TechSpot

Logs for cid pop up removal

By adds416
Jul 20, 2008
  1. raybay

    raybay TS Evangelist Posts: 7,241   +9

    Run Antivir Antivirus free download, free MBam MalwareBytes, free SuperAntiSpyware, and free Adaware 2008
    Then reboot, and run the free scan of Spyware Doctor 5.5...
    Then decide it it is worth it to you to pay the $25 to buy it, as it is very good for this infestatioin.
    But I think the other stuff will get rid of it for you.
     
  2. raybay

    raybay TS Evangelist Posts: 7,241   +9

    At the end of this, run the free HiJack This, and ComboFix, and post their logs here if the problem continues.
     
  3. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +183

  4. adds416

    adds416 TS Rookie Topic Starter

    I have tried SuperAntispyware, SpywareDoctor, Mcfee virus scan, HijackThis, Combofix, and NoLop. The cid popups is still coming after I have used all these softwares. There must be another way than just scanning, because it seems that it's not doing anything, such as maybe manually delete some files or something.
     
  5. adds416

    adds416 TS Rookie Topic Starter

  6. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +183

    Check the following in HijackThis output
    • O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    • O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    • O4 - HKLM\..\Run: [BOOK BITS GRID FORD] "C:\Documents and Settings\All Users\Application Data\Mapi Meta Book Bits\CURB SKIP.exe"
    • O4 - HKCU\..\Run: [cake grim] C:\DOCUME~1\Harshil\APPLIC~1\UPLOAD~1\name noun.exe

    Then click Fix Checked and restart computer. Those last two items look like trouble to me. Report back. If still problems i would also suggest Autoruns (see below) and Hijackthis again

    1. Download/run Autoruns
    2. Start Autoruns but hit Escape immediately to stop the scan
    3. Click to set (turn on) Options -> Verify Code Signatures and Options -> Hide Microsoft Entries
    4. File -. Refresh to restart the scan. Look in lower left of the window for scan status
    5. When scan is done, File -> Save As to save it as a text file. Post the file to the thread
     
  7. adds416

    adds416 TS Rookie Topic Starter

    Grrr. I give up. I still see the cid popup ads. There is just one thing left to do, I will have to format the system. This may be my last post. It was nice working with all of them.
     
  8. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +183

    Please post the Autoruns scan.

    The infection is clearly "regenerating" itself so it's starting somewhere. Autoruns will give me a look at everything without a digital signature and not from Microsoft. Can help to find the real source.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...