«
»

Popup virus cant find it?

Published February 15, 2010 | By admin
tjm8739 asked:


Well i currently tried to download a file of the internet and got a huge virus off of it. I have Norton antivirus 2008 and it only blocked the trojans attempting to attack. It didn’t block or delete any of the spyware/malware that came along with it. I delete MicroAV off pc along with some of the registry keys of it i could find. But….i still am getting redirected to virus sites and keeps trying to attack. i have no clue at all how to fix this. I have run norton full scan,AVG full scans, and plenty other scans off trusted sites. Ill post my hijack this log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:23:40 AM, on 10/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\user\Desktop\HiJackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 – Toolbar: eBay Toolbar – {92085AD4-F48A-450D-BD93-B28CC7DF67CE} – C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O4 – HKLM\..\Run: [VTTimer] VTTimer.exe
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 – HKLM\..\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 – HKLM\..\Run: [osCheck] “C:\Program Files\Norton AntiVirus\osCheck.exe”
O4 – HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe”
O4 – HKLM\..\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O8 – Extra context menu item: eBay Search – res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 – Extra button: Yahoo! Services – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 – Extra button: Real.com – {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} – C:\WINDOWS\system32\Shdocvw.dll
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messe

Caffeinated Content – Members-Only Content for WordPress

Posted in Registry Cleaners

7 Responses to Popup virus cant find it?

  • Anthony says:
    February 17, 2010 at 9:15 pm

    Kansieo.com

    Download and run Smitfraudfix

  • bogdan.tomasciuc says:
    February 20, 2010 at 1:57 am

    Caffeinated Content

    Make sure your internet explorer settings are ok.
    Check the registry for the website you are being redirected to and delete the entries.

    Use gpedit.msc and see if you find something suspicious there.
    Run a scan in safe mode. Run Lavasoft’s Adaware to scan for adware software.

    Good luck.

  • JA12 says:
    February 23, 2010 at 9:37 am

    Kansieo.com

    You need to install Spybot.

    Norton is just an Antivirus and a so-so Firewall, -if- you enable it.

  • big_casino68 says:
    February 24, 2010 at 4:11 pm

    Caffeinated Content

    go to google. type in, avg it’s a free anti-virus protection, when you down load it, scan your pc. it will take care of them dang popups. have a nice day.

  • DUNBAR PAPPY says:
    February 27, 2010 at 11:56 am

    Kansieo.com

    Aside from removing what’s been already installed on your system, you really should turn off 3rd party cookies. this keeps un-requested cookies from being displayed in your browser.
    In browser (both IE and Firefox) go to Tools>Internet Options>Privacy>Advanced; here check ‘Override automatic….’ ‘Allow session cookies’ ‘Allow 1st party cookies’ & Block 3rd Party Cookies.
    Junk embedded into your system will have to be extracted with Spybot, Ad Aware, and all available cleaners. Good luck.

  • SecurityExpert says:
    February 28, 2010 at 2:16 am

    registrybooster

    Your computer is infected with rogue software. Download and run rogue antispyware removal tool from to remove the rogue software from the computer.

  • Sly_Old_Mole says:
    February 28, 2010 at 3:05 am

    Caffeinated Content

    1. you can only run one AV – Norton or AVG – delete one.
    2 download the following & update them:
    3. update AV.
    4 boot in safe mode run malwarebytes, superantispyware & then your AV.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <font color="" face="" size=""> <span style="">

Link Partners

Home | Contact | Disclaimer | About Us | Privacy Statement
Copyright © SmartSoftwareReview.com • All Rights Reserved.
Disclosure: The website owner makes a commission if you decide to purchase any product recommended on this page.

Powered by WordPress and WordPress Theme created with Artisteer.