Page 1 of 6 123 ... LastLast
Results 1 to 10 of 56
  1. #1
    Member dentalgal's Avatar
    Join Date
    Jun 2004
    Posts
    276
    Points
    2

    Default help with popups

    the last few days popups have been coming up like crazy..as soon as I get onto IE they start to pop up...the name of them are CID and gaming site and brain quiz among others..I have done hijack this and done the appropriate clean up recommended...I have run the AVG and also blocked the popups from the tool bar..any suggestions?? do I have a virus or something??

  2. #2
    Administrator Help2Go Administrator Canuck's Avatar
    Join Date
    May 2003
    Location
    Edmonton, Alberta, Canada
    Posts
    9,817
    Points
    2034

    Default

    Have you run Ccleaner? Do so, it will get rid of temp internet files.


  3. #3
    Member dentalgal's Avatar
    Join Date
    Jun 2004
    Posts
    276
    Points
    2

    Default

    Hi, I have tried to use the Ccleaner and still the popups come up..the computer is also doing this whirling sound...

  4. #4
    Member
    Join Date
    Dec 2008
    Posts
    60
    Points
    9

    Default

    Yep, you are infected all right. I have no idea on the noise. PC's should be pretty quite, but if they are making a click-click type noise could be a failing hard drive.

  5. #5
    Member
    Join Date
    Dec 2008
    Posts
    60
    Points
    9

    Default

    I could add probably another 5000 to the above list, from just what I have stored on my PC.

    I think they need to post a HJT in the other forum for starters

  6. #6
    Member
    Join Date
    Dec 2008
    Posts
    60
    Points
    9

    Default

    zep516:

    Not saying you are wrong, just not sure where you got this list from is all.

    Can you reference as to where you came up with it?
    Last edited by Tinkerboy; 10-29-2009 at 10:09 PM.

  7. #7
    Member
    Join Date
    Dec 2008
    Posts
    60
    Points
    9

    Default

    Any time

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    I have deleted my posts the user should probably as indicated go to spyware and post a log.

  9. #9
    Member dentalgal's Avatar
    Join Date
    Jun 2004
    Posts
    276
    Points
    2

    Default he is a log from Malwarebytes

    Malwarebytes' Anti-Malware 1.41
    Database version: 3062
    Windows 5.1.2600 Service Pack 3

    30/10/2009 5:08:46 PM
    mbam-log-2009-10-30 (17-08-46).txt

    Scan type: Quick Scan
    Objects scanned: 141831
    Time elapsed: 15 minute(s), 2 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 24
    Registry Values Infected: 2
    Registry Data Items Infected: 2
    Folders Infected: 8
    Files Infected: 25

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Base frag grid bows (Trojan.Agent) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts\Data\HP_Administrator (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Mike Baldock\Application Data\Windows Protection Suite (Rogue.WindowsProtectionSuite) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\WINSPSys (Rogue.WindowsProtectionSuite) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Adware_LOG (Malware.Trace) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrator\Application Data\FunWebProducts\Data\HP_Administrator\avatar.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Mike Baldock\Application Data\Windows Protection Suite\Instructions.ini (Rogue.WindowsProtectionSuite) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\WINSPSys\winps.cfg (Rogue.WindowsProtectionSuite) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\install.ico (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\toolbar.ini (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\uninstall.exe (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\newgames3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\topten2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\topten3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\topten4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\topten5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Program Files\bfgtoolbar\Cache\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
    C:\Adware_LOG\adware.log (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Adware_LOG\send.log (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Mike Baldock\Start Menu\Programs\Windows Protection Suite.lnk (Rogue.WindowsProtectionSuite) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Mike Baldock\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Protection Suite.lnk (Rogue.WindowsProtectionSuite) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Mike Baldock\Start Menu\Windows Protection Suite.lnk (Rogue.WindowsProtectionSuite) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\Cast ping base frag\grim meal.exe (Trojan.Agent) -> Delete on reboot.

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    Hi, dentalgal

    We wanted you to post in spyware. That's ok there busy over there. I can provide some assistance please see below:

    Super antispyware instructions

    Run this also SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! again per instruction below post the log please.

    Under Configuration and Preferences
    click the Preferences button.
    Click the Scanning Control tab.
    Under Scanner Options make sure the following are checked (leave all others unchecked): Close browsers before scanning.
    a- Scan for tracking cookies.
    b- Terminate memory threats before quarantining.
    c- Click the Close button to leave the control center screen.
    Back on the main screen, under Scan for Harmful Software click Scan your computer.
    On the left, make sure you check C:\Fixed Drive.
    On the right, under Complete Scan choose Perform Complete Scan.
    Click next to start the scan. Please be patient while it scans your computer.
    After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click OK.

    Make sure everything has a checkmark next to it and click Next.

    A notification will appear that Quarantine and Removal is Complete Click OK and then click the Finish button to return to the main menu.
    If asked to reboot, click Yes.

    To retrieve the removal information after reboot, launch SUPERAntispyware again.


    Then

    Uninstall list hijackthis instruction
    Double click the hijackthis Icon on the Desktop, Scroll down to ‘’Open the Misc Tools section” Click it at the bottom under System tools click “Open Uninstall Manager” over to the right click “Save List” Save it to your Desktop so you may find it, copy and paste it in your next reply..

    Post a SuperAntiSpyware log.
    Post a Hijackthislog
    Post the uninstall list.
    Last edited by zep516; 10-30-2009 at 05:13 PM.

Page 1 of 6 123 ... LastLast