Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popups 'antivirus 2008' Etc. Freshly Formatted


  • Please log in to reply
2 replies to this topic

#1 Nav2k

Nav2k

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 05 August 2008 - 08:56 AM

Hi all,

I really don't know what's going on..
I had vista installed for a while...then got these popups appearing and what looked to be an antivirus tool started to scan (i'm sure its some fake thing).
windows froze, couldnt get to the toolbar etc.
I got sick of it, formatted and installed XP again.

AS soon as I got the drivers installed etc. wireless connected, hadn't really downloaded anything too much (msn messenger...drivers from legit sites...that sort of thing). It pops up again.
I try to run lavasoft ad aware, again task bar goes missing all this stuff.

I format again, this time not downloading anything. Ad-Aware picked up a few things, i got rid of them (can't remember what). now it's coming back again after i've just browed to one or two pages (hotmail, and this page). Ran ad-aware again, something from

From 'general objects'

'virtualmonde' of category 'malware' is coming up.
Its all in the registry key,
Root: HKLM Path: software\microsoft\aoprndtws
another one..
Root: HKU Path: S-1-5-21-(bunch of numbers)

Then in 'privacy objects'
There are many 'tracking cookies' from internet explorer , c:\documents and settings path\index.dat etc.

Also an MRU object, with MRU registry key.

What is going on?! I can't beleive it's happening after a format...

Ive got another pc running the same copy of XP fine. Same wireless network etc.

I'm not going to touch this PC again until I get some advice as I think more things will happen... (going to turn off network connections)

Thanks in advance for any help.

BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:07:05 PM

Posted 05 August 2008 - 09:47 AM

You can get assistance in cleaning the system up in the Am I Infected forum located here: http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

Or, you can do this:
1) format your hard drive with a "low level"/initialization tool usually available for free from your hard drive manufacturer's website.
2) Reinstall Windows using a known legitimate copy of the Windows installation CD
3) Reinstall any applications/drivers from sources that are known to be good - and then scan them with updated antivirus software on an operating PC before installing them on your system.
4) When you download anything from the internet, DO NOT let it Run or Open - ALWAYS choose Save. Then scan it with an updated antivirus program BEFORE opening it.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 Nav2k

Nav2k
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:05 AM

Posted 07 August 2008 - 04:11 AM

thanks a million mate.
i followed the steps to the ATF-cleaner and superAntispywware installation and scanning in safemode and it's done the trick (i think...so far so good..1day..)

HijackThis didn't seem to do anything for my problem.

thanks, appreciate it :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users