- McAfee detects AdClicker-FC infection in "Documents and Settings ... \local settings\temp\ac8zt2\nsduo.dll"
- McAfee deletes nsduo.dll and all other files in the ac8zt2 folder, terminates all IE instances, and refreshes the desktop and screen.
- I confirmed that the files have in fact been deleted.
- Some minutes later this scenario is repeated, presumably because there is a program running that is rewritting those files. IE is rendered essentially unusable.
- There are now no Fake alerts or Ultimate Defender, PCCleaner web pages shown, but, I suppose that may simply be due to the repeated detection/deletion of files described above.
- The registry Start Page pointer to softwarereferral.com no longer exists.
Friends have recommended SPYBOT and I've seen the SmitfraudFix recommendations in these forums. I'm not that jazzed about using freeware and am kind of wondering why McAfee and/or Norton haven't provided such tools.
At any rate I'm looking for guidance specific to my problem and will then decide whether to attempt to remedy myself or hire an expert :-).
Thanks,