Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Respawning Adware


  • Please log in to reply
1 reply to this topic

#1 Sylphied

Sylphied

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:26 AM

Posted 11 January 2010 - 05:16 PM

EDIT: The CF Logs have been removed until requested to re-add.
EDIT 2: I just realized that I cannot find a way to edit the sub-topic of this post, so I dearly hope that it is not ignored. >_<

System Specs:

Microsoft Windows XP
Media Center Edition
Version 2002
Service Pack 3

HP Pavilion: IntelŪ
PentiumŪ D CPU 2.80GHz
2.80GHz, 1.00 GB of RAM


Hello!

I was previously infected with a worm yesterday morning, which among other things, inhibited my ability to run various programs, (such as anti-virus) as well as a system restore. In my panic, I resorted to a PC Restoration after I hastily rebooted my computer. In doing so, the severity of the worm was whittled down to the point where I could run anti-virus programs once more, and purge a good number of infected items. However, as you can guess, the option to do a system restore was disabled due to the PC Restoration deleting the restore points. Hence, I used the following anti-virus programs to attempt to FULLY purge the virus:

-Rkill
-Malware Bytes Anti-Malware
-Avast Home Edition Anti-Virus
-Spybot [Search & Destroy]
-VundoFix
-Windows Defender

---------------------------------------------------------------------------------------------------------------------------------------------
[Sidenote]: The only details I can remember of the worm when it was in its severe state was that my desktop image changed to display the message "YOUR COMPUTER HAS BEEN INFECTED", or something akin to that. Furthermore, I also got a Windows error message which specifically stated that I had been infected with a worm, along with the details of what worms can generally do. Since I was unable to run programs during this time, I could not capture a screenshot of the exact messages to add to my list of details.
---------------------------------------------------------------------------------------------------------------------------------------------

Afterwards, it seemed as if the infection had ceased; but annoying pop-up ads were still appearing from time to time during my sessions on Firefox. They appear as follows:

Posted Image

Therefore, I finally consulted a tech friend who advised me to use ComboFix and report my findings unto this website. I ran the program once, and these are the results:

EDITED: CF Logs removed until requested to re-add.

I also ran ComboFix a second time, after the first scan failed to delete the recurring adware problem. Here are its findings:
(The results of which you can see, were present in the first log as well.)

EDITED: CF Logs removed until requested to re-add.

Unfortunately, even ComboFix could not permanently remove my adware problems, as I had hoped. Hence, I would greatly appreciate it if someone could kindly review my logs and advise me on what to do next. The fate of my ignorance rests in thy able hands.

EDIT: IadHide5.dll is the name of the file which ComboFix found twice and deleted both times. I believe this is the source of the recurring adware problem, but I am unsure of how to make it permanently go away.


Many thanks in advance,
Sylphied


P.S.
I apologize if some (or all) of the information I provided is insufficient. I read over the "Before You Post About A Problem" thread for a good twenty minutes, but I'm certain that I may have made a few slip-ups somewhere.

Edited by Sylphied, 11 January 2010 - 05:38 PM.


BC AdBot (Login to Remove)

 


#2 Sylphied

Sylphied
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:26 AM

Posted 12 January 2010 - 07:06 PM

Update: I fixed the issue by uninstalling Firefox, along with its backup data, and then re-installing it. I haven't encountered any further problems since that point.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users