Loading...

Home > Pop Ups > Pop Ups - WinAntiVirusPro And Others - HELP PLEASE

Pop Ups - WinAntiVirusPro And Others - HELP PLEASE

So I have also been trying to figure out where that came from. O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe O8 - Extra context menu item: &Google Though we help people with spyware and viruses here at BC, we also help people with other computer problems! C:\Documents and Settings\Persnal\Cookies\[email protected][1].txt -> TrackingCookie.Reliablestats : Cleaned.

All Rights Reserved. Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cabO16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/install/AxCtp2.cabO16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cabO16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users. Attempting to delete C:\WINDOWS\system32\fwscjyjq.dll C:\WINDOWS\system32\fwscjyjq.dll Has been deleted! https://forums.techguy.org/threads/pop-ups-winantiviruspro-and-others-help-please.480871/

Attempting to delete C:\WINDOWS\system32\cdeeg.ini C:\WINDOWS\system32\cdeeg.ini Has been deleted! After researching the net for possible solutions, i found they are extremely difficult to remove. Antimalwaremalpedia Known threats:615,796 Last Update:February 21, 10:29 DownloadPurchaseFAQSupportBlogAbout UsQuick browseHow to Remove the CookieCompanion CookiesHow Did Cookie Appear?How to detect CookiePermanent Cookie BlockingScan Your PC!Testimonials I have had major computer issues So i went searching the locations and sure enough the files where there on my system.

  • As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged
  • Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List
  • Logfile of HijackThis v1.99.1 Scan saved at 8:44:24 AM, on 7/6/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\ZoneLabs\vsmon.exe
  • I was infected with the Darksma and Vundo downloader trojans.
  • Start here -> Malware Removal Forum.
  • Within 24 hours i received and email telling me they had updated there system and to download it.

Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O9 - Extra 'Tools' menuitem: Yahoo! You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 10 seconds. If you're not already familiar with forums, watch our Welcome Guide to get started. O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital

I downloaded Ad-Aware to remove the pop-ups but when i use it my computer shuts down then freezes with a message i can barely see "process terminated". Pool 2 - http://download.game...ts/y/potf_x.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=48835O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.micr...ActiveX/odc.cabO16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Join 91147 other members! Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.

Help would be greatly appreciated ... Since IE is a backup browser for me, I didn't sweat it too much initially. Click Save to File and save the log somewhere convenient. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.* Restart in Normal mode and please go HERE to run Panda's ActiveScanOnce

Thread Status: Not open for further replies. https://forums.whatthetech.com/index.php?showtopic=67685 Use your up arrow key to highlight SafeMode then hit enter. UPX! 9/11/2004 10:25:54 AM 27262976 C:\VIRTPART.DAT Checking %ProgramFilesDir% folder... this Topic is closed.

thanks Back to top #12 stonangel stonangel Members 595 posts OFFLINE Location:France Local time:11:49 AM Posted 03 November 2006 - 12:48 PM Your welcome * Please create a new restore C:\System Volume Information\_restore{E0C22EC0-D318-4D95-967D-A5C2B4653ED0}\RP193\A0023353.dllInfected! Terms of Use Privacy Policy Licensing Advertise International Editions: US / UK India Please click here if you are not redirected within a few seconds. I suddenly got one of those pop-up automatic installer, but I was able to cancel it...but I still some stuff got thru.

Please re-enable javascript to access full functionality. If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.   Thank you for your Want to help others? Several functions may not work.

It only appears when I use IE and when it appears is real random. C:\Documents and Settings\Persnal\Cookies\[email protected][1].txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.626:C:\Documents and Settings\Persnal\Application Data\Mozilla\Firefox\Profiles\yak2crab.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.627:C:\Documents and Settings\Persnal\Application Data\Mozilla\Firefox\Profiles\yak2crab.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.330:C:\Documents and Settings\Persnal\Application Data\Mozilla\Firefox\Profiles\yak2crab.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. It appears that you are infected with the Vundo trojan, which I'm pretty sure is causing the WinAntiVirus popups.

It is.

Consistently helpful members with best answers are invited to staff. From what I can see, my computer is clean...but it still get those random popups. Java version is 1.4.2.3 Java version is 1.4.2.6 Java version is 1.5.0.2 Scan started at 10:51:05 PM 10/2/2006 Listing files found while scanning.... Also, what programs can I use to completely prevent this from happening again.

Please re-enable javascript to access full functionality. Already have an account? THANK YOU SO MUCH. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged

Double click WinPFind.exe Click "Start Scan" It will scan the entire System, so please be patient and let it complete. The files will contain the Cookie: winantiviruspro.com element. Olivier Back to top #5 luismr74 luismr74 Topic Starter Members 10 posts OFFLINE Local time:01:49 AM Posted 31 October 2006 - 10:10 PM sorry Logfile of HijackThis v1.99.1Scan saved at C:\WINDOWS\system32\uwsefdeg.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Ignored. :mozilla.152:C:\Documents and Settings\Persnal\Application Data\Mozilla\Firefox\Profiles\yak2crab.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.153:C:\Documents and Settings\Persnal\Application Data\Mozilla\Firefox\Profiles\yak2crab.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.154:C:\Documents and Settings\Persnal\Application Data\Mozilla\Firefox\Profiles\yak2crab.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.155:C:\Documents and

C:\Documents and Settings\Persnal\Cookies\[email protected][2].txt -> TrackingCookie.Cpvfeed : Cleaned. C:\System Volume Information\_restore{E0C22EC0-D318-4D95-967D-A5C2B4653ED0}\RP197\A0025940.dllInfected! O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 Beginning removal...

Ask a question and give support. Look2Me-Destroyer will now shutdown your computer, click OK.Your computer will then shutdown.Turn your computer back on.Please post the contents of C:\Look2Me-Destroyer.txt and a new HiJackThis log.If Look2Me-Destroyer does not reopen automatically, Sign In Use Facebook Use Twitter Use Windows Live Register now! O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital

C:\WINDOWS\system32\drnwgrmt.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Ignored. link In the Privacy section, click Content settings Click All cookies and site data... Olivier Back to top #3 AMadison AMadison Topic Starter Members 3 posts OFFLINE Local time:05:49 AM Posted 25 October 2006 - 01:50 AM I don't quite understand what renaming the iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner

If you receive alerts from your firewall, allow all activities for Spy Sweeper) If you are taken to the internet page, just close the page.