Quantcast
Channel: Tech Support Forum - Virus/Trojan/Spyware Help
Viewing all articles
Browse latest Browse all 2798

Pop up won't go away; freezes computer

$
0
0
I recently downloaded a piece of old software (VLC) and got an extra added attraction. It is a POP-UP stating "Window Browswer Warning" and it won't go away or allow me to access any other programs. It also causes a "PC Support Messages.com" to appear and that one also won't go away. They both occur mainly when I am in Google Chrome. The only way to temporarily remove them is to go to Task Manager and cancel them. I tried scanning my Norton Security Suite and Loaris Trojan Remover but the malware still returns. How can I remove these pests once an for all? Thanks.

This was a very tedious exercise since loading ark.txt took over 4 hours. The annoying pop-ups occur mainly when google chrome is in use.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 11.40.2
Run by Leon at 11:25:54 on 2015-04-09
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.1449 [GMT -4:00]
.
AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\AntiLogger\AntiLogger.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton Security Suite\Engine\21.7.0.11\N360.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\uRUdwnC\NbUBeIpJmm.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton Security Suite\Engine\21.7.0.11\N360.exe
C:\Program Files\Norton Security Suite\Engine\21.7.0.11\conathst.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\NetEngine\bin\D5\netengine.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFTips.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\All Users.WINDOWS\Application Data\uRUdwnC\dat\RnINJTiRM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://services.freshy.com/general/newhometab.php?hometab=home&partner=11083&guid={A33A6430-2837-43E8-B0EC-303111DAC119}&i=
uURLSearchHooks: {D8278076-BC68-4484-9233-6E7F1628B56C} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\21.7.0.11\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\21.7.0.11\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_40\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_40\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\21.7.0.11\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\21.7.0.11\coieplg.dll
TB: FindWide Toolbar: {84CF8679-8F59-427B-B240-FB67A59B3671} - c:\program files\tnt2\2.0.0.1966\ietoolbar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AntiLogger] "c:\program files\antilogger\AntiLogger.exe" /minimized
mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{20E7BBBA-CCBD-471F-BC79-14DE43EA00F9} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\belarcadvisor\system\BAVoilaX.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\41.0.2272.118\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 FSProFilter;FSPro File Filter;c:\windows\system32\drivers\FSPFltd.sys [2014-11-23 41912]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1507000.00b\symds.sys [2015-4-8 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1507000.00b\symefa.sys [2015-4-8 936152]
R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [2015-1-6 80104]
R1 BHDrvx86;BHDrvx86;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\bashdefs\20150321.001\BHDrvx86.sys [2015-3-24 1164504]
R1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\n360\1507000.00b\ccsetx86.sys [2015-4-8 127064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-4-8 23840]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1507000.00b\ironx86.sys [2015-4-8 209624]
R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2015-3-13 344864]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\21.7.0.11\n360.exe [2015-4-8 265000]
R2 NbUBeIpJmm;NbUBeIpJmm;c:\documents and settings\all users.windows\application data\urudwnc\NbUBeIpJmm.exe [2015-4-7 2729944]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1483072]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2015-4-3 111408]
R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2015-3-13 247968]
R3 IDSxpx86;IDSxpx86;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\ipsdefs\20150408.001\IDSXpx86.sys [2015-4-9 478352]
R3 NAVENG;NAVENG;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\virusdefs\20150408.018\NAVENG.SYS [2015-4-9 95704]
R3 NAVEX15;NAVEX15;c:\program files\norton security suite\nortondata\21.1.0.18\definitions\virusdefs\20150408.018\NAVEX15.SYS [2015-4-9 1636696]
R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2015-3-13 31776]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-8-19 10064]
R3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2015-3-13 17360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2015-1-28 517464]
S2 LiveUpdateSvc;LiveUpdate;c:\program files\iobit\liveupdate\LiveUpdate.exe [2014-8-27 2724128]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2014-11-20 20160]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
ShellExec: FRONTPG.EXE: edit=c:\progra~1\micros~2\office\FRONTPG.EXE
.
=============== Created Last 30 ================
.
2015-04-08 20:55:18 -------- d-----w- c:\documents and settings\all users.windows\application data\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-04-08 20:52:04 -------- d-----w- c:\program files\common files\IObit
2015-04-08 20:42:32 -------- d-----w- c:\documents and settings\all users.windows\application data\ProductData
2015-04-08 20:37:12 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2015-04-08 13:02:41 936152 ----a-w- c:\windows\system32\drivers\n360\1507000.00b\symefa.sys
2015-04-08 13:02:41 664792 ----a-w- c:\windows\system32\drivers\n360\1507000.00b\srtsp.sys
2015-04-08 13:02:41 447704 ----a-w- c:\windows\system32\drivers\n360\1507000.00b\symnets.sys
2015-04-08 13:02:41 423256 ----a-w- c:\windows\system32\drivers\n360\1507000.00b\symtdi.sys
2015-04-08 13:02:41 384728 ----a-w- c:\windows\system32\drivers\n360\1507000.00b\symtdiv.sys
2015-04-08 13:02:41 367704 ----a-r- c:\windows\system32\drivers\n360\1507000.00b\symds.sys
2015-04-08 13:02:41 32984 ----a-w- c:\windows\system32\drivers\n360\1507000.00b\srtspx.sys
2015-04-08 13:02:41 21520 ----a-r- c:\windows\system32\drivers\n360\1507000.00b\symelam.sys
2015-04-08 13:02:41 209624 ----a-w- c:\windows\system32\drivers\n360\1507000.00b\ironx86.sys
2015-04-08 13:02:41 127064 ----a-r- c:\windows\system32\drivers\n360\1507000.00b\ccsetx86.sys
2015-04-08 13:02:12 30068 ----a-w- c:\windows\system32\drivers\n360\1507000.00b\symvtcer.dat
2015-04-08 13:02:12 -------- d-----w- c:\windows\system32\drivers\n360\1507000.00B
2015-04-08 12:50:44 -------- d-----w- c:\documents and settings\leon.magill-esfcnzwo\local settings\application data\CrimeWatch
2015-04-08 12:46:42 -------- d-----w- c:\documents and settings\all users.windows\application data\NetEngine
2015-04-08 03:18:30 -------- d-----w- c:\documents and settings\all users.windows\application data\T122078ED
2015-04-08 03:13:29 -------- d-----w- c:\documents and settings\all users.windows\application data\CrimeWatch
2015-04-08 03:13:17 -------- d-----w- c:\documents and settings\all users.windows\application data\uRUdwnC
2015-04-08 03:10:35 -------- d-----w- c:\program files\TNT2
2015-04-03 19:40:29 -------- d-----w- c:\documents and settings\leon.magill-esfcnzwo\application data\AudioCD
2015-04-03 13:27:02 -------- d-----w- c:\documents and settings\leon.magill-esfcnzwo\application data\Engelmann Media
2015-03-31 21:30:38 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-03-31 21:30:16 -------- d-----w- c:\documents and settings\leon.magill-esfcnzwo\local settings\application data\Sun
2015-03-31 21:27:47 -------- d-----w- c:\documents and settings\all users.windows\application data\Oracle
2015-03-13 15:05:21 -------- d-----w- c:\documents and settings\leon.magill-esfcnzwo\application data\ProductData
2015-03-13 15:04:42 -------- d-----w- c:\documents and settings\leon.magill-esfcnzwo\LocalLow
2015-03-13 15:04:38 -------- d-----w- c:\documents and settings\all users.windows\application data\IObit
2015-03-13 15:04:31 -------- d-----w- c:\documents and settings\leon.magill-esfcnzwo\application data\IObit
2015-03-11 17:38:17 5632 ----a-w- c:\windows\system32\ptpusb.dll
2015-03-11 17:38:13 159232 ----a-w- c:\windows\system32\ptpusd.dll
.
==================== Find3M ====================
.
2015-03-31 21:28:35 146432 ----a-w- c:\windows\system32\javacpl.cpl
2015-02-05 21:12:57 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 21:12:54 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-07 22:20:00 9357824 ----a-w- c:\program files\common files\lpuninstall.exe
2003-08-27 19:19:18 36963 ----a-r- c:\program files\common files\SM1updtr.dll
.
============= FINISH: 11:27:00.03 ===============

Attached Files
File Type: txt attach.txt (15.6 KB)
File Type: txt ark.txt (28.4 KB)

Viewing all articles
Browse latest Browse all 2798

Trending Articles