Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware/Adware Causing Pop-Ups


  • Please log in to reply
3 replies to this topic

#1 hishaamsiddiqi

hishaamsiddiqi

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 30 October 2009 - 07:22 PM

Hello Everyone,

I am arunning Windows Vista Home Edition. After using this site for my previous computer, I have taken some precautions on my new, current computer, such as running Avira AntiVirus. However, after careful usage, it still some how managed to become infected. I used Spybot-Search&Destroy, and it says that it has destroyed a few Trojans. I then updated my Avira AntiVirus and ran a full system scan, but my computer is still having adware and spyware pop ups and running unsmoothly. Any help would be greatly appreciated.
Thankyou.

Edit: As of right now, the only way to use my computer safely is through Safe Mode. If I'm not in Safe Mode, I am bombarded with popups.

Edited by hishaamsiddiqi, 30 October 2009 - 07:22 PM.


BC AdBot (Login to Remove)

 


#2 zbd

zbd

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Local time:06:58 AM

Posted 30 October 2009 - 08:42 PM

Download and run Malawarebytes and superantispyware:

http://www.malwarebytes.org/mbam.php

http://www.superantispyware.com/

uninstall spybot l
assume you have a firewall like comodo:

http://www.matousec.com/projects/proactive...nge/results.php

#3 hishaamsiddiqi

hishaamsiddiqi
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 01 November 2009 - 12:39 AM

I ran Malwatebytes and this is the log I got. I am not going to run Superantispyware and I have already uninstalled Spybot.
:thumbsup:

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 6.0.6000 (Safe Mode)

10/31/2009 10:30:25 PM
mbam-log-2009-10-31 (22-30-25).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|H:\|I:\|J:\|)
Objects scanned: 258592
Time elapsed: 40 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\22508017 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yimusevaka (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\ProgramData\22508017 (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\ProgramData\39969339 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Siddiqi Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntivirusPro_2010 (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully.

Files Infected:
C:\ProgramData\22508017\22508017.bat (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\ProgramData\22508017\22508017.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\ProgramData\39969339\39969339.bat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\39969339\39969339.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Siddiqi Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntivirusPro_2010\AntivirusPro_2010.lnk (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully.
C:\Users\Siddiqi Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntivirusPro_2010\Uninstall.lnk (Rogue.AntiVirusPro2010) -> Quarantined and deleted successfully.



#4 hishaamsiddiqi

hishaamsiddiqi
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:58 AM

Posted 01 November 2009 - 04:54 PM

I also ran Superantispyware and it removed several adware things and in the meantime, Avira Antivirus found several Trojans which I had it delete.
Superantispyware did not create a log for me to post.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users