Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware /popups Help Please


  • This topic is locked This topic is locked
11 replies to this topic

#1 henpecked

henpecked

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:05 PM

Posted 05 November 2007 - 01:46 PM

Please can you help .
have un adware 2007 superanti spyware and ccleaner to try and get rid of whatever it is that keeps on causing popups without effect. I enclose my hijack file and would be grateful if you could tell me where the problem lies. I keep on getting windows openimg advetising reward centre windows securtiy centre and so forth.

Many thanks

Attached Files



BC AdBot (Login to Remove)

 


#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:07:05 PM

Posted 23 November 2007 - 04:06 PM

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:

Preparation Guide For Use Before Posting A Hijackthis Log

Please also post the problems you are having.

#3 henpecked

henpecked
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:05 PM

Posted 25 November 2007 - 05:16 PM

Hi thanks for your reply. i am still having problemswith popups. I have run adware about 4 times to remove stuff and then ran CCleaner and then super anti spyware all without any joy. I attach a new log and would be grateful for any help you can give.
many thanks
HENPECKED

Attached Files



#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:07:05 PM

Posted 27 November 2007 - 04:07 PM

Please download Combofix to your desktop.
Doubleclick combofix.exe to launch the application.

Follow the prompts that will be displayed on the screen.
Don't click on the window while the fix is running, because that will cause your system to hang.
When finished, it should produce a log, combofix.txt.
Post this log in your next reply together with a new hijackthislog.

There is no need to attach the logs, posting them is just fine! :thumbsup:

#5 henpecked

henpecked
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:05 PM

Posted 28 November 2007 - 06:20 AM

I've done as instructed but don't know where the logs have gone! I trust you have the hijack log but do not know if you have the combo log so Ive attached that just in case !!!!!!!!!!!!!!!!!!!!!!!!!!!!
Mnay thanks
henpecked

Attached Files

  • Attached File  log.txt   16.5KB   1 downloads


#6 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:07:05 PM

Posted 28 November 2007 - 07:39 PM

Please perform this online scan: Kaspersky Webscan
Note that this scanner will only work on Internet Explorer, so please use this browser for the scan.
Read the Requirements and Privacy statement, then select "Accept"
A dialogue box will appearing asking "Do you want to install this software?" Name: kavwebscan_unicode.cab
Select "Install" to download the ActiveX controls that allows ActiveScan to run.

When the download is complete it will say ready, click "Next"
Select a target to scan: Click on "My Computer"
When the scan is complete choose to save the results as "Save as Text"
Post the Kaspersky scan results in your next reply, along with a new Hijackthis log.

#7 henpecked

henpecked
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:05 PM

Posted 05 December 2007 - 05:18 AM

I have run the software as suggested and re-ran the adware and superantispyware again and again. Kasperskyrpt says I have a virus and other issues however this is not detected by Norton. I think they just relate to cyberlink and I have just deleted these files. So I think I am clear now.
The good news however is that the spyware interms of popups appears to have gone!!!!
I have posted a copy of hijack and attache a copy of the kasperskrypt log for completness. The adware detected a spyware called B2B but after running it on all the user accounts it seems to have gone I don't know if i ha d to run it on all but it did do the trick.
Many thanks

Attached Files



#8 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:07:05 PM

Posted 05 December 2007 - 04:53 PM

Please find and delete these infected cracks/installers:
C:\Documents and Settings\HP_Owner\Desktop\DVD copy stuff\1CLICK_DVD_Copy_Pro_3.0.1.6+ patch\1clickdvdcopyprosetup3.0.1.6.exe
C:\Documents and Settings\HP_Owner\Desktop\DVD copy stuff\1CLICK_DVD_Copy_Pro_3.0.1.6+ patch\Patch\All.LG.Software.Innovations.Generic.Patch-ICU.exe
C:\Program Files\eMule\Incoming\Cyberlink Power Director 6 Delux Edition CRACK.zip

Please find and delete these two folders:
C:\Program Files\Toolbar
C:\qoobox

We need to purge your infected system restore points.
On the Desktop, right-click My Computer, then click Properties.
Click the System Restore tab near the top of the window.
Check Turn off System Restore, click Apply, and then click OK.
More information on how to disable your system restore can be found here.

We want to create a new, clean restore point. Please first reboot your computer.
On the Desktop, right-click My Computer, then click Properties.
Click the System Restore tab near the top of the window.
Uncheck "Turn off System Restore", click Apply, and then click OK.

Click Start > All Programs > Accessories > System Tools, and select System Restore.
In the System Restore wizard, select the box next the text labeled "Create a restore point" and click the Next button.
Type a description for your new restore point - Something like "After trojan/spyware cleanup".
Click Create, and after it has created the restore point, click "Close".
Further instructions on creating a restore point can be found here

I want you to clean your cache and cookies from your internet explorer.
There are a few infected files which need to be removed from your system.

° Close all instances of Internet Explorer .
° Go to your control panel and open "Internet Options".
° Click on the "General" tab.
° Click the "Delete Cookies" button, then the "Delete Files" button.
° If prompted, place a tick in the "Delete all offline content" box and click OK.

Also, please clean other Temporary files and Empty the Recycle Bin

° Go to start and click on the "run" button.
° Type the following in the box --> cleanmgr and click ok.
° Let it scan your system for files to remove.
° Make sure only Temporary Files, Temporary Internet Files, and Recycle Bin are checked.
° Press OK to remove them.

I want you to remove a few infected quarantined files from your Norton Antivirus.
The instructions depend on the version of Norton that you are running
Please visit the following link, and follow the instructions by clicking the on the appropriate version:
http://service1.symantec.com/SUPPORT/nav.n...000041213443506

Reboot a final time, and let me know how the PC is running. :thumbsup:

#9 henpecked

henpecked
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:05 PM

Posted 06 December 2007 - 05:27 AM

Beill thanks all working as should now running at much quicker speed all round!!!
Many thanks :thumbsup:

#10 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:07:05 PM

Posted 06 December 2007 - 11:24 AM

Glad I could help! :thumbsup:
The latest log is looking clean!
Follow this list and your potential for being infected again will be reduced dramatically.

Use an Anti Virus Software -
* It is very important that your computer has an anti-virus software running on your machine.
* This alone can save you a lot of trouble with malware in the future. See this link for a listing of some on line & their stand-alone anti virus programs:
* Click here for more information on -> Computer Safety On line - Anti-Virus
* I would recommend Grisoft's AVG or AVAST.
* These are the more secure and better ones.

Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

Use a Firewall -
* I can not stress how important it is that you use a Firewall on your computer.
* Without a firewall your computer is susceptible to being hacked and taken over.
* Simply using a Firewall in its default configuration can lower your risk greatly.
* For an article on Firewalls and a listing of some available ones see the link below:
* Click here for more information on -> Computer Safety On line - Software Firewalls
* I would recommend ZoneAlarm as a firewall as it's easy to use.

Visit Microsoft's Windows Update Site Frequently -
* It is important that you visit http://www.windowsupdate.com regularly.
* This will ensure your computer has always the latest security updates available installed on your computer.
* If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Next, if they're not already present, I would recommend the download and installation of some or all of the following programs (all free), and the updating of them regularly

Install Spybot© - Search and Destroy- Install and download Spybot - Search and Destroy with its TeaTimer option.
* This will provide real-time spyware & hijacker protection on your computer alongside your virus protection.
* You should also scan your computer with program on a regular basis just as you would an anti virus software.
* A tutorial on installing & using this product can be found here:
* Click here for more info -->Instructions for - Spybot S & D and Ad-aware

Install Lavasofts© Ad-Aware - Install and download Ad-Aware.
* You should also scan your computer with the program on a regular basis just as you would an anti virus software in conjunction with Spybot.
* A tutorial on installing & using this product can be found here:
* Click here for more info -->Instructions for - Spybot S & D and Ad-aware

Install Javacools© SpywareBlaster -
* SpywareBlaster will added a large list of programs and sites into your Internet Explorer and Firefox settings and that will protect you from running and downloading known malicious programs.
* A article on anti-malware products with links for this program and others can be found here:
* Click here for more info -->Computer Safety on line - Anti-Malware

Update all these programs regularly - Make sure you update all the programs I have listed regularly.
Without regular updates you WILL NOT be protected when new malicious programs are released.
:blink: If you wish to learn how to use HijackThis to remove malware, you might like to join the Malware Removal Training Program!

If you have any addition questions just ask...
David

#11 henpecked

henpecked
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:05 PM

Posted 07 December 2007 - 03:53 AM

Many thanks all done hope you will not be bothered by me again now I've tooled up!

Your link to the malware removal does not work.
regards

Henpecked

#12 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:07:05 PM

Posted 07 December 2007 - 04:32 PM

You're welcome! :thumbsup:

Since this issue appears resolved, this Topic is now closed.

If you need this topic reopened, please request this by sending me
a PM with the address of the thread using the link here. This applies only to the original topic starter.

Everyone else please begin a New Topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users