Posts by kylethedarkn

Ok for some reason Ewido Ignored deleting the folowing file. Plz delete in safe mode.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll

Also explorer.exe is what the task bar at the bottom of the screen runs ons. The desktop also runs off it so i recommend openning HJT then ending explorer.exe. Then start explorer.exe back up using task manager and then posting the contents of the log here.

Ping.exe is a valid process but jvaw~1.exe is not so lets get started.

First run HJT and check the following.
O4 - HKCU\..\Run: [Dzqn] C:\Documents and Settings\Family\My Documents\??stem\?ttrib.exe
O20 - AppInit_DLLs: arpa.dll mmc.dll rundll.dll C:\WINDOWS\system32\arpa.dll
Close all other windows and click fix checked.

Reboot to safe mode by tapping the F8 key during startup.
Delete the following files and folders.
C:\Documents and Settings\Family\My Documents\??stem\?ttrib.exe
C:\Documents and Settings\Family\My Documents\??stem
C:\WINDOWS\system32\arpa.dll
C:\WINDOWS\SYSTEM32\JVAW~1.EXE
Reboot Normally and reply with any problems that still exist. Also post a new HJT log.

Plz Rescan while in regular mode. Then the HJT log will list the malicious processes.

Also try the Ewido Scanner which you can download here.
Run Ewido in safe mode then switch to regular mode and run HJT.

• Install ewido security suite
• When installing, under "Additional Options" uncheck..
  • Install background guard
  • Install scan via context menu
• Launch ewido, there should be an icon on your desktop, double-click it.
• The program will now open to the main screen.
• When you run ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.
• You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click Update.
  • Then click on Start Update.
• The update will start and a progress bar will show the updates being installed. The status bar at the bottom will display "Update successful"
• Click on Scanner
• Click on Complete System Scan and the scan will begin.
• You will be prompted to clean the first infection.
• Select "Perform action on all infections", then proceed.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop or a location where you can find it easily.

Post the Ewido log with the new HJT log.

Plz download HJT from here.

After you download the zip extract the contents to a permanent folder such as C:\HJT or something similar.

Run the program and scan your computer. It will come up with alot of entries.(don't fix anything yet) There should be a save log option. It will save a log of the scan.

Post the HJT log in your next reply.

Plz download HiJackThis from here.

After you download the zip extract the contents to a permanent folder such as C:\HJT or something similar.

Post the HJT log in your next reply.

Nevermind then with that HJT log.

I'm pretty sure that just means that the file had something attached to it thats extra but the computer can't support it. But just in case download HJT and run it. Post the log back here. (don't fix anything yet)

Plz download HJT from here.
Extract the content to a permanent folder such as C:\HJT or something similar. Run the program. Choose the option to scan your computer. When it finishes there should be an option that says save log. This will save the log and open up a notepad file. Copy and paste the contents in your next post.

This log appears to be clean. Are you still expiriencing any problems?

Ok.

First I would like you to download ewido security suite from here.

1. Install ewido anti-malware
2. When installing, under "Additional Options" uncheck..
   • Install background guard
   • Install scan via context menu
3. Launch ewido, there should be an icon on your desktop, double-click it.
4. The program will now open to the main screen.
5. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
6. You will need to update ewido to the latest definition files.
   • On the left hand side of the main screen click update.
   • Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed.
   (the status bar at the bottom will display ("Update successful" )

If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Once the updates are installed do the following:

• Open up Ewido
• Click on scanner
• Click on Complete System Scan and the scan will begin.
• You will be prompted to clean the first infection.
• Select "Perform action on all infections", then proceed.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop or a location where you can find it easily.
• Close ewido anti-malware.

Reboot.

sorry my bad

I cant see anything wrong with this log except the following

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

Plz check this and click on fix checked.

True

Post back as soon as you can w/ those logs

I want you to try one more scanner first
Plz Download Ewido from here

1. Install ewido anti-malware
2. When installing, under "Additional Options" uncheck..
   • Install background guard
   • Install scan via context menu
3. Launch ewido, there should be an icon on your desktop, double-click it.
4. The program will now open to the main screen.
5. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
6. You will need to update ewido to the latest definition files.
   • On the left hand side of the main screen click update.
   • Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed.
   (the status bar at the bottom will display ("Update successful" )

If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Once the updates are installed do the following:

• Open up Ewido
• Click on scanner
• Click on Complete System Scan and the scan will begin.
• You will be prompted to clean the first infection.
• Select "Perform action on all infections", then proceed.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop or a location where you can find it easily.
• Close ewido anti-malware.

…

im 75% sure that these 2 are malware and key processes for the pop-ups

C:\WINDOWS\SmFzb24\command.exe
C:\Program Files\Network Monitor\netmon.exe

i dont know if this is adware caused or not but sometimes the computer will randomly shut down on its own from an improperly working fan so you might want to check that

try using xoftspy and get the serial key from theserials.com
i dont recommend going to theserials.com unless you have norton or are using a mozilla firefox browser because if you use internet explorer it will automaticly download some nasty adware