Lately my computer has been running slower especcially when on the internet and I have been getting frequent pop-ups which I never got before. I think this might be caused by Ad-Ware, I have run scans with Spybot S&D and Ad-Aware and deleted what the searches has come up with but the problem persists. Does anyone know what i can do to fix this?
Possible Ad-Ware?
- Thread starter Sabin07
- Start date
- Status
kitty500cat
Posts: 1,391 +6
It is quite possible that you are infected with some kind of adware or spyware. Please do the following, which will enable us to see if your computer is infected.
Go and read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread, only after doing the above. Also post here the results of the AVG Antirootkit scan.
Regards
This thread is for the use of Sabin07 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
Go and read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread, only after doing the above. Also post here the results of the AVG Antirootkit scan.
Regards
This thread is for the use of Sabin07 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
Ok, I followed the instructions the best I could but I had a few problems the online virus scanner didnt load so as of the instructions I skipped that part. Also in step 10 tool1 the smitfraudfix didnt work, the program just loaded to all black instead of the blue with writing that was shown on the screenshots on the webpage. the AVG anti-rootkit scan didnt work I followed the instructions and the scan worked but when it got to 91% done it just stopped making anymore progress I let it go for approximately 40 minutes but it just stayed at 91%.
kitty500cat
Posts: 1,391 +6
Your system is infected.
Very Important: Malware infections can lead to identity theft, loss of funds from bank accounts, misuse of credit card information, etc since they can send sensitive information from your computer to their creators. Please read this thread before deciding what course of action to take regarding your infection.
Please read the above thread and let me know what you decide.
Regards
This thread is for the use of Sabin07 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
Very Important: Malware infections can lead to identity theft, loss of funds from bank accounts, misuse of credit card information, etc since they can send sensitive information from your computer to their creators. Please read this thread before deciding what course of action to take regarding your infection.
Please read the above thread and let me know what you decide.
Regards
This thread is for the use of Sabin07 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
On, Second thought, how much of a risk would it be if I was to copy my games saved files onto a flash drive and then reformat my computer and put my files back onto my computer after the reformatting? Because thats the only thing on my computer im worried about losing if I reformat
kitty500cat
Posts: 1,391 +6
Copying game files shouldn't matter; just be sure you can still use them after you reformat. You shouldn't back up Microsoft Word or Excel files, however, as some viruses infect them, and then opening them would just reinfect your computer.
Cleaning your computer shouldn't be too hard either; please let me know once you decide what to do.
Regards
This thread is for the use of Sabin07 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
Cleaning your computer shouldn't be too hard either; please let me know once you decide what to do.
Regards
This thread is for the use of Sabin07 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
almcneil
Posts: 1,236 +1
If spyware symptoms persist after running multiple anti-spyware utilities, I perform a repair installation. Although the utilities can remove the spyware, there may still be corruption in the Windows system files. In most cases, a repair installation utility in the installation can fix this.
First, I recommend you run at least 3 anti-spyware utilities. The ones I recommend to my customers are:
All are free and can be downloaded over the Internet. Also, you may want to re-run them in Safe Mode as some spyware hide behind Windows security features. In Safe Mode, these security features are removed or relaxed and the spyware can then be detected and removed.
Once you're sure that your system is free of spyware, then boot from the installation CD and select the repair feature (Note: the first repair feature is Recovery Console, skip that one, it's the second repair utility you want.)
First, I recommend you run at least 3 anti-spyware utilities. The ones I recommend to my customers are:
- Ad-Aware 2007
- Spybot Search & Destroy
- AVG Anti-spyware
All are free and can be downloaded over the Internet. Also, you may want to re-run them in Safe Mode as some spyware hide behind Windows security features. In Safe Mode, these security features are removed or relaxed and the spyware can then be detected and removed.
Once you're sure that your system is free of spyware, then boot from the installation CD and select the repair feature (Note: the first repair feature is Recovery Console, skip that one, it's the second repair utility you want.)
momok
Posts: 2,127 +6
Hi,
You are running an outdated version of HijackThis.
You can obtain the latest version from the link in my signature.
Please run through our Viruses/Spyware/Malware, preliminary removal instructions again and complete steps 4,5, and 11-15 again.
Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread. Do not copy and paste your logs if not it will be ignored and/or removed.
Also, please let me know the results of the AVG Antirootkit scan
Regards,
Your friendly momok =)
This thread is for the use of Sabin07 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
You are running an outdated version of HijackThis.
You can obtain the latest version from the link in my signature.
Please run through our Viruses/Spyware/Malware, preliminary removal instructions again and complete steps 4,5, and 11-15 again.
Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread. Do not copy and paste your logs if not it will be ignored and/or removed.
Also, please let me know the results of the AVG Antirootkit scan
Regards,
Your friendly momok =)
This thread is for the use of Sabin07 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
momok
Posts: 2,127 +6
Hi,
Download the attached "CFScript.txt" (from my attachment) and save it to the same folder as Combofix.
You may wish to copy and paste these instructions on notepad for easier reference later.
Boot into safe mode under your normal user name. See how HERE
Next turn on "Show all files and folders, including hidden and system". See how HERE
Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread.
Regards,
Your friendly momok =)
This thread is for the use of Sabin07 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Download the attached "CFScript.txt" (from my attachment) and save it to the same folder as Combofix.
You may wish to copy and paste these instructions on notepad for easier reference later.
Boot into safe mode under your normal user name. See how HERE
Next turn on "Show all files and folders, including hidden and system". See how HERE
- Please, run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ichoice.ns.ca/
O2 - BHO: (no name) - {8e96c9e5-2b93-4133-bf48-0c50a8a28081} - C:\WINDOWS\system32\dinECD.dll
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\tmpD1.tmp.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\dinECD.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\dinECD.dll
O20 - AppInit_DLLs: c:\windows\system32\ddcywwx.dll
O20 - Winlogon Notify: cnetenh - C:\WINDOWS\SYSTEM32\cnetenh.dll
O20 - Winlogon Notify: dinECD - C:\WINDOWS\SYSTEM32\dinECD.dll
Close HJT.
- Referring to the image below, drag the CFScript.txt that you downloaded earlier over on to Combofix.exe and release.
This will ask Combofix to execute the instructions within my file. Let Combofix run normally and do its job. Attach the resultant log in your reply.
- Reboot into normal mode and rehide your protected OS files.
Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread.
Regards,
Your friendly momok =)
This thread is for the use of Sabin07 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
almcneil
Posts: 1,236 +1
Sabin,
Just got back online after a few days. I agree, always try to save your installation over a reformat & re-install!
Did you try running Ad-Aware 2007 and Spybot Search & Destroy as I suggested? If not, they are free and can be downloaded over the Internet.
If you have, then try an XP repair installation.
Just got back online after a few days. I agree, always try to save your installation over a reformat & re-install!
Did you try running Ad-Aware 2007 and Spybot Search & Destroy as I suggested? If not, they are free and can be downloaded over the Internet.
If you have, then try an XP repair installation.
kitty500cat
Posts: 1,391 +6
Run HijackThis and do a system scan. Place a check in the box next to the following entries (if there):
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - [http]www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O20 - Winlogon Notify: dinECD - dinECD.dll (file missing)
Then close all open programs except HJT. Click the Fix Checked button. Wait until it's done fixing; then close HJT.
Other than that, your logs look clean.
Delete all files in AVG Anti-Spyware Quarantine folder (located in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine).
Turn off system restore. See how HERE.
This will remove all your old system restore points and any nasties hiding in them.
After that turn system restore back on.
This will create a new, clean restore point for your system.
An infection can often occur again not due to the incompetence of programs, but because of user habits.
May I recommend you to read this article. This can help to prevent future infections.
Should you have further virus/spyware problems, please post in this thread.
Regards
This thread is for the use of Sabin07 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - [http]www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O20 - Winlogon Notify: dinECD - dinECD.dll (file missing)
Then close all open programs except HJT. Click the Fix Checked button. Wait until it's done fixing; then close HJT.
Other than that, your logs look clean.
Delete all files in AVG Anti-Spyware Quarantine folder (located in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine).
Turn off system restore. See how HERE.
This will remove all your old system restore points and any nasties hiding in them.
After that turn system restore back on.
This will create a new, clean restore point for your system.
An infection can often occur again not due to the incompetence of programs, but because of user habits.
May I recommend you to read this article. This can help to prevent future infections.
Should you have further virus/spyware problems, please post in this thread.
Regards
This thread is for the use of Sabin07 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
momok
Posts: 2,127 +6
Hi,
Your log is clean. Should you have any further problems please feel free to post back in this thread.
Regards,
Your friendly momok =)
This thread is for the use of Sabin07 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your log is clean. Should you have any further problems please feel free to post back in this thread.
Regards,
Your friendly momok =)
This thread is for the use of Sabin07 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
Latest posts
-
Amazon denies reports it started a business just to spy on rivals
- anastrophe replied
-
New Affordable AMD B650 Motherboard Roundup- Steve replied
