Overclock.net › Forums › Software, Programming and Coding › Operating Systems › ad.firstadsolution.com problem...
New Posts  All Forums:Forum Nav:

ad.firstadsolution.com problem...

post #1 of 6
Thread Starter 
Hey guys have tried everything I could possibly think of to remove this malware..

Spybot S&D
Adaware
AVG Virus, Spyware, Malware cleaners..

Cleaned all cookies and temp files.. but it still persists..hijack log follows..Any help is greatly appreciated..

Logfile of HijackThis v1.99.1
Scan saved at 4:19:49 AM, on 11/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\system32\
vsvc32.exe
C:\\WINDOWS\\Explorer.EXE
C:\\WINDOWS\\system32\\wscntfy.exe
C:\\WINDOWS\\System32\
vraidservice.exe
C:\\WINDOWS\\system32\
undll32.exe
C:\\Program Files\\No-IP\\DUC20.exe
c:\\progra~1\\intern~1\\iexplore.exe
C:\\Program Files\\Internet Explorer\\iexplore.exe
C:\\WINDOWS\\System32\\wbem\\unsecapp.exe
C:\\Program Files\\Common Files\\AOL\\1163459749\\ee\\aolsoftware.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe
C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgamsvr.exe
C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgupsvc.exe
C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\guard.exe
C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe
C:\\Program Files\\TightVNC\\WinVNC.exe
C:\\Program Files\\HijackThis.exe

O4 - HKLM\\..\\Run: [NVRaidService] C:\\WINDOWS\\System32\
vraidservice.exe
O4 - HKLM\\..\\Run: [nwiz] nwiz.exe /install
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [!AVG Anti-Spyware] "C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe" /minimized
O4 - HKCU\\..\\Run: [stupid open] C:\\DOCUME~1\\Gremlin\\APPLIC~1\\playonce\\KEEP SECT.exe
O4 - HKCU\\..\\RunOnce: [ICQ Lite] C:\\Program Files\\ICQLite\\ICQLite.exe -trayboot
O4 - Startup: No-IP DUC.lnk = C:\\Program Files\\No-IP\\DUC20.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office12\\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\\Program Files\\Common Files\\Microsoft Shared\\OFFICE12\\MSOXMLMF.DLL
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\
vsvc32.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\\Program Files\\TightVNC\\WinVNC.exe" -service (file missing)
post #2 of 6
Thread Starter 
Cmon guys there has to be soeone that has seen this malware and knows how to get rid of it

Its just getting annoying ive tried every scanner I can think of..

AVG everything from there... Ad-Aware.. Spybot S&D cleared all cache folders all temp folders checked my add/remove prog nothing there that shouldnt be... I am running the active guard from AVG for spyware/malware as well as the AVG Antivirus protectino and yet this little !!@#$!#$@ of a popup still pops! grrrr!
post #3 of 6
Thread Starter 
btw I remote desktop from work so.. thats whythe no-ip and VNC's are in the hijack log
post #4 of 6
scan with ad adware in safe mode then use a regrisrty cleaner and try some other adware scanner after if that dont work
DA RIG
(13 items)
 
  
CPUMotherboardGraphicsRAM
athlon 3800+ ASUS A8N-ASUS A8N-SLI 939 NVIDIA nForce4 2X 7600GS 512mb 3gb 
Hard DriveOSKeyboardPower
500gb windows xp pro Rosewill RK-100 Black 107 Normal Keys USB Standard Apevia turbolink 500watts 
Case
12-Bay ATX Computer Case (Black) 
  hide details  
Reply
DA RIG
(13 items)
 
  
CPUMotherboardGraphicsRAM
athlon 3800+ ASUS A8N-ASUS A8N-SLI 939 NVIDIA nForce4 2X 7600GS 512mb 3gb 
Hard DriveOSKeyboardPower
500gb windows xp pro Rosewill RK-100 Black 107 Normal Keys USB Standard Apevia turbolink 500watts 
Case
12-Bay ATX Computer Case (Black) 
  hide details  
Reply
post #5 of 6
ccleaner.com
FX 8320 STOCK
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8320 stock Biostar TA970 ATi 4870 X2 16G GSkill Ripjaws ddr1866 
Hard DriveOptical DriveOSMonitor
1 TB WD Black + 500 Seagate Sony DVD burner, Samsung CD burner windows 7 ultimate X64 IPS LG 23" LED+ 24" Samsung WS LCD 
KeyboardPowerCaseMouse
Logitech Multimedia 800W Visiontek Gold Full ATX MX518-2nd one :( 
Mouse Pad
12"x18" 
  hide details  
Reply
FX 8320 STOCK
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8320 stock Biostar TA970 ATi 4870 X2 16G GSkill Ripjaws ddr1866 
Hard DriveOptical DriveOSMonitor
1 TB WD Black + 500 Seagate Sony DVD burner, Samsung CD burner windows 7 ultimate X64 IPS LG 23" LED+ 24" Samsung WS LCD 
KeyboardPowerCaseMouse
Logitech Multimedia 800W Visiontek Gold Full ATX MX518-2nd one :( 
Mouse Pad
12"x18" 
  hide details  
Reply
post #6 of 6
Can't see anything in your HijackThis log, sorry.
#well
(18 items)
 
Lenovo L530
(8 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7 4770k Gigabyte Z87X-UD4H Sapphire RX 580 Corsair CMX8GX3M2A2000C9 
Hard DriveOptical DriveCoolingOS
Samsung 840 EVO Generic DVD±RW Burner Noctua NH-D14 Windows 10 
MonitorMonitorKeyboardPower
Dell U2711 Samsung SyncMaster 2233 Ducky DK9008 Overclock.net Edition, Cherry MX B... Corsair TX850 
CaseMouseMouse PadAudio
Fractal Design Core 2500 Logitech G303 QPAD HeatoN L M-Audio Fast Track USB 
AudioAudio
Beyerdynamic DT-770 80 Ohm AntLion ModMic v3 
CPUGraphicsRAMRAM
Intel Ivy Bridge 3210M Intel HD 4000 Graphics Soldered Corsair Vengeance  
Hard DriveOptical DriveOSMonitor
500GB DVD-+RW Windows 7 Professional 1600x900 
  hide details  
Reply
#well
(18 items)
 
Lenovo L530
(8 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7 4770k Gigabyte Z87X-UD4H Sapphire RX 580 Corsair CMX8GX3M2A2000C9 
Hard DriveOptical DriveCoolingOS
Samsung 840 EVO Generic DVD±RW Burner Noctua NH-D14 Windows 10 
MonitorMonitorKeyboardPower
Dell U2711 Samsung SyncMaster 2233 Ducky DK9008 Overclock.net Edition, Cherry MX B... Corsair TX850 
CaseMouseMouse PadAudio
Fractal Design Core 2500 Logitech G303 QPAD HeatoN L M-Audio Fast Track USB 
AudioAudio
Beyerdynamic DT-770 80 Ohm AntLion ModMic v3 
CPUGraphicsRAMRAM
Intel Ivy Bridge 3210M Intel HD 4000 Graphics Soldered Corsair Vengeance  
Hard DriveOptical DriveOSMonitor
500GB DVD-+RW Windows 7 Professional 1600x900 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Operating Systems
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › ad.firstadsolution.com problem...