Lately I've been getting Lysol and Electrosol ads (along with many other adverts) playing through my computer speakers with nothing opened, along with Adverts coming through Internet Explorer, because Explorer sucks, although I never use it anyways. (Ads do not come through Firefox.)
Anyways, Norton doesn't say anything's up so I decided to use some free Anti-Spyware which says I have 4 or 5 low level Malware/Spyware conditions and then a pretty high-level one which it states will "cause adverts to pop up" possibly through speakers, etc.
I'm just going to assume that the "Antispyware - ON" button for Norton is just for looks and ask anybody if I can fix this/if somebody can direct me to a free Scan+Fix Anti-spyware program for Windows.
[edit: Changed subject to reflect issue.]
Message Edited by shannons on 06-23-2009 01:33 PM
Stu
June 23, 2009, 6:59pm
2
What version of Norton are you using?
Norton Internet Security as far as I know
As Stu requested, some information on your operating system and service packs would be helpful. Are you using Norton Internet Security or Norton Antivirus? The version # is under Help & Support, about in newer versions. If you have NAV, what are you using for a firewall?
Do you have any other security software running with Norton?
There are many different ways and reasons for becoming infected.
I'm using Windows Vista 64Bit Home
I've never had any virus problems but lately there's been adware on my computer and I'm about to strangle the Lysol Disinfectant lady.^^
I'm not an extensive software downloade. Lately I've downloaded a few encoders but this was after the problems with adware so I don't think they affected anything. Most of them are gone now anyways.
Norton Internet Security
Version : 16.5.0.135
No I don't have any other security software running with Norton
Message Edited by furified on 06-23-2009 12:09 PM
Message Edited by furified on 06-23-2009 12:14 PM
Stu
June 23, 2009, 7:28pm
6
when was your last full scan?
Yesterday, and I am currently doing a full system sweep again today.
Can you download the free version of Malwarebytes, install, update, disable your system restore, and run a full scan. This is a good on-demand scanner for occasional checks. Most of us run another on-demand scanner.
http://www.malwarebytes.org
Also give us a Hijackthis log, which will identify any minor malware that might be causing the attack of the Lysol lady.
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cndt http://go.microsoft.com/fwlink/?LinkId=54896 http://www.google.ca/ http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cndt http://go.microsoft.com/fwlink/?LinkId=54896 http://go.microsoft.com/fwlink/?LinkId=54896 http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cndt http://www.neopets.com/games/dgs/play_shockwave.phtml?va=&game_id=473&nc_referer=&age=0&hiscore=&sp=0&questionSet=&r=4049075&width=600&height=440&quality=high "http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.7.109.cab http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-ca.cab http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Logfile of Trend Micro HijackThis v2.0.2
Also it can't access my Host Files. : / at least it says that
Message Edited by furified on 06-23-2009 01:04 PM
Wow, that was fast.
thanks
Message Edited by delphinium on 06-24-2009 08:07 AM
Logfile of Trend Micro HijackThis v2.0.2
For Some Reason your System denied write access to the Host files. If any hijacked domains are in this File, hijackthis may not be able to fix this.
Logfile of Trend Micro HijackThis v2.0.2
Also it can't access my Host Files. : / at least it says that
Logfile of Trend Micro HijackThis v2.0.2
Also it can't access my Host Files. : / at least it says that
So far I have 44 objects infected with Malwarebytes, is that bad?
Oops… it went to page 2 and I was wonderign where all my messages went. xD
Stu
June 23, 2009, 8:10pm
16
We read all your posts ;)
that sdoens't suond that well. Do you have a log?
The following entries from the Hijackthis log seems to be malicious and can be fixed. Run the scan from Hijackthis, select only the following entries and then click Fix.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetu p1.0.1.1.cab
Since you were able to download it, try going into the Malwarebytes program and rename the executable file to road.exe. That might allow it to run properly. We can tell how bad it is without a look at the log. Did you go ahead and remove what MBAM found.
Try the scan again in safe mode. Reboot and tap F8 repeatedly until a menu comes up. Choose safe mode without networking.
Run again.
I get to check the log after it's done but here's a picture for your worries. 2 more objects infected since this picture but it's calmed down.
Malwarebytes’ Anti-Malware 1.38
