I had to put my Hijack and ewido logs as attachments, they were too long and i couldn't shorten them.
Thanks in advance
 |
 |
 |
 |
|
|||||||
| [Fixed] Hijackthis! Logs - [Fixed] Adware please help! posted in the Security & Safety forums; I keep having a Server busy message come up and when it goes away a pop up advertisement (or more) comes up in Internet explorer (my default browser is Firefox ... |
|
09-18-2006
|
#1 |
|
Bronze Member
 Join Date: Sep 2006
Location: East New Market, Maryland
Posts: 11
|
[Fixed] Adware please help!
I keep having a Server busy message come up and when it goes away a pop up advertisement (or more) comes up in Internet explorer (my default browser is Firefox though). It keeps coming up and I'm trying to get rid of it, but it seems to be coming back. I believe the dll file is mvbs.dll, but i don't know where to find it. i've ran Windows defender, and avg and they both detected nothing. Help would be greatly appreciated.
I had to put my Hijack and ewido logs as attachments, they were too long and i couldn't shorten them. Thanks in advance
|
|
|
| Advertisement - Register to Remove | |
|
|
09-18-2006
|
#2 |
|
Elite Member
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,025
|
Hya xmetalxheartsx_, welcome to PCHF.
First look in your add/remove programs for any of these: Ezula popupwithcast Oin OuterInfo Yazzle by OIN Cowabanga by OIN PuritySCAN By OIN Snowballwars by OIN ipwins Zolero Tizzletalk MediaTickets Forethought Quicklinks PSLister or anything similar with Oin or Outerinfo in it. If any of those names are found, click on it, and click remove. Reboot and delete this folder if found: C:\Program Files\PurityScan If not listed, download and run this uninstaller: http://www.outerinfo.com/OiUninstaller.exe Tutorial for the uninstaller if needed: Uninstaller Reboot when done and delete this folder if found: C:\Program Files\PurityScan Run HijackThis , select to do a "system scan only" and then place a check beside each of the following: (if still present)
Then manually delete these files and folders if present: C:\WINDOWS\system32\mvbs.dll C:\WINDOWS\system32\nsyB8.dll C:\program files\popupwithcast C:\Documents and Settings\Amanda\Local Settings\Temp\pre.exe C:\Documents and Settings\Amanda\Local Settings\Temp\mma.chm After that reboot your pc, and post a new HijackThis log please. And do you know these yourself: O3 - Toolbar: 977 Music Toolbar - {e63ee7fe-8e20-48fd-91d2-99e179860d38} - C:\Program Files\977_Music\tb977_.dll and: C:\Program Files\Evrsoft First Page 2006\Iscripts\Page Details\crazy-window.izs -> Not-A-Virus.BadJoke.JS.RJump : No action taken.
__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -  - Online AV Scans - HijackThis! - Bootdisk.com - ATF-Cleaner - Stinger - 'Prework' - 'Afterwork' - PCHF Rules - |
|
|
|
|
09-18-2006
|
#3 |
|
Bronze Member
Join Date: Sep 2006
Location: East New Market, Maryland
Posts: 11
|
Only one i found and removed was MediaTickets. i deleted the popupwithcast folder the night i got infected, which was Saturday night. The Purityscan folder wasn't found at all.
I know this is .... O3 - Toolbar: 977 Music Toolbar - {e63ee7fe-8e20-48fd-91d2-99e179860d38} - C:\Program Files\977_Music\tb977_.dll But i don't know what this is. C:\Program Files\Evrsoft First Page 2006\Iscripts\Page Details\crazy-window.izs -> Not-A-Virus.BadJoke.JS.RJump : No action taken. Ran another hijack log and here it is
|
|
|
|
|
09-19-2006
|
#4 |
|
Elite Member
Join Date: Jun 2005
Location: Netherlands
Posts: 9,025
|
You can delete this folder:
(in safemode if needed) C:\Program Files\Evrsoft First Page 2006 Then open HijackThis, click Config, click Misc Tools Click "Open Uninstall Manager" Click "Save List" (generates uninstall_list.txt) Click Save, and copy and paste the results in your next post please.
__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! - - Online AV Scans - HijackThis! - Bootdisk.com - ATF-Cleaner - Stinger - 'Prework' - 'Afterwork' - PCHF Rules - |
|
|
|
|
09-19-2006
|
#5 |
|
Bronze Member
Join Date: Sep 2006
Location: East New Market, Maryland
Posts: 11
|
I've deleted the folder...
Here is the list that was made. 977 Music Toolbar Ad-Aware SE Personal Adobe Flash Player 9 ActiveX Adobe Reader 6.0.1 Adobe Shockwave Player AOL Uninstaller (Choose which Products to Remove) ArcSoft Software Suite Athlon 64 Processor Driver ATI Control Panel ATI Display Driver AVG Free Edition Boggle Supreme from Hewlett-Packard Laptops (remove only) Chatango Message Catcher Conexant AC-Link Audio Core FTP LE 1.3c Crystal Maze from Hewlett-Packard Laptops (remove only) Customer Experience Enhancement dBpowerAMP Music Converter ewido anti-spyware 4.0 Eye Candy 3 Eye Candy 4000 Demo Faerie Bubbles Screen Saver FATE from Hewlett-Packard Laptops (remove only) Filetopia Client v3.04d Final Drive Nitro from Hewlett-Packard Laptops (remove only) Firefox Windows Media Player XPI Flexbeta Firetweaker Flickr Uploadr 2.3 Flip Words from Hewlett-Packard Laptops (remove only) Form Fill (Windows Live Toolbar) Free WMA to MP3 Converter 1.16 Google Toolbar for Internet Explorer Happy Chia Screen Saver HijackThis 1.99.1 HijackThis 1.99.1 Hotfix for Windows XP (KB896256) Hotfix for Windows XP (KB914440) Hotfix for Windows XP (KB915865) HP DVD Play 2.0 HP Game Console and games HP Help and Support HP Imaging Device Functions 6.0 HP Photosmart Cameras 4.5 HP Photosmart Premier Software 6.0 HP Rhapsody HP Software Update HP User Guides 0025 HP User Guides--System Recovery HP Wireless Assistant 2.00 C1 ICQ 5.1 ImageMap Applet Builder iMesh Insaniquarium Deluxe from Hewlett-Packard Laptops (remove only) iTunes J2SE Runtime Environment 5.0 Update 6 Jewel Quest from Hewlett-Packard Laptops (remove only) Last.fm 1.0.6 Lemonade Tycoon 2 from Hewlett-Packard Laptops (remove only) Lexibox Deluxe from Hewlett-Packard Laptops (remove only) Logitech Desktop Messenger Logitech Print Service Logitech QuickCam Software Logitech® Camera Driver Logo Snow Fall Screen Saver Mah Jong Quest from Hewlett-Packard Laptops (remove only) Map Button (Windows Live Toolbar) Matrix Y2K Website Studio 2005.SE Messenger Plus! 3 Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft Money 2006 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft Windows Journal Viewer Microsoft Works Mozilla Firefox (1.5.0.7) muvee autoProducer 4.5 MySpaceIM Neopets Netscape Browser (remove only) Norton Spyware Scan provided by Yahoo! Oasis from Hewlett-Packard Laptops (remove only) Office 2003 Trial Assistant OneCare Advisor (Windows Live Toolbar) Paint Shop Pro 7 ESD Picasa 2 Polar Bowler from Hewlett-Packard Laptops (remove only) Polar Golfer from Hewlett-Packard Laptops (remove only) Popup Blocker (Windows Live Toolbar) PSPad editor Puzzle Express from Hewlett-Packard Laptops (remove only) Quick Launch Buttons 5.20 G1 Quicken 2006 QuickTime RealPlayer SCRABBLE from Hewlett-Packard Laptops (remove only) Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901190) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB903235) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB916281) Security Update for Windows XP (KB917159) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921883) Security Update for Windows XP (KB922616) Serif PhotoPlus 6.0 Skype 2.5 Slingo Deluxe from Hewlett-Packard Laptops (remove only) Slyder from Hewlett-Packard Laptops (remove only) Smart Menus (Windows Live Toolbar) Snowboard SuperJam Soft Data Fax Modem with SmartCP Sonic Audio Module Sonic Copy Module Sonic Data Module Sonic Express Labeler Sonic MyDVD Plus Sonic Update Manager SoulSeek Client 157 test 8 Spybot - Search & Destroy 1.4 SpywareBlaster v3.5.1 StuffPlug-NG (Messenger Plus! Plugins) Super Granny from Hewlett-Packard Laptops (remove only) Switch Uninstall Synaptics Pointing Device Driver Texas Instruments PCIxx21/x515/xx12 drivers. TopStyle Lite (Version 3.0) TourSetup Trillian Update for Windows XP (KB894391) Update for Windows XP (KB896727) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB904942) Update for Windows XP (KB908531) Update for Windows XP (KB910437) Update for Windows XP (KB911280) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) URGE WildTangent Web Driver Winamp (remove only) Windows Defender Windows Defender Signatures Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Beta 3 Windows Live Favorites for Windows Live Toolbar Windows Live Messenger Windows Live Outlook Toolbar (Windows Live Toolbar) Windows Live Safety Scanner Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Toolbar Windows Live Toolbar Extension (Windows Live Toolbar) Windows Live Toolbar Feed Detector (Windows Live Toolbar) Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows XP Hotfix - KB873333 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB883667 Windows XP Hotfix - KB884575 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885464 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB885855 Windows XP Hotfix - KB885884 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888239 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB888402 Windows XP Hotfix - KB889673 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 Windows XP Hotfix - KB892559 Wireless Home Network Setup Yahoo! Browser Services Yahoo! Install Manager Yahoo! Internet Mail Yahoo! Messenger Yahoo! Music Engine Yahoo! Toolbar for Internet Explorer Last edited by xmetalxheartsx_; 09-19-2006 at 07:03 PM. |
|
|
|
|
09-21-2006
|
#6 |
|
Elite Member
Join Date: Jun 2005
Location: Netherlands
Posts: 9,025
|
Let's see if Combofix gets the remaining Purityscan entrys:
1. Download this file - combofix.exe 2. Double click combofix.exe & follow the prompts. 3. When finished, it shall produce a log for you. Post that log in your next reply along with new HJT log please. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall
__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! - - Online AV Scans - HijackThis! - Bootdisk.com - ATF-Cleaner - Stinger - 'Prework' - 'Afterwork' - PCHF Rules - |
|
|
|
|
09-21-2006
|
#7 |
|
Bronze Member
Join Date: Sep 2006
Location: East New Market, Maryland
Posts: 11
|
Done and done
|
|
|
|
|
| Bookmarks |
| Tags |
| adware, fixed |
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
