clean up my pc, post av suite removal issues

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

clean up my pc, post av suite removal issues

Post by YarrowPyxie on Thu 05 Aug 2010, 3:25 pm

First topic message reminder :

ok so a while ago i got that stupid av security suite rogue everyone was getting. i got rid of most of the issues, but i still get pop ups and google redirects. i dealt with those but now i got banned from a site i use a lot because they said i tried to post a link, which i didnt so i think i got some left over issues. i'd just like to get these taken care of for piece of mind/make sure my pc is running smoothly. so please advise me on anything i need to download/post to get this all wrapped up! ty in advance

YarrowPyxie

Newbie Surfer
Newbie Surfer

Posts : 34
Joined : 2010-06-25
Operating System : windows xp professional, sp3

View user profile

Back to top Go down


Re: clean up my pc, post av suite removal issues

Post by YarrowPyxie on Wed 25 Aug 2010, 2:56 am

0EF24C9A;C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine;Adware.Cydoor;Incurable.Moved.;
14F5795F;C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine;Trojan.PurityAd.origin;Incurable.;
4B0859AE;C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine;Adware.Downware;;
4DD941E8;C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine;Adware.Cydoor;;
61D85676;C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine;Trojan.PurityAd.origin;Incurable.;
luhmmemtssd.exe.vir;C:\Qoobox\Quarantine\C\Documents and Settings\NetworkService\Local Settings\Application Data\ibncobaex;Probably Trojan.Packed.1435;;
A0279879.CPY;G:\_RESTORE\TEMP;Win32.HLLW.Agobot.50;Incurable.;
QMS.exe;G:\Program Files\Gilat\QMS;Probably DLOADER.Trojan;;
Srvany.exe;G:\Program Files\Flash Networks\NettGain2000\Bst;Program.SrvAny;;


i tried 'select all' then cure but it wouldnt let me. when i clicked select all the cure button was grayed out

YarrowPyxie

Newbie Surfer
Newbie Surfer

Posts : 34
Joined : 2010-06-25
Operating System : windows xp professional, sp3

View user profile

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by Sneakyone on Wed 25 Aug 2010, 1:25 pm

Hi.

Please go to command prompt and type: ipconfig /flushdns

Please tell me how this process goes, if you need any further assistance with this instructions please ask.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by YarrowPyxie on Thu 26 Aug 2010, 4:12 pm

flush thingy completed successfully. still having popups. i will run a full avg scan and post the results

YarrowPyxie

Newbie Surfer
Newbie Surfer

Posts : 34
Joined : 2010-06-25
Operating System : windows xp professional, sp3

View user profile

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by YarrowPyxie on Sun 29 Aug 2010, 2:23 pm

"Scan ""Scan whole computer"" completed."
"Infections";"9";"6";"3"
"Information";"1"
"Folders selected for scanning:";"Scan whole computer"
"Scan started:";"Friday, August 27, 2010, 1:05:31 AM"
"Scan finished:";"Friday, August 27, 2010, 2:02:19 AM (56 minute(s) 47 second(s))"
"Total object scanned:";"574522"
"User who launched the scan:";"Joe"

"Infections"
"File";"Infection";"Result"
"C:\WINDOWS\system32\wuauclt.exe (2484):\memory_001b0000";"Trojan horse Adload_r.AKC";"Object is inaccessible."
"C:\WINDOWS\system32\wuauclt.exe (2484)";"Trojan horse Adload_r.AKC";""
"C:\WINDOWS\System32\svchost.exe (1096):\memory_001a0000";"Trojan horse Adload_r.AKC";"Object is inaccessible."
"C:\WINDOWS\System32\svchost.exe (1096)";"Trojan horse Adload_r.AKC";""
"C:\WINDOWS\Explorer.EXE (1884):\memory_001a0000";"Trojan horse Adload_r.AKC";"Object is inaccessible."
"C:\WINDOWS\Explorer.EXE (1884)";"Trojan horse Adload_r.AKC";""
"C:\System Volume Information\_restore{9FDC2660-E1F6-4F49-BAF9-F2ED6652D570}\RP541\A0148810.exe:\ns_00014";"Virus found Win32/Heur";"Deleted"
"C:\System Volume Information\_restore{9FDC2660-E1F6-4F49-BAF9-F2ED6652D570}\RP541\A0148810.exe:\ns_00002";"Virus found Win32/Heur";"Deleted"
"C:\System Volume Information\_restore{9FDC2660-E1F6-4F49-BAF9-F2ED6652D570}\RP541\A0148810.exe";"Virus found Win32/Heur";"Deleted"

"Information"
"File";"Information";"Result"
"C:\Updates\WINXPDrivers\OfficeXP\oxpsp1.exe";"The file is signed with a broken digital signature, issued by: Microsoft Corporation.";""

YarrowPyxie

Newbie Surfer
Newbie Surfer

Posts : 34
Joined : 2010-06-25
Operating System : windows xp professional, sp3

View user profile

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by Sneakyone on Mon 30 Aug 2010, 12:10 pm

Hi.

Jotti File Submission:
  • Please go to Jotti's malware scan

  • Browse for the following file path for the "File to upload & scan" box on the top of the page:

    • C:\WINDOWS\SYSTEM32\svchost.exe
    • C:\Windows\system32\wuauclt.exe
    • C:\windows\explorer.exe


  • Click on the submit button

  • Please post the results (URL) in your next reply.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by YarrowPyxie on Mon 30 Aug 2010, 2:17 pm

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

still havin popups and redirects... this is getting ridiculous, right?

YarrowPyxie

Newbie Surfer
Newbie Surfer

Posts : 34
Joined : 2010-06-25
Operating System : windows xp professional, sp3

View user profile

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by Sneakyone on Thu 02 Sep 2010, 10:13 am

Hi.

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any
"<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by YarrowPyxie on Wed 15 Sep 2010, 3:26 pm

i'm having trouble with the gmer thing. i can get it to scan but when i try to save a log file my computer freezes

YarrowPyxie

Newbie Surfer
Newbie Surfer

Posts : 34
Joined : 2010-06-25
Operating System : windows xp professional, sp3

View user profile

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by Sneakyone on Thu 16 Sep 2010, 3:40 pm

Hi.

After you complete this, please trying running GMER.

To disable CD Emulation programs using DeFogger please perform these steps:
  1. Please download DeFogger to your desktop.
  2. Once downloaded, double-click on the DeFogger icon to start the tool.
  3. The application window will now appear. You should now click on the Disable button to disable your CD Emulation drivers
  4. When it prompts you whether or not you want to continue, please click on the Yes button to continue
  5. When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  6. If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.




I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: clean up my pc, post av suite removal issues

Post by Sponsored content Today at 6:09 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum