need help with pop ups and spyware

tvdavid

Prominent Member
Joined
Feb 20, 2006
Messages
4,382
Reaction score
510
Points
997
Location
North Essex
HI

The last week I have been getting loads of pop ups on my laptop.

It keeps telling me go to a web site and download adwareremover2007

I have tried running both adaware and Spy bot in safe mode but these will not remove it :mad:



 
Have you the latest updates for adaware and spybot installed, does spybot report anything from a scan?
 
Also, you seem to be using Windows XP, but you aren't using IE7, have you installed all the Windows updates?
 
Also, you seem to be using Windows XP, but you aren't using IE7, have you installed all the Windows updates?

I will do a scan on Spybot and post the report up.

Also my laptop is going very very slow and the sound keeps cutting out and stuttering.

I am defragging my hard drive to see if it makes it better.

I cannot seem to find AdwareRemover 2007 in the remove Programs.
 
Download HiJackThis, run it and post the log here.
 
You are infected. once you have it cleaned up you also have to close the door the infection used to gain entry.
Disable unrequested pop-ups in your browser(s), view mail as plain text not HTML. seriously consider Firefox and Thunderbird.
Disable java in your Browser(s)

Other things to do as well, plenty of posts about it on here.
 
Download HiJackThis, run it and post the log here.

Ive updated to IE 7 but the pop ups are still there.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:46:39, on 05/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\svchost.exe
C:\acer\epm\epm-dm.exe
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\David\My Documents\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: BDEX System - {C4248759-304D-477D-A1B3-F706CF99756D} - D:\WINDOWS\domnftwlvq.dll
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1197560354023
O21 - SSODL: bvtqfvx - {C37B207D-DBEF-47FF-ABBB-DB51766AFE80} - D:\WINDOWS\bvtqfvx.dll (file missing)
O21 - SSODL: alxvdvm - {72E3EBF4-DD49-4102-AF94-BFD51D8B86BC} - D:\WINDOWS\alxvdvm.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - D:\WINDOWS\system32\OOD2000.exe

--
End of file - 3573 bytes
 

The latest video from AVForums

TV Buying Guide - Which TV Is Best For You?
Subscribe to our YouTube channel
Back
Top Bottom