Multiple viruses and repeated IE popups

By jgunton ยท 7 replies
Oct 18, 2008
  1. Hello,

    Please find attached the 3 txt files from the scanning steps listed in the recommended "8 steps".

    I am unsure of what the next step is or if my computer is malware free at the moment.

    I have had the following problems:

    1. Repeated IE popups from sites that I do not wish to give advertising space to here.

    2. The repeated sound of windows clicking/opening when I am working on the laptop.

    3. Adware scans indicating that I have multiple viruses. I attempted to delete them all at once and was forced to use the backup restore function on my computer as it was so disruptive.

    Look forward to hearing from your site. Great work!



    Attached Files:

  2. kimsland

    kimsland Ex-TechSpotter Posts: 14,523

    You have Symantec AntiVirus and AVG8 AntiVirus installed at the same time !

    Here's my recommendation

    Uninstall both !
    By the way with Symantec AntiVirus, you need to check in Add\Remove programs after restart to confirm it's fully gone (which it won't be no doubt)
    You can also use the Norton Removal Tool too (which I would)

    Then at last when both Antivirus softwares are uninstalled (probably 3 restarts later !)

    Try Free Antivirus like Avast or Avira

    And then update the program definitions, and run a full scan
    That'll get anything remaining :)
  3. BillAllen55

    BillAllen55 TS Maniac Posts: 368

  4. Tedster

    Tedster Techspot old timer..... Posts: 6,000   +15

  5. momok

    momok TS Rookie Posts: 2,265

    Tedster: what's the point in keep directing users to these sites? The reason they come here is to seek some personalized advice as well as human feedback. We have some experienced volunteers who provide expert help here too.
    Besides, most of the time those sites don't help much at all (trust me I know).
  6. jgunton

    jgunton TS Rookie Topic Starter

    Thanks everyone- I have downloaded a CFP firewall and deleted all my Norton software.

    Repeated scanning is still showing occassional adware viruses. Is it safe to just quarantine and delete these files or should I be concerned about interference with key Windows software?

    Thanks for all your help,

  7. kimsland

    kimsland Ex-TechSpotter Posts: 14,523

    Repeated scanning with what? Which Antivirus or Malware program are you using?
    In most cases yes using a legitamit Virus\Malware removal tool and then Repairing or removing any found infected file is what the program has been made for (ie Yes proceed)

    Regarding Symantecs removal instructions. Yes a good idea to follow their comprehensive instructions and then download the Removal Tool:
    And then run it

    I would (I would at least run the tool, just to see if there is anything found and removed. Including turning off System Restore (as stated there)

    Symantec have hundreds of these removal tools (for different infections), which I have used on many occasions.
  8. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    I find most of their tools to be out of date. Vundo changes on a daily basis with new random names. As momok mentioned we have experienced volunteers and free tools to recommend that are also specialized for these infections.

    1) CFP is your firewall and though it does scan, it is not an antivirus program. It is there to manage your connections and ask permissions for program access.

    2) Install an anti-virus, provided you removed AVG and Norton as suggested above. I recommend Avira Antivir free which can be found in my signature - or Avast as posted above --> update it and run a scan. Remove anything found.

    3) Right click your antivirus program in your system tray and disable real time protection

    4) Download and Install SDFix
    • Download SDFix and save it to your Desktop.
    • Double click SDFix.exe and it will extract the files to %systemdrive%
      (Drive that contains the Windows Directory, typically C:\SDFix)

    Boot into Safe Mode
    • Restart your computer and start pressing the F8 key on your keyboard.
    • Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.

    Run SDFix
    • Open the extracted SDFix folder and double click RunThis.bat to start the script.
    • Type Y to begin the cleanup process.
    • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
    • Press any Key and it will restart the PC.
    • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
    • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    • Attach Report.txt back here

    5) [​IMG]Combofix
    • Download Combofix to your desktop.
    • Double click combofix.exe & follow the prompts.
    • A window will open with a warning.
    • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
    Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Combofix is a very powerful tool so please do NOT do anything without instruction

    Combofix will automatically save the log file to C:\combofix.txt

    6) Attach here:
    a)rapport.txt from sdfix
    c)fresh hijackthis scan ran after following everything else
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...