Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Insane Popups !


  • Please log in to reply
5 replies to this topic

#1 Ulster

Ulster

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 22 May 2008 - 09:29 PM

I have got some virus or trojan that keeps making IE open and popup with websites like www.pcsecurityshield.com and mp.clicksor.net.
I use Firefox 2.0. My Host files keeps most of the pages from loading but I still get a popup.
My AVG antivirus won't kill it and neither does Spybot SD or Syware Blaster. Is there a program to get rid of this ?

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:27 PM

Posted 22 May 2008 - 09:59 PM

give malwarebytes a try


http://www.bleepingcomputer.com/forums/ind...mp;#entry811062
Chewy

No. Try not. Do... or do not. There is no try.

#3 Ulster

Ulster
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 23 May 2008 - 12:18 AM

I ran it and it found:
Files Infected:
C:\WINDOWS\system32\drivers\core.cache.dsk (Malware.Trace) -> Delete on reboot.

I rebooted and it's still there.
I rebooted in safe mode, deleted it. Rebooted and it's back.

#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:27 PM

Posted 23 May 2008 - 12:24 AM

that's a real nasty

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

you will need to start the process

A few people got rid of it running some long combinations of several other programs added to MBAM

http://www.bleepingcomputer.com/forums/t/131299/how-to-use-sdfix/

sdfix is one that seems to help in some cases
Chewy

No. Try not. Do... or do not. There is no try.

#5 Ulster

Ulster
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 23 May 2008 - 01:02 AM

Ran Sdfix

Trojan Files Found:

C:\WINDOWS\system32\drivers\core.cache.dsk - Deleted
C:\WINDOWS\system32\drivers\BTHPANN.sys - Deleted

So far so good. I'll report back if it rears it's nasty head again.
Thank You Chewy

#6 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:27 PM

Posted 23 May 2008 - 01:59 PM

You are welcome, either way keep us posted, I had that nasty back in march, it didn't die so easy for me

got it from a usb drive trying to fix another computer
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users