Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ABI File Wont remove Possible Adware or malware came from


  • Please log in to reply
3 replies to this topic

#1 rasone77

rasone77

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:17 AM

Posted 11 July 2005 - 01:13 PM

Okay I have a weird Adware or malware thing going on. I use Freedom Firewalll and antivirus provided by my broadband service Adelphia cable. Anyways,

Sat night I got an adware pop up blitz, I managed to remove most of the malicious files using Fredom antispyware and manually deleteing including these:

E2Give
Virtual Bouncer
Aruora
And afew others I cant remember the names too

however I can not remove one called

ABI advertising systems or some such its definately ABI. It creates a pop up that doesnt appear to be internet related, (I block it directly by right clicking it and adding it to Freedoms pop up blocker program and it still comes up every half minute to three minutes) the website it claims to be from is

www.0dp.com

when you go to look for the site it doesn't exist the are none of my browser toolbars on the pop up and you cant delete this file. Also when you do try to rmove the program using add/remove in the control panel it redirects you to a website and eventually to a site called MyPCcleanup.com where you are suposed to download an uninstall tool. I tried this it did not work although it claimed it did. I have the file contained as in it cant send or recieve internet comunication because Ive locked it behind freedoms firewall tool which is another reason I suspect it is local on the PC and not global on the internet sense it still pops up even after trying that.

I am at a loss here and my limited expertise in coding and ini files keeps me from resolving it myself in fact I am unsure even how to pull up a Win32 log let alone analyze it so I could use a bit of help.

One more thing My antivirus picked up several win32/backdoor.BB viruses and a couple other win32/---.SM virus I cant remeber the exact name of the second one but I can post it when I get home. I deleted those as Freedom sugested because it could not disinfect.

Hopefully you guys can help if not at least people see this and stay away from aruora and virtualbouncer as I am pretty sure they are malware not antispyuware devices

//Mod edit: Moved this topic from Windows XP/NT/2000/2003 to the
more appropriate forum.

Edited by KoanYorel, 11 July 2005 - 01:27 PM.


BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:12:17 AM

Posted 11 July 2005 - 05:28 PM

If you get these popups when you're not on the internet, it could be Windows Messenger service causing the problem.

To Turn Off Messenger Service in XP Home:

Click START / Control Panel / Performance and Maintenance / Administrative Tools
Double-click Services
Scroll to Messenger service, and double-click it
Select STOP service
In the Startup drop down box, select Disabled

Also do this for:

Alerter
SSDP Discovery service
Telnet
Universal Plug & Play (not Plug & Play)

Now, OK your way out.

Also, in Internet Explorer
Click Tools
Select Internet Options
Click the Advanced tab
Un-check both entries of Enable install on demand
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 rasone77

rasone77
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:17 AM

Posted 12 July 2005 - 08:12 PM

I tried these things a few minutes ago they didnt work I installed firefox any way I can remove Explorer? Im going to send a hack this log just to make sure its not comming back !

#4 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:12:17 AM

Posted 13 July 2005 - 06:42 PM

No you can't remove IE.
It's too intertwined with Windows.
If you try to remove it, you'll break Windows.
Besides, you need IE to get your Windows updates.

I think you'll like Firefox better than IE. :thumbsup:

Posting a HJT log is a good idea.
Here's how:

Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HJT forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users